denzel1990

edit: Klachten nu zijn af en toe heel erg sloom en het lijkt wel alsof hij de hele tijd verspringt in word dus dan ben ik aan het typen en gaat ie ineens 3 paginas terug.

Mijn laptop heeft rare kuren de laatste tijd. MBAM en windows defender kunnen niks vinden, dus hopelijk kunnen jullie mij helpen. Het RSIT logje: Logfile of random's system information tool 1.10 (written by random/random) Run by d at 2015-12-21 09:37:07 Microsoft Windows 8.1 System drive C: has 486 GB (69%) free of 701 GB Total RAM: 6013 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:37:14, on 21-12-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.18123) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell Update\DellUpTray.exe C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Users\d\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Citrix\ICA Client\redirector.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\d.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [uTorrent] "C:\Users\d\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\d\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - Startup: Dropbox.lnk = C:\Users\d\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dell.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: postgresql-x64-9.0 - PostgreSQL Server 9.0 (postgresql-x64-9.0) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.6 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 15751 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted "dwm.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\WLANExt.exe 475403165232 \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Conexant\SA3\CxUtilSvc.exe" C:\WINDOWS\System32\svchost.exe -k utcsvc "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "c:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" dashost.exe {493b48a6-09e8-46b8-856daf77fb4f81d7} "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe" "C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe" runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w "C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" -D "C:/Program Files/PostgreSQL/9.0/data" \??\C:\WINDOWS\system32\conhost.exe 0x4 "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forklog" "4640" "4644" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4520" "-x3" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "4516" "-x4" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkavlauncher" "4488" "C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkcol" "4480" "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation atieclxx "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" "C:\Program Files (x86)\Dell Update\DellUpService.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe" C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\Explorer.EXE /x /hideintroballoon /launchedbywindowsservice "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe" igfxEM.exe igfxHK.exe "C:\Windows\System32\SettingSyncHost.exe" -Embedding C:\Windows\System32\skydrive.exe -Embedding C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files\Conexant\SA3\SmartAudio3.exe" /sa3 /nv:3.0+ /dne /s taskhostex.exe "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Elantech\ETDGesture.exe" "C:\Users\d\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\WINDOWS\system32\GWX\GWX.exe" "C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe" -autoupdate -startplugins -disableshowcontrolpanel "C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe" "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\d "C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 taskhost.exe "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:11.0 /MODE:3 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store C:\Windows\System32\RuntimeBroker.exe -Embedding C:\WINDOWS\WinStore\WSHost.exe -Embedding "C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_6.3.9600.20278_x64__8wekyb3d8bbwe\Numbers.exe" -ServerName:App.AppXs41tg2tx0k37vmfvyzc3vf6ap3bj1ae6.mca "C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe" -reconnectappsatstartup "C:\Program Files\My Dell\uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently "C:\Program Files\Windows Defender\MSASCui.exe" "C:\Program Files\CCleaner\CCleaner64.exe" /monitor "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe92_ Global\UsGthrCtrlFltPipeMssGthrPipe92 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 "C:\Users\d\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1543731264-2182944065-3015055004-1001Core.job - C:\Users\d\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1543731264-2182944065-3015055004-1001UA.job - C:\Users\d\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\ec9sa9mv.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 20.0.0.235 Plugin "Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican] "Description"=Citrix ICA Client Plugin "Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame] "Description"=Nexon Game Controller "Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 20.0.0.235 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL C:\Program Files (x86)\Mozilla Firefox\plugins\ npMeetingJoinPluginOC.dll nppdf32.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10 205472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2013-07-13 2328776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2013-07-13 1724616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-01-10 2774864] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-10-01 448912] "QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2013-03-05 5762408] "SmartAudio"=C:\Program Files\CONEXANT\SA3\SACpl.exe [2012-06-13 1647616] "IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-09-30 11582848] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-11-04 22790776] "uTorrent"=C:\Users\d\AppData\Roaming\uTorrent\uTorrent.exe [2015-12-03 2026520] "Dropbox Update"=C:\Users\d\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2012-11-30 56128] "RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-10-23 102928] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2015-09-13 518456] "Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2015-09-13 231736] C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\d\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2015-12-21 09:37:07 ----D---- C:\rsit 2015-12-21 09:37:07 ----D---- C:\Program Files\trend micro 2015-12-20 12:10:20 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-12-19 10:40:04 ----D---- C:\be926f25b7b4728bd5040484563326 2015-12-08 21:20:13 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys 2015-12-08 21:19:37 ----A---- C:\WINDOWS\system32\win32k.sys 2015-12-08 21:19:37 ----A---- C:\WINDOWS\system32\DWrite.dll 2015-12-08 21:19:36 ----A---- C:\WINDOWS\system32\user32.dll 2015-12-08 21:19:36 ----A---- C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 21:19:36 ----A---- C:\WINDOWS\system32\FntCache.dll 2015-12-08 21:19:35 ----A---- C:\WINDOWS\SYSWOW64\user32.dll 2015-12-08 21:19:35 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll 2015-12-08 21:19:35 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll 2015-12-08 21:19:31 ----A---- C:\WINDOWS\system32\dpapisrv.dll 2015-12-08 21:19:04 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-08 21:19:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll 2015-12-08 21:18:59 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL 2015-12-08 21:18:59 ----A---- C:\WINDOWS\system32\KBDAZST.DLL 2015-12-08 21:18:59 ----A---- C:\WINDOWS\system32\KBDAZE.DLL 2015-12-08 21:18:58 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll 2015-12-08 21:18:58 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL 2015-12-08 21:18:58 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL 2015-12-08 21:18:58 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll 2015-12-08 21:18:58 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-08 21:18:58 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll 2015-12-08 21:18:57 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-08 21:18:51 ----A---- C:\WINDOWS\system32\mshtml.dll 2015-12-08 21:18:48 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2015-12-08 21:18:30 ----A---- C:\WINDOWS\system32\jscript9.dll 2015-12-08 21:18:27 ----A---- C:\WINDOWS\system32\ieframe.dll 2015-12-08 21:18:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2015-12-08 21:18:23 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2015-12-08 21:18:21 ----A---- C:\WINDOWS\system32\wininet.dll 2015-12-08 21:18:20 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2015-12-08 21:18:20 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll 2015-12-08 21:18:20 ----A---- C:\WINDOWS\system32\vbscript.dll 2015-12-08 21:18:20 ----A---- C:\WINDOWS\system32\ieui.dll 2015-12-08 21:18:19 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll 2015-12-08 21:18:19 ----A---- C:\WINDOWS\system32\urlmon.dll 2015-12-08 21:18:18 ----A---- C:\WINDOWS\system32\iertutil.dll 2015-12-08 21:18:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll 2015-12-08 21:18:17 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll 2015-12-08 21:18:17 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2015-12-08 21:18:17 ----A---- C:\WINDOWS\system32\jscript.dll 2015-12-08 21:18:16 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll 2015-12-08 21:18:16 ----A---- C:\WINDOWS\system32\msfeeds.dll 2015-12-08 21:18:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll 2015-12-08 21:18:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll 2015-12-08 21:18:14 ----A---- C:\WINDOWS\system32\inetcomm.dll 2015-12-08 21:18:14 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2015-12-08 21:18:14 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2015-12-08 21:18:13 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll 2015-12-08 21:18:13 ----A---- C:\WINDOWS\system32\mshtmled.dll 2015-12-08 21:18:12 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll 2015-12-08 21:18:12 ----A---- C:\WINDOWS\system32\webcheck.dll 2015-12-08 21:18:12 ----A---- C:\WINDOWS\system32\iepeers.dll 2015-12-08 21:18:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2015-12-08 21:18:11 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll 2015-12-08 21:18:11 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll 2015-12-08 21:18:11 ----A---- C:\WINDOWS\system32\dxtrans.dll 2015-12-08 21:18:11 ----A---- C:\WINDOWS\system32\actxprxy.dll 2015-12-08 21:18:10 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll 2015-12-08 21:18:10 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll 2015-12-08 21:17:05 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll 2015-12-08 21:17:05 ----A---- C:\WINDOWS\system32\msctf.dll 2015-12-08 21:17:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2015-12-08 21:17:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll 2015-12-08 21:17:01 ----A---- C:\WINDOWS\system32\winload.exe 2015-12-08 21:17:01 ----A---- C:\WINDOWS\system32\ntdll.dll 2015-12-08 21:17:01 ----A---- C:\WINDOWS\system32\comsvcs.dll 2015-12-08 21:17:00 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll 2015-12-08 21:17:00 ----A---- C:\WINDOWS\system32\winresume.exe 2015-12-08 21:16:59 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll 2015-12-08 21:16:59 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll 2015-12-08 21:16:59 ----A---- C:\WINDOWS\system32\ntvdm64.dll 2015-12-08 21:16:59 ----A---- C:\WINDOWS\system32\catsrvut.dll 2015-12-08 21:16:40 ----A---- C:\WINDOWS\system32\authui.dll 2015-12-08 21:16:39 ----A---- C:\WINDOWS\SYSWOW64\authui.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wuwebv.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wups2.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wucltux.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wuaueng.dll 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wuauclt.exe 2015-12-08 21:16:37 ----A---- C:\WINDOWS\system32\wuapi.dll 2015-12-08 21:16:36 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll 2015-12-08 21:16:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll 2015-12-08 21:16:36 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe 2015-12-08 21:16:36 ----A---- C:\WINDOWS\system32\wudriver.dll 2015-12-08 21:16:36 ----A---- C:\WINDOWS\system32\wuapp.exe 2015-12-08 21:16:31 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll 2015-12-08 21:16:31 ----A---- C:\WINDOWS\system32\PCPKsp.dll 2015-12-08 21:16:29 ----A---- C:\WINDOWS\system32\drivers\usbport.sys 2015-12-08 21:16:29 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS 2015-12-08 21:16:29 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys 2015-12-08 21:16:29 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys 2015-12-08 21:16:28 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys 2015-12-08 21:16:28 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys 2015-12-08 21:16:28 ----A---- C:\WINDOWS\system32\drivers\usbd.sys 2015-12-08 21:16:27 ----A---- C:\WINDOWS\system32\winlogon.exe 2015-12-08 21:16:27 ----A---- C:\WINDOWS\system32\wininit.exe 2015-11-17 21:08:57 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\schannel.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\ncryptsslp.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\ncrypt.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\lsasrv.dll 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\drivers\cng.sys 2015-11-17 21:08:57 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll 2015-11-17 21:08:56 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll 2015-11-17 21:08:56 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll 2015-11-17 21:08:56 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll 2015-11-17 21:08:56 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys 2015-11-17 21:08:56 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys 2015-11-17 21:08:56 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys 2015-11-17 21:08:56 ----A---- C:\WINDOWS\system32\certcli.dll 2015-11-17 21:08:55 ----A---- C:\WINDOWS\system32\drivers\tpm.sys 2015-11-17 21:08:54 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll 2015-11-17 21:08:54 ----A---- C:\WINDOWS\system32\gdi32.dll 2015-11-17 21:08:50 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll 2015-11-17 21:08:50 ----A---- C:\WINDOWS\system32\untfs.dll 2015-11-17 21:08:50 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys 2015-11-17 21:08:49 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll 2015-11-17 21:08:49 ----A---- C:\WINDOWS\system32\puiobj.dll 2015-11-17 21:08:49 ----A---- C:\WINDOWS\system32\localspl.dll 2015-11-17 21:08:49 ----A---- C:\WINDOWS\system32\drivers\tdx.sys 2015-11-17 21:08:49 ----A---- C:\WINDOWS\system32\drivers\afd.sys 2015-11-17 21:08:49 ----A---- C:\WINDOWS\system32\AuthHost.exe 2015-11-17 21:08:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll 2015-11-17 21:08:48 ----A---- C:\WINDOWS\system32\kerberos.dll 2015-11-17 21:03:35 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll 2015-11-17 21:03:35 ----A---- C:\WINDOWS\system32\nshwfp.dll 2015-11-17 21:03:35 ----A---- C:\WINDOWS\system32\IKEEXT.DLL 2015-11-17 21:03:35 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL 2015-11-17 21:03:35 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys 2015-11-17 21:03:35 ----A---- C:\WINDOWS\system32\BFE.DLL 2015-11-17 21:03:34 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL 2015-11-17 21:03:22 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-10-25 17:13:03 ----D---- C:\Users\d\AppData\Roaming\ICAClient 2015-10-25 17:12:43 ----D---- C:\ProgramData\Citrix 2015-10-25 17:12:02 ----D---- C:\Program Files (x86)\Citrix 2015-10-25 00:53:05 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2015-10-25 00:53:04 ----A---- C:\WINDOWS\system32\msv1_0.dll 2015-10-25 00:53:02 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll 2015-10-25 00:53:02 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll 2015-10-25 00:53:02 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys 2015-10-25 00:52:49 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-10-25 00:52:48 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll 2015-10-25 00:52:48 ----A---- C:\WINDOWS\system32\audiosrv.dll 2015-10-25 00:52:43 ----A---- C:\WINDOWS\system32\msi.dll 2015-10-25 00:52:42 ----A---- C:\WINDOWS\SYSWOW64\msi.dll 2015-10-25 00:52:38 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe 2015-10-25 00:52:33 ----A---- C:\WINDOWS\system32\msiexec.exe 2015-10-24 09:30:57 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-10-24 09:30:57 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-10-24 07:34:53 ----D---- C:\Program Files (x86)\Dell Update 2015-10-24 07:34:16 ----D---- C:\Program Files (x86)\Dell Customer Connect 2015-10-24 07:22:20 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll 2015-10-24 07:22:20 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll 2015-10-24 07:22:20 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll 2015-10-24 07:22:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll 2015-10-24 07:22:17 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll 2015-10-24 07:22:17 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll 2015-10-24 07:22:17 ----A---- C:\WINDOWS\system32\d2d1.dll 2015-10-24 07:22:16 ----A---- C:\WINDOWS\system32\shell32.dll 2015-10-24 07:22:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll 2015-10-24 07:22:13 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll 2015-10-24 07:22:13 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll 2015-10-24 07:22:13 ----A---- C:\WINDOWS\system32\msxml6.dll 2015-10-24 07:22:13 ----A---- C:\WINDOWS\system32\msxml3.dll 2015-10-24 07:22:12 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll 2015-10-24 07:22:12 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll 2015-10-24 07:22:12 ----A---- C:\WINDOWS\system32\WebClnt.dll 2015-10-24 07:22:12 ----A---- C:\WINDOWS\system32\davclnt.dll 2015-10-24 07:22:10 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll 2015-10-24 07:22:10 ----A---- C:\WINDOWS\system32\netcfgx.dll 2015-10-24 07:22:10 ----A---- C:\WINDOWS\system32\drivers\ndis.sys 2015-10-24 07:22:10 ----A---- C:\WINDOWS\system32\csrsrv.dll 2015-10-24 07:22:10 ----A---- C:\WINDOWS\system32\basesrv.dll 2015-10-24 07:22:09 ----A---- C:\WINDOWS\system32\mstscax.dll 2015-10-24 07:22:08 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll 2015-10-24 07:22:08 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll 2015-10-24 07:22:08 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll 2015-10-24 07:22:08 ----A---- C:\WINDOWS\system32\rdvidcrl.dll 2015-10-24 07:22:08 ----A---- C:\WINDOWS\system32\NcdAutoSetup.dll 2015-10-24 07:22:07 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe 2015-10-24 07:22:07 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\taskeng.exe 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\schtasks.exe 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\schedsvc.dll 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\sermouse.sys 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys 2015-10-24 07:22:07 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys 2015-10-24 07:22:03 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys 2015-10-24 07:22:02 ----A---- C:\WINDOWS\system32\sysmain.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\invagent.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\generaltel.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\devinv.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\appraiser.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\aeinv.dll 2015-10-24 07:22:01 ----A---- C:\WINDOWS\system32\acmigration.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\ucrtbase.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-24 07:22:00 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-24 07:21:59 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe 2015-10-24 07:21:59 ----A---- C:\WINDOWS\system32\notepad.exe 2015-10-24 07:21:59 ----A---- C:\WINDOWS\system32\fhcpl.dll 2015-10-24 07:21:59 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS 2015-10-24 07:21:59 ----A---- C:\WINDOWS\notepad.exe 2015-10-24 07:21:58 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll 2015-10-24 07:21:58 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll 2015-10-24 07:21:58 ----A---- C:\WINDOWS\system32\KernelBase.dll 2015-10-24 07:21:58 ----A---- C:\WINDOWS\system32\advapi32.dll 2015-10-24 07:21:53 ----A---- C:\WINDOWS\SYSWOW64\wups.dll 2015-10-24 07:21:53 ----A---- C:\WINDOWS\system32\wups.dll 2015-10-24 07:21:53 ----A---- C:\WINDOWS\system32\WinSetupUI.dll 2015-10-24 07:21:46 ----A---- C:\WINDOWS\SYSWOW64\InkEd.dll 2015-10-24 07:21:46 ----A---- C:\WINDOWS\system32\InkEd.dll 2015-10-24 07:21:45 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys 2015-10-24 07:21:44 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys 2015-10-24 07:21:44 ----A---- C:\WINDOWS\system32\drivers\bthport.sys 2015-10-24 07:21:43 ----A---- C:\WINDOWS\system32\WSShared.dll 2015-10-24 07:21:42 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll 2015-10-24 07:21:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-10-24 07:21:42 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-10-24 07:21:39 ----A---- C:\WINDOWS\system32\apphelp.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\system32\shacct.dll 2015-10-24 07:21:38 ----A---- C:\WINDOWS\system32\SettingSync.dll 2015-10-24 07:21:37 ----A---- C:\WINDOWS\system32\consent.exe 2015-10-24 07:21:36 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll 2015-10-24 07:21:36 ----A---- C:\WINDOWS\system32\profsvc.dll 2015-10-24 07:21:36 ----A---- C:\WINDOWS\system32\msftedit.dll 2015-10-24 07:21:35 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll 2015-10-24 07:21:35 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-24 07:21:35 ----A---- C:\WINDOWS\system32\UtcResources.dll 2015-10-24 07:21:35 ----A---- C:\WINDOWS\system32\tdh.dll 2015-10-24 07:21:35 ----A---- C:\WINDOWS\system32\diagtrack.dll 2015-10-24 07:21:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll 2015-10-24 07:21:30 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys 2015-10-24 07:21:29 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys 2015-10-24 07:21:29 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys 2015-10-24 07:21:09 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll 2015-10-24 07:21:09 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2015-10-24 07:21:08 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll 2015-10-24 07:21:07 ----A---- C:\WINDOWS\system32\MshtmlDac.dll 2015-10-24 07:21:02 ----A---- C:\WINDOWS\system32\tzsync.exe 2015-10-24 07:20:59 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll 2015-10-24 07:20:59 ----A---- C:\WINDOWS\system32\fveapi.dll 2015-10-24 07:20:59 ----A---- C:\WINDOWS\system32\bdesvc.dll 2015-10-24 07:20:59 ----A---- C:\WINDOWS\system32\appidsvc.dll 2015-10-24 07:20:59 ----A---- C:\WINDOWS\system32\appidapi.dll 2015-10-24 07:20:50 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll 2015-10-24 07:20:50 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll 2015-10-24 07:20:50 ----A---- C:\WINDOWS\system32\atmlib.dll 2015-10-24 07:20:50 ----A---- C:\WINDOWS\system32\atmfd.dll 2015-10-24 07:19:25 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll 2015-10-24 07:19:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll ======List of files/folders modified in the last 3 months====== 2015-12-21 09:37:07 ----RD---- C:\Program Files 2015-12-21 09:36:46 ----D---- C:\WINDOWS\Prefetch 2015-12-21 09:32:31 ----D---- C:\Users\d\AppData\Roaming\uTorrent 2015-12-21 09:32:09 ----RD---- C:\WINDOWS\System32 2015-12-21 09:32:08 ----D---- C:\WINDOWS\Inf 2015-12-21 09:32:03 ----D---- C:\WINDOWS\SoftwareDistribution 2015-12-21 09:32:03 ----D---- C:\WINDOWS\debug 2015-12-21 09:32:03 ----D---- C:\Windows 2015-12-21 09:32:01 ----D---- C:\WINDOWS\Temp 2015-12-21 09:00:00 ----D---- C:\WINDOWS\system32\sru 2015-12-21 08:51:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-21 08:50:55 ----RD---- C:\Program Files (x86) 2015-12-19 12:25:48 ----D---- C:\WINDOWS\system32\config 2015-12-19 12:13:19 ----SHD---- C:\System Volume Information 2015-12-19 11:59:26 ----D---- C:\WINDOWS\Microsoft.NET 2015-12-19 11:53:18 ----RD---- C:\WINDOWS\assembly 2015-12-19 11:50:49 ----D---- C:\WINDOWS\WinSxS 2015-12-19 11:49:47 ----D---- C:\WINDOWS\SysWOW64 2015-12-19 10:53:43 ----D---- C:\Program Files (x86)\Dell Backup and Recovery 2015-12-19 10:52:09 ----D---- C:\WINDOWS\CbsTemp 2015-12-19 10:50:23 ----D---- C:\Users\d\AppData\Roaming\Dropbox 2015-12-19 10:48:42 ----D---- C:\Temp 2015-12-19 10:45:19 ----A---- C:\WINDOWS\SYSWOW64\log.txt 2015-12-19 10:39:40 ----D---- C:\WINDOWS\system32\DriverStore 2015-12-19 10:39:39 ----D---- C:\WINDOWS\system32\drivers 2015-12-19 10:31:44 ----D---- C:\WINDOWS\SYSWOW64\nl-NL 2015-12-19 10:31:44 ----D---- C:\WINDOWS\system32\nl-NL 2015-12-19 10:31:43 ----D---- C:\Program Files\Internet Explorer 2015-12-19 10:31:43 ----D---- C:\Program Files (x86)\Internet Explorer 2015-12-19 10:31:42 ----RSD---- C:\WINDOWS\Fonts 2015-12-11 18:57:33 ----D---- C:\Users\d\AppData\Roaming\vlc 2015-12-10 21:26:24 ----D---- C:\WINDOWS\system32\MRT 2015-12-10 21:20:17 ----A---- C:\WINDOWS\system32\MRT.exe 2015-12-09 04:39:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2015-12-08 21:14:04 ----D---- C:\WINDOWS\system32\catroot2 2015-12-04 05:44:02 ----SHD---- C:\WINDOWS\Installer 2015-12-04 05:39:36 ----D---- C:\WINDOWS\Tasks 2015-12-01 18:19:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2015-11-28 19:49:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-18 21:54:02 ----D---- C:\WINDOWS\rescache 2015-11-18 21:06:12 ----RD---- C:\WINDOWS\ToastData 2015-11-18 21:06:07 ----D---- C:\WINDOWS\apppatch 2015-11-18 21:05:57 ----D---- C:\Program Files\Windows Defender 2015-11-18 21:05:56 ----SD---- C:\WINDOWS\SYSWOW64\GWX 2015-11-18 21:05:56 ----SD---- C:\WINDOWS\system32\GWX 2015-11-18 21:05:56 ----D---- C:\WINDOWS\WinStore 2015-11-18 21:05:56 ----D---- C:\Program Files (x86)\Windows Defender 2015-11-18 21:05:55 ----SD---- C:\WINDOWS\system32\CompatTel 2015-11-18 21:05:54 ----D---- C:\WINDOWS\system32\wbem 2015-11-18 21:05:54 ----D---- C:\WINDOWS\system32\appraiser 2015-11-18 21:05:51 ----D---- C:\WINDOWS\system32\CodeIntegrity 2015-11-18 21:05:48 ----D---- C:\WINDOWS\system32\drivers\nl-NL 2015-11-18 21:05:47 ----D---- C:\Program Files\Windows Journal 2015-11-18 21:05:46 ----D---- C:\WINDOWS\system32\Boot 2015-11-18 21:05:41 ----D---- C:\WINDOWS\PolicyDefinitions 2015-10-25 17:12:43 ----HD---- C:\ProgramData 2015-10-25 17:12:03 ----D---- C:\Program Files (x86)\Common Files 2015-10-24 16:06:26 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdkmpfd;@oem112.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-07-21 36096] R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-12-04 652344] R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536] R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2015-07-01 144464] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680] R2 TurboB;Turbo Boost UI Monitor driver; C:\WINDOWS\system32\DRIVERS\TurboB.sys [2012-05-30 16168] R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088] R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920] R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-10-01 1337216] R3 CnxtHdAudService;@oem2.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2012-08-07 1607328] R3 dtsoftbus01;@oem37.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-02 254528] R3 ETD;@oem30.inf,%PS2.DeviceDesc%;Dell Touchpad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-01-10 211280] R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152] R3 IntcDAud;@oem11.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528] R3 iwdbus;@oem18.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-12-21 192216] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216] R3 MEIx64;@oem79.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784] R3 NETwNe64;@oem21.inf,%NIC_Service_DispName_WIN8_64%;Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [2013-10-08 3345376] R3 RSUSBVSTOR;@oem7.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536] R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360] R3 usb3Hub;@oem19.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2012-10-09 47072] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys [2013-04-11 165344] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248] S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664] S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [] S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424] S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;USB RNDIS-adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088] R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-09-30 1112000] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-30 1132480] R2 CxUtilSvc;CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [2012-08-07 109184] R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-08-27 237272] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technologie; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904] R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-18 276864] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416] R2 Motorola Device Manager;Motorola Device Manager Service; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2014-04-08 137528] R2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w [] R2 PST Service;PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-25 254512] R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-05-23 1915480] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-18 364416] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-06-25 196104] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09 269504] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792] S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-20 147624] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-05-30 149544] -----------------EOF-----------------

Hierbij het log log.txt

Hierbij het log. Had dit programma recent al gedraaid, dus dat verklaard waarom hij niets vind. AdwCleanerS2.txt

niet op toevoegen geklikt, hierbij nogmaals. zoek-results.log

Bedankt voor je snelle reactie. Hierbij het log.

Excuses voor het starten van meerdere onderwerpen. De andere pc betreft de pc van mijn schoonvader, daar kom ik van het weekend pas weer dus kan ik niet verder daarmee. In de tussentijd heb ik een probleem met mijn desktop. Windows defender word de hele tijd uitgezet en ik krijg hem daarna vaak niet meer aan. De pc is ook iets langzamer. Heb recent nog van allerlei programma's gedraaid, maar het wil niet weg. RSIT log is bijgevoegd! Alvast heel erg bedankt! log.txt

hierbij het log, excuses voor de late reactie. Kreeg nog wel een melding dat het programma vastliep en heb het uiteindelijk in de veilige modus gedraaid. Uiteindelijk kwam er gelukkig wel een log uit. Ik heb dit probleem met autokms op meerdere pc's kan ik hetzelfde script gebruiken op die pc's? LOG: Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Idso on zo 04-10-2015 at 12:00:26,57. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Safe Mode NETWORK No Internet Access Detected Launched: C:\Users\Idso\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-10-04-094046.log 729 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Cisco deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Common Files\Intel deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Idso\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Cisco not found C:\WINDOWS\AutoKMS deleted C:\windows\SysNative\Tasks\Lenovo App Services deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Idso\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-10-04 09:48:02 9EBFADE0E0959A8CF1D237693DC180AB 16148 ----a-w- C:\WINDOWS\Sysnative\IDSO_Idso_HistoryPrediction.bin ====== C:\WINDOWS\Sysnative\drivers ===== 2015-09-06 14:17:22 C67A03F54A1EA683F4880A481EE5FF6C 373072 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2015-09-06 14:17:22 A9991032F00FDE9D344FF95C01DBD390 929280 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys ====== C:\WINDOWS\Tasks ====== 2015-10-04 09:48:02 1B7DDFA598C6A5325BDF90BBBAC6B8AD 214 ----a-w- C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-09-27 12:01:57 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Idso\AppData\Roaming ====== 2015-09-27 15:25:17 -------- d-----w- C:\Users\Idso\AppData\Local\Conexant 2015-09-27 11:57:30 -------- d-----w- C:\Users\Idso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad 2015-09-26 16:16:21 -------- d-----w- C:\Users\Idso\AppData\Local\MicrosoftEdge 2015-09-14 21:25:19 -------- d-----w- C:\Users\Idso\AppData\Local\Tvsukernel ====== C:\Users\Idso ====== 2015-09-27 12:00:14 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Idso\Downloads\RSITx64.exe 2015-09-17 11:20:57 -------- d-----r- C:\Users\Idso\3D Objects ====== C: exe-files == 2015-10-01 05:27:40 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\Idso\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe 2015-09-27 12:01:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Idso.exe 2015-09-27 12:00:14 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Idso\Downloads\RSITx64.exe 2015-09-27 11:55:04 E539A235FC78A26BC544C207324C3227 277664 ----a-w- C:\Program Files\Apoint2K\player.exe 2015-09-27 11:55:04 8B3543E0456AD5EA3A1CA07900D66037 145760 ----a-w- C:\Program Files\Apoint2K\LidCheck.exe 2015-09-27 11:55:04 84BE4D8A01E870B7CEE6CEE3BB8017B6 82256 ----a-w- C:\Program Files\Apoint2K\MagGlass.exe 2015-09-27 11:55:04 428F82440DEFCD1BD3905F6952BF54B4 414496 ----a-w- C:\Program Files\Apoint2K\Uninstap.exe 2015-09-27 11:55:03 ECD0BFA7549AFEE7752A7FAC79728D27 165896 ----a-w- C:\Program Files\Apoint2K\DataWatch.exe 2015-09-27 11:55:03 337266ADD4D1811420481EF2A02B4934 157704 ----a-w- C:\Program Files\Apoint2K\ApProperties.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1546146300-1331517638-3560926244-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "OneDrive"="C:\Users\Idso\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "OneDrive"="C:\Users\Idso\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "RtsCM"="RTSCM64.EXE" "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "TpShocks"="TpShocks.exe" "LenovoOptMouseUpdate"="C:\Program Files\Lenovo\HOTKEY\extapsup.exe" "LnvMobHotspotClient"="C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe" "LMCSSTART1"="C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses" "LMCSSTART2"="C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart" "LMCSSTART3"="C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [11-08-2015 12:04] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PDVDServ12 Task" [C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe] "C:\WINDOWS\SysNative\tasks\StartPowerDVDService" ["C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{16647C37-C58C-470C-AEBD-545CB783E754}" [C:\windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Dependency Package Auto Update" [C:\Program Files\Lenovo\iMController\AutoUpdate.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Experience Improvement" ["C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Settings Power" ["C:\windows\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit" ["C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Startup" ["C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Update" ["C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"] ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.101 Google Slides - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek CookiesOK - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni Google Docs - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Idso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://lenovo13-comm.msn.com/?pc=LNJB" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{E12262C6-3B8E-4073-A546-2DDCCF04094A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://lenovo13-comm.msn.com/?pc=LNJB" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {E12262C6-3B8E-4073-A546-2DDCCF04094A} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1546146300-1331517638-3560926244-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E12262C6-3B8E-4073-A546-2DDCCF04094A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E12262C6-3B8E-4073-A546-2DDCCF04094A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E12262C6-3B8E-4073-A546-2DDCCF04094A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Idso\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Idso\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Idso\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Idso\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Idso\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=39 folders=29 90746456 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Idso\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 04-10-2015 at 12:30:31,63 ======================

Laptop is nog geen 2 maanden oud. Is ineens veel langzamer geworden. Is geinfecteerd geweest met een soort virus dat de pc vrijgeeft na dat je een betaling hebt gedaan. Malwarebytes heeft dit uiteindelijk weten te verwijderen. Wellicht dat dit een oorzaak is. Ik heb al een log gemaakt met Rsit zie bijlage. Alvast bedankt voor de hulp! log.txt

http://speccy.piriform.com/results/dlsVbVZPbmXMbuXhJYPcORG

Ik heb hier een laptop die extreem langzaam is. Zelfs nadat ik m.b.v. de geheime partitie windows opnieuw heb geinstalleerd. Malwarebytes en windows defender vinden allebei niets. Ik heb alvast een log gemaakt aangezien ik dit ook in andere topics zag. Hopelijk kunnen jullie mij helpen! Alvast bedankt! Logfile of random's system information tool 1.10 (written by random/random) Run by Ellen at 2014-11-27 17:15:56 Microsoft Windows 8 System drive C: has 276 GB (60%) free of 460 GB Total RAM: 3948 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:16:02, on 27-11-14 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17148) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Ellen.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKCU\..\Run: [Google Update] "C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: @oem14.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6410 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs "dwm.exe" C:\windows\system32\svchost.exe -k LocalService C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe 775129150256 \??\C:\windows\system32\conhost.exe 0x4 C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork taskhostex.exe "\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\windows\Explorer.EXE C:\windows\system32\BtwRSupportService.exe "C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe" C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe dashost.exe {aeb6c6e3-ef13-4ebf-b8b8340b2a7e6dd2} "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files\Windows Defender\MsMpEng.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray C:\windows\system32\SearchIndexer.exe /Embedding C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fe7f1830-1f31-41d9-8ab6-c90858ceee1b -SystemEventPortName:HostProcess-f08840bc-4df8-4915-b971-9f69ba8db350 -IoCancelEventPortName:HostProcess-23882452-0654-4b48-9435-2d8c3d134519 -NonStateChangingEventPortName:HostProcess-e48567a6-819d-4ca3-b256-5603b46b639b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:79e62437-395e-4996-8a02-c81e48aa6dec -DeviceGroupId:WudfDefaultDevicePool "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4232.0.881704550\1521307937" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4232.2.958137312\1856281922" /prefetch:673131151 taskhost.exe $(Arg0) "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4232.10.743758830\1372564611" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4232.13.1226030271\843421471" /prefetch:673131151 "C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572 "C:\Users\Ellen\Desktop\RSITx64 (1).exe" C:\windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-128191739-3064280242-1839051771-1001Core.job - C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-128191739-3064280242-1839051771-1001UA.job - C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Browser Helper Object - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31 2517864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Browser Helper Object - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31 2352488] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-05 116648] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\windows\system32\igfxdev.dll [2012-08-24 441856] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-27 17:15:56 ----D---- C:\rsit 2014-11-27 17:15:56 ----D---- C:\Program Files\trend micro 2014-11-27 16:41:36 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe 2014-11-27 16:40:11 ----A---- C:\windows\system32\FNTCACHE.DAT 2014-11-27 16:37:19 ----D---- C:\windows\system32\AutoUpdateLicense 2014-11-27 16:35:51 ----RD---- C:\windows\BrowserChoice 2014-11-27 16:35:20 ----SD---- C:\windows\system32\CompatTel 2014-11-19 16:42:37 ----A---- C:\windows\SYSWOW64\pku2u.dll 2014-11-19 16:42:37 ----A---- C:\windows\SYSWOW64\kerberos.dll 2014-11-19 16:42:37 ----A---- C:\windows\system32\pku2u.dll 2014-11-19 16:42:37 ----A---- C:\windows\system32\kerberos.dll 2014-11-13 20:26:42 ----A---- C:\windows\system32\audiosrv.dll 2014-11-13 20:26:42 ----A---- C:\windows\system32\AUDIOKSE.dll 2014-11-13 20:26:41 ----A---- C:\windows\system32\EncDump.dll 2014-11-13 20:26:41 ----A---- C:\windows\system32\AudioEndpointBuilder.dll 2014-11-13 20:26:34 ----A---- C:\windows\system32\dnsapi.dll 2014-11-13 20:26:33 ----A---- C:\windows\system32\WsmSvc.dll 2014-11-13 20:26:32 ----A---- C:\windows\SYSWOW64\WsmSvc.dll 2014-11-13 20:26:32 ----A---- C:\windows\SYSWOW64\dnsapi.dll 2014-11-13 20:26:32 ----A---- C:\windows\system32\drivers\tcpip.sys 2014-11-13 20:26:32 ----A---- C:\windows\system32\drivers\Classpnp.sys 2014-11-13 20:26:31 ----A---- C:\windows\system32\WsmWmiPl.dll 2014-11-13 20:26:31 ----A---- C:\windows\system32\dnsrslvr.dll 2014-11-13 20:26:30 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll 2014-11-13 20:26:30 ----A---- C:\windows\SYSWOW64\rpchttp.dll 2014-11-13 20:26:30 ----A---- C:\windows\SYSWOW64\FXSCOMEX.dll 2014-11-13 20:26:30 ----A---- C:\windows\system32\rpchttp.dll 2014-11-13 20:26:30 ----A---- C:\windows\system32\FXSCOMEX.dll 2014-11-13 20:26:29 ----A---- C:\windows\SYSWOW64\FXSAPI.dll 2014-11-13 20:26:29 ----A---- C:\windows\system32\FXSTIFF.dll 2014-11-13 20:26:29 ----A---- C:\windows\system32\FXST30.dll 2014-11-13 20:26:29 ----A---- C:\windows\system32\FXSAPI.dll 2014-11-13 20:25:02 ----A---- C:\windows\system32\drivers\WdFilter.sys 2014-11-13 20:25:02 ----A---- C:\windows\system32\drivers\WdBoot.sys 2014-11-13 20:24:27 ----A---- C:\windows\SYSWOW64\oleaut32.dll 2014-11-13 20:24:26 ----A---- C:\windows\system32\oleaut32.dll 2014-11-13 20:24:21 ----A---- C:\windows\system32\win32k.sys 2014-11-13 20:23:16 ----A---- C:\windows\system32\generaltel.dll 2014-11-13 20:23:16 ----A---- C:\windows\system32\aepdu.dll 2014-11-13 20:23:15 ----A---- C:\windows\system32\aeinv.dll 2014-11-13 20:22:35 ----A---- C:\windows\SYSWOW64\twinui.dll 2014-11-13 20:22:34 ----A---- C:\windows\SYSWOW64\msi.dll 2014-11-13 20:22:34 ----A---- C:\windows\system32\twinui.dll 2014-11-13 20:22:34 ----A---- C:\windows\system32\msi.dll 2014-11-13 20:22:33 ----A---- C:\windows\SYSWOW64\authui.dll 2014-11-13 20:22:33 ----A---- C:\windows\system32\msihnd.dll 2014-11-13 20:22:33 ----A---- C:\windows\system32\authui.dll 2014-11-13 20:22:32 ----A---- C:\windows\SYSWOW64\msihnd.dll 2014-11-13 20:22:21 ----A---- C:\windows\system32\lsasrv.dll 2014-11-13 20:22:20 ----A---- C:\windows\system32\rdpcorets.dll 2014-11-13 20:22:19 ----A---- C:\windows\SYSWOW64\adtschema.dll 2014-11-13 20:22:19 ----A---- C:\windows\system32\SHCore.dll 2014-11-13 20:22:19 ----A---- C:\windows\system32\drivers\ksecpkg.sys 2014-11-13 20:22:19 ----A---- C:\windows\system32\adtschema.dll 2014-11-13 20:22:18 ----A---- C:\windows\SYSWOW64\SHCore.dll 2014-11-13 20:22:17 ----A---- C:\windows\SYSWOW64\msaudite.dll 2014-11-13 20:22:17 ----A---- C:\windows\system32\msaudite.dll 2014-11-13 20:19:19 ----A---- C:\windows\system32\schannel.dll 2014-11-13 20:19:18 ----A---- C:\windows\SYSWOW64\schannel.dll 2014-11-13 20:19:17 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll 2014-11-13 20:19:17 ----A---- C:\windows\system32\ncryptsslp.dll 2014-11-13 20:15:36 ----A---- C:\windows\SYSWOW64\packager.dll 2014-11-13 20:15:36 ----A---- C:\windows\system32\packager.dll 2014-11-13 20:15:36 ----A---- C:\windows\system32\msxml3.dll 2014-11-13 20:15:35 ----A---- C:\windows\SYSWOW64\msxml3.dll 2014-11-13 20:15:30 ----A---- C:\windows\system32\mshtml.dll 2014-11-13 20:15:25 ----A---- C:\windows\SYSWOW64\mshtml.dll 2014-11-13 20:15:21 ----A---- C:\windows\system32\wininet.dll 2014-11-13 20:15:21 ----A---- C:\windows\system32\ieframe.dll 2014-11-13 20:15:19 ----A---- C:\windows\system32\iertutil.dll 2014-11-13 20:15:18 ----A---- C:\windows\SYSWOW64\ieframe.dll 2014-11-13 20:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll 2014-11-13 20:15:17 ----A---- C:\windows\system32\urlmon.dll 2014-11-13 20:15:16 ----A---- C:\windows\SYSWOW64\urlmon.dll 2014-11-13 20:15:16 ----A---- C:\windows\SYSWOW64\iertutil.dll 2014-11-13 20:15:15 ----A---- C:\windows\SYSWOW64\iesysprep.dll 2014-11-13 20:15:15 ----A---- C:\windows\system32\uxtheme.dll 2014-11-13 20:15:15 ----A---- C:\windows\system32\iesysprep.dll 2014-11-13 20:15:14 ----A---- C:\windows\SYSWOW64\msfeeds.dll 2014-11-13 20:15:14 ----A---- C:\windows\SYSWOW64\jscript9.dll 2014-11-13 20:15:14 ----A---- C:\windows\SYSWOW64\iedkcs32.dll 2014-11-13 20:15:14 ----A---- C:\windows\system32\msfeeds.dll 2014-11-13 20:15:14 ----A---- C:\windows\system32\jscript9.dll 2014-11-13 20:15:13 ----A---- C:\windows\SYSWOW64\msrating.dll 2014-11-13 20:15:13 ----A---- C:\windows\SYSWOW64\jscript.dll 2014-11-13 20:15:13 ----A---- C:\windows\system32\jscript.dll 2014-11-13 20:15:13 ----A---- C:\windows\system32\iedkcs32.dll 2014-11-13 20:15:13 ----A---- C:\windows\system32\ie4uinit.exe 2014-11-13 20:15:12 ----A---- C:\windows\SYSWOW64\mshtmled.dll 2014-11-13 20:15:12 ----A---- C:\windows\SYSWOW64\dxtrans.dll 2014-11-13 20:15:12 ----A---- C:\windows\system32\msrating.dll 2014-11-13 20:15:12 ----A---- C:\windows\system32\dxtrans.dll 2014-11-13 20:15:11 ----A---- C:\windows\SYSWOW64\UXInit.dll 2014-11-13 20:15:11 ----A---- C:\windows\SYSWOW64\iernonce.dll 2014-11-13 20:15:11 ----A---- C:\windows\SYSWOW64\dxtmsft.dll 2014-11-13 20:15:11 ----A---- C:\windows\system32\UXInit.dll 2014-11-13 20:15:11 ----A---- C:\windows\system32\mshtmled.dll 2014-11-13 20:15:11 ----A---- C:\windows\system32\iernonce.dll 2014-11-13 20:15:10 ----A---- C:\windows\SYSWOW64\uxtheme.dll 2014-11-13 20:15:10 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2014-11-13 20:15:10 ----A---- C:\windows\SYSWOW64\iesetup.dll 2014-11-13 20:15:10 ----A---- C:\windows\system32\jsproxy.dll 2014-11-13 20:15:10 ----A---- C:\windows\system32\iesetup.dll 2014-11-13 20:15:10 ----A---- C:\windows\system32\dxtmsft.dll 2014-11-13 20:14:56 ----A---- C:\windows\system32\NotificationUI.exe 2014-11-13 20:14:56 ----A---- C:\windows\system32\AutoUpdate.exe 2014-11-13 20:14:55 ----A---- C:\windows\SYSWOW64\WSShared.dll 2014-11-13 20:14:55 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-11-13 20:14:55 ----A---- C:\windows\system32\WSShared.dll 2014-11-13 20:14:55 ----A---- C:\windows\system32\WinSetupUI.dll 2014-11-13 20:14:55 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-11-13 20:14:55 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.dll 2014-11-06 22:09:00 ----N---- C:\windows\system32\MpSigStub.exe 2014-11-05 19:35:30 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2014-11-05 19:18:17 ----D---- C:\windows\PCHEALTH 2014-11-05 19:15:22 ----D---- C:\Program Files\Microsoft Office 2014-11-05 19:15:05 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2014-11-05 19:14:06 ----RHD---- C:\MSOCache 2014-11-05 18:50:33 ----D---- C:\Program Files\CCleaner 2014-11-05 18:21:48 ----A---- C:\windows\system32\schedsvc.dll 2014-11-05 18:20:07 ----A---- C:\windows\system32\msvcr100_clr0400.dll 2014-11-05 18:19:51 ----A---- C:\windows\SYSWOW64\msvcr100_clr0400.dll 2014-11-05 18:18:00 ----A---- C:\windows\system32\mmc.exe 2014-11-05 18:17:59 ----A---- C:\windows\system32\wlidsvc.dll 2014-11-05 18:17:59 ----A---- C:\windows\system32\msctf.dll 2014-11-05 18:17:58 ----A---- C:\windows\SYSWOW64\mmc.exe 2014-11-05 18:17:57 ----A---- C:\windows\SYSWOW64\msctf.dll 2014-11-05 18:17:56 ----A---- C:\windows\system32\setupapi.dll 2014-11-05 18:17:54 ----A---- C:\windows\system32\Windows.Media.dll 2014-11-05 18:17:53 ----A---- C:\windows\SYSWOW64\setupapi.dll 2014-11-05 18:17:53 ----A---- C:\windows\system32\iphlpsvc.dll 2014-11-05 18:17:53 ----A---- C:\windows\system32\drivers\partmgr.sys 2014-11-05 18:17:52 ----A---- C:\windows\system32\WSDMon.dll 2014-11-05 18:17:52 ----A---- C:\windows\system32\samsrv.dll 2014-11-05 18:17:52 ----A---- C:\windows\system32\MP4SDECD.DLL 2014-11-05 18:17:52 ----A---- C:\windows\system32\inetpp.dll 2014-11-05 18:17:51 ----A---- C:\windows\SYSWOW64\Windows.Media.dll 2014-11-05 18:17:51 ----A---- C:\windows\SYSWOW64\wiaacmgr.exe 2014-11-05 18:17:51 ----A---- C:\windows\system32\wiaacmgr.exe 2014-11-05 18:17:50 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL 2014-11-05 18:17:50 ----A---- C:\windows\system32\ncbservice.dll 2014-11-05 18:17:50 ----A---- C:\windows\system32\httpprxm.dll 2014-11-05 18:17:50 ----A---- C:\windows\system32\adhsvc.dll 2014-11-05 18:17:49 ----A---- C:\windows\SYSWOW64\samlib.dll 2014-11-05 18:17:49 ----A---- C:\windows\system32\keepaliveprovider.dll 2014-11-05 18:17:49 ----A---- C:\windows\system32\httpprxp.dll 2014-11-05 18:17:49 ----A---- C:\windows\system32\adhapi.dll 2014-11-05 18:17:06 ----A---- C:\windows\system32\drivers\WdfLdr.sys 2014-11-05 18:17:06 ----A---- C:\windows\system32\drivers\Wdf01000.sys 2014-11-05 18:16:50 ----A---- C:\windows\SYSWOW64\comctl32.dll 2014-11-05 18:16:50 ----A---- C:\windows\system32\comctl32.dll 2014-11-05 18:16:49 ----A---- C:\windows\system32\kernel32.dll 2014-11-05 18:16:48 ----A---- C:\windows\SYSWOW64\kernel32.dll 2014-11-05 18:15:26 ----A---- C:\windows\SYSWOW64\imagehlp.dll 2014-11-05 18:15:26 ----A---- C:\windows\system32\imagehlp.dll 2014-11-05 18:15:16 ----A---- C:\windows\SYSWOW64\msvcp120_clr0400.dll 2014-11-05 18:15:16 ----A---- C:\windows\system32\msvcp120_clr0400.dll 2014-11-05 18:15:08 ----A---- C:\windows\system32\drivers\dxgkrnl.sys 2014-11-05 18:15:07 ----A---- C:\windows\system32\cdd.dll 2014-11-05 18:14:37 ----A---- C:\windows\SYSWOW64\synceng.dll 2014-11-05 18:14:37 ----A---- C:\windows\system32\synceng.dll 2014-11-05 18:14:14 ----A---- C:\windows\SYSWOW64\mfasfsrcsnk.dll 2014-11-05 18:14:14 ----A---- C:\windows\system32\mfasfsrcsnk.dll 2014-11-05 18:14:13 ----A---- C:\windows\system32\wmpmde.dll 2014-11-05 18:14:12 ----A---- C:\windows\system32\winmde.dll 2014-11-05 18:14:11 ----A---- C:\windows\system32\Windows.Globalization.dll 2014-11-05 18:14:10 ----A---- C:\windows\SYSWOW64\netcfgx.dll 2014-11-05 18:14:10 ----A---- C:\windows\system32\Windows.Security.Authentication.OnlineId.dll 2014-11-05 18:14:10 ----A---- C:\windows\system32\SystemEventsBrokerServer.dll 2014-11-05 18:14:09 ----A---- C:\windows\system32\TimeBrokerServer.dll 2014-11-05 18:14:09 ----A---- C:\windows\system32\drivers\storport.sys 2014-11-05 18:14:07 ----A---- C:\windows\SYSWOW64\winmde.dll 2014-11-05 18:14:07 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll 2014-11-05 18:14:07 ----A---- C:\windows\system32\wpdbusenum.dll 2014-11-05 18:14:07 ----A---- C:\windows\system32\usbmon.dll 2014-11-05 18:14:07 ----A---- C:\windows\system32\SettingSync.dll 2014-11-05 18:14:07 ----A---- C:\windows\system32\netcfgx.dll 2014-11-05 18:14:06 ----A---- C:\windows\SYSWOW64\drvstore.dll 2014-11-05 18:14:06 ----A---- C:\windows\system32\drvstore.dll 2014-11-05 18:14:05 ----A---- C:\windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll 2014-11-05 18:14:04 ----A---- C:\windows\SYSWOW64\SettingSync.dll 2014-11-05 18:14:03 ----A---- C:\windows\system32\discan.dll 2014-11-05 18:14:02 ----A---- C:\windows\system32\NdisImPlatform.dll 2014-11-05 18:14:01 ----A---- C:\windows\system32\DevDispItemProvider.dll 2014-11-05 18:14:00 ----A---- C:\windows\SYSWOW64\SettingSyncInfo.dll 2014-11-05 18:14:00 ----A---- C:\windows\SYSWOW64\DevDispItemProvider.dll 2014-11-05 18:14:00 ----A---- C:\windows\system32\WSDPrintProxy.DLL 2014-11-05 18:14:00 ----A---- C:\windows\system32\SettingSyncInfo.dll 2014-11-05 18:13:33 ----A---- C:\windows\system32\mstscax.dll 2014-11-05 18:13:31 ----A---- C:\windows\SYSWOW64\mstscax.dll 2014-11-05 18:13:31 ----A---- C:\windows\system32\termsrv.dll 2014-11-05 18:13:30 ----A---- C:\windows\SYSWOW64\winsta.dll 2014-11-05 18:13:30 ----A---- C:\windows\SYSWOW64\mstsc.exe 2014-11-05 18:13:30 ----A---- C:\windows\SYSWOW64\aaclient.dll 2014-11-05 18:13:30 ----A---- C:\windows\system32\winsta.dll 2014-11-05 18:13:30 ----A---- C:\windows\system32\mstsc.exe 2014-11-05 18:13:29 ----A---- C:\windows\system32\rfxvmt.dll 2014-11-05 18:13:29 ----A---- C:\windows\system32\rdpudd.dll 2014-11-05 18:13:29 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys 2014-11-05 18:13:19 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.dll 2014-11-05 18:13:12 ----A---- C:\windows\system32\shell32.dll 2014-11-05 18:13:11 ----A---- C:\windows\SYSWOW64\shell32.dll 2014-11-05 18:12:52 ----A---- C:\windows\system32\sppsvc.exe 2014-11-05 18:12:50 ----A---- C:\windows\system32\WSService.dll 2014-11-05 18:12:50 ----A---- C:\windows\system32\sppobjs.dll 2014-11-05 18:12:48 ----A---- C:\windows\SYSWOW64\sppc.dll 2014-11-05 18:12:48 ----A---- C:\windows\system32\sppwinob.dll 2014-11-05 18:12:48 ----A---- C:\windows\system32\sppc.dll 2014-11-05 18:12:47 ----A---- C:\windows\SYSWOW64\WSSync.dll 2014-11-05 18:12:47 ----A---- C:\windows\system32\WSSync.dll 2014-11-05 18:12:47 ----A---- C:\windows\system32\WSClient.dll 2014-11-05 18:12:47 ----A---- C:\windows\system32\drivers\dam.sys 2014-11-05 18:12:46 ----A---- C:\windows\SYSWOW64\WSClient.dll 2014-11-05 18:12:46 ----A---- C:\windows\system32\setupcln.dll 2014-11-05 18:12:45 ----A---- C:\windows\SYSWOW64\setupcln.dll 2014-11-05 18:12:45 ----A---- C:\windows\SYSWOW64\OEMLicense.dll 2014-11-05 18:11:54 ----A---- C:\windows\system32\osk.exe 2014-11-05 18:11:53 ----A---- C:\windows\SYSWOW64\osk.exe 2014-11-05 18:11:47 ----A---- C:\windows\SYSWOW64\crypt32.dll 2014-11-05 18:11:47 ----A---- C:\windows\system32\crypt32.dll 2014-11-05 18:10:03 ----A---- C:\windows\system32\lsm.dll 2014-11-05 18:09:35 ----A---- C:\windows\system32\devinv.dll 2014-11-05 18:09:35 ----A---- C:\windows\system32\aepic.dll 2014-11-05 18:09:33 ----A---- C:\windows\SYSWOW64\nshwfp.dll 2014-11-05 18:09:33 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL 2014-11-05 18:09:33 ----A---- C:\windows\system32\nshwfp.dll 2014-11-05 18:09:33 ----A---- C:\windows\system32\IKEEXT.DLL 2014-11-05 18:09:33 ----A---- C:\windows\system32\FWPUCLNT.DLL 2014-11-05 18:09:33 ----A---- C:\windows\system32\drivers\wfplwfs.sys 2014-11-05 18:09:33 ----A---- C:\windows\system32\BFE.DLL 2014-11-05 18:09:28 ----A---- C:\windows\system32\wuaueng.dll 2014-11-05 18:09:28 ----A---- C:\windows\system32\wuapi.dll 2014-11-05 18:09:27 ----A---- C:\windows\SYSWOW64\wudriver.dll 2014-11-05 18:09:27 ----A---- C:\windows\SYSWOW64\wuapi.dll 2014-11-05 18:09:27 ----A---- C:\windows\system32\wudriver.dll 2014-11-05 18:09:27 ----A---- C:\windows\system32\wucltux.dll 2014-11-05 18:09:27 ----A---- C:\windows\system32\wuauclt.exe 2014-11-05 18:09:26 ----A---- C:\windows\SYSWOW64\wuwebv.dll 2014-11-05 18:09:26 ----A---- C:\windows\SYSWOW64\wuapp.exe 2014-11-05 18:09:26 ----A---- C:\windows\system32\wuwebv.dll 2014-11-05 18:09:26 ----A---- C:\windows\system32\WUSettingsProvider.dll 2014-11-05 18:09:26 ----A---- C:\windows\system32\wuapp.exe 2014-11-05 18:09:26 ----A---- C:\windows\system32\wuaext.dll 2014-11-05 18:09:26 ----A---- C:\windows\system32\storewuauth.dll 2014-11-05 18:08:54 ----A---- C:\windows\SYSWOW64\rastls.dll 2014-11-05 18:08:54 ----A---- C:\windows\system32\rastls.dll 2014-11-05 18:07:54 ----A---- C:\windows\system32\WMVDECOD.DLL 2014-11-05 18:07:54 ----A---- C:\windows\system32\ntdll.dll 2014-11-05 18:07:52 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL 2014-11-05 18:07:50 ----A---- C:\windows\system32\localspl.dll 2014-11-05 18:07:49 ----A---- C:\windows\system32\storagewmi.dll 2014-11-05 18:07:49 ----A---- C:\windows\system32\drivers\volsnap.sys 2014-11-05 18:07:49 ----A---- C:\windows\system32\drivers\srv2.sys 2014-11-05 18:07:48 ----A---- C:\windows\SYSWOW64\ntdll.dll 2014-11-05 18:07:47 ----A---- C:\windows\system32\winload.exe 2014-11-05 18:07:47 ----A---- C:\windows\system32\d3d10warp.dll 2014-11-05 18:07:46 ----A---- C:\windows\system32\drivers\srvnet.sys 2014-11-05 18:07:45 ----A---- C:\windows\SYSWOW64\dwmapi.dll 2014-11-05 18:07:45 ----A---- C:\windows\SYSWOW64\d3d10warp.dll 2014-11-05 18:07:45 ----A---- C:\windows\system32\winresume.exe 2014-11-05 18:07:44 ----A---- C:\windows\SYSWOW64\storagewmi.dll 2014-11-05 18:07:44 ----A---- C:\windows\system32\win32spl.dll 2014-11-05 18:07:44 ----A---- C:\windows\system32\wcmsvc.dll 2014-11-05 18:07:44 ----A---- C:\windows\system32\dwmapi.dll 2014-11-05 18:07:43 ----A---- C:\windows\system32\profsvc.dll 2014-11-05 18:07:42 ----A---- C:\windows\system32\wcmcsp.dll 2014-11-05 18:07:42 ----A---- C:\windows\system32\defragsvc.dll 2014-11-05 18:07:41 ----A---- C:\windows\SYSWOW64\KBDRUM.DLL 2014-11-05 18:07:41 ----A---- C:\windows\system32\KBDTAT.DLL 2014-11-05 18:07:41 ----A---- C:\windows\system32\KBDRUM.DLL 2014-11-05 18:07:41 ----A---- C:\windows\system32\Defrag.exe 2014-11-05 18:07:40 ----A---- C:\windows\SYSWOW64\KBDYAK.DLL 2014-11-05 18:07:40 ----A---- C:\windows\SYSWOW64\KBDTAT.DLL 2014-11-05 18:07:40 ----A---- C:\windows\SYSWOW64\KBDRU1.DLL 2014-11-05 18:07:40 ----A---- C:\windows\SYSWOW64\KBDRU.DLL 2014-11-05 18:07:40 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL 2014-11-05 18:07:40 ----A---- C:\windows\system32\KBDYAK.DLL 2014-11-05 18:07:40 ----A---- C:\windows\system32\KBDRU1.DLL 2014-11-05 18:07:40 ----A---- C:\windows\system32\KBDRU.DLL 2014-11-05 18:07:40 ----A---- C:\windows\system32\KBDBASH.DLL 2014-11-05 18:06:47 ----A---- C:\windows\system32\InkEd.dll 2014-11-05 18:00:19 ----A---- C:\windows\SYSWOW64\msvcr120_clr0400.dll 2014-11-05 18:00:19 ----A---- C:\windows\system32\msvcr120_clr0400.dll 2014-11-05 17:58:09 ----A---- C:\windows\SYSWOW64\cryptnet.dll 2014-11-05 17:58:09 ----A---- C:\windows\SYSWOW64\certutil.exe 2014-11-05 17:58:09 ----A---- C:\windows\system32\cryptnet.dll 2014-11-05 17:58:09 ----A---- C:\windows\system32\certutil.exe 2014-11-05 17:53:53 ----A---- C:\windows\SYSWOW64\ReAgentc.exe 2014-11-05 17:53:53 ----A---- C:\windows\system32\ReAgentc.exe 2014-11-05 17:53:19 ----A---- C:\windows\SYSWOW64\ReAgent.dll 2014-11-05 17:53:19 ----A---- C:\windows\system32\sysreset.exe 2014-11-05 17:53:19 ----A---- C:\windows\system32\resetengmig.dll 2014-11-05 17:53:19 ----A---- C:\windows\system32\reseteng.dll 2014-11-05 17:53:19 ----A---- C:\windows\system32\ReAgent.dll 2014-11-05 17:47:25 ----A---- C:\windows\system32\tssdisai.dll 2014-11-05 17:47:24 ----A---- C:\windows\system32\poqexec.exe 2014-11-05 17:47:07 ----A---- C:\windows\system32\wmp.dll 2014-11-05 17:47:07 ----A---- C:\windows\system32\tquery.dll 2014-11-05 17:47:05 ----A---- C:\windows\SYSWOW64\wmp.dll 2014-11-05 17:47:04 ----A---- C:\windows\system32\mssrch.dll 2014-11-05 17:47:02 ----A---- C:\windows\SYSWOW64\tquery.dll 2014-11-05 17:47:01 ----A---- C:\windows\SYSWOW64\mssrch.dll 2014-11-05 17:46:56 ----A---- C:\windows\system32\MSAudDecMFT.dll 2014-11-05 17:46:55 ----A---- C:\windows\SYSWOW64\MSAudDecMFT.dll 2014-11-05 17:46:54 ----A---- C:\windows\system32\SearchIndexer.exe 2014-11-05 17:46:54 ----A---- C:\windows\system32\kd_02_10ec.dll 2014-11-05 17:46:53 ----A---- C:\windows\SYSWOW64\mssph.dll 2014-11-05 17:46:53 ----A---- C:\windows\system32\rsaenh.dll 2014-11-05 17:46:52 ----A---- C:\windows\system32\drivers\PEAuth.sys 2014-11-05 17:46:51 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe 2014-11-05 17:46:51 ----A---- C:\windows\system32\SearchProtocolHost.exe 2014-11-05 17:46:51 ----A---- C:\windows\system32\AudioSes.dll 2014-11-05 17:46:50 ----A---- C:\windows\SYSWOW64\rsaenh.dll 2014-11-05 17:46:50 ----A---- C:\windows\SYSWOW64\AudioSes.dll 2014-11-05 17:46:50 ----A---- C:\windows\SYSWOW64\AudioEng.dll 2014-11-05 17:46:50 ----A---- C:\windows\system32\Windows.Networking.dll 2014-11-05 17:46:50 ----A---- C:\windows\system32\mssph.dll 2014-11-05 17:46:50 ----A---- C:\windows\system32\dwmredir.dll 2014-11-05 17:46:50 ----A---- C:\windows\system32\conhost.exe 2014-11-05 17:46:50 ----A---- C:\windows\system32\AudioEng.dll 2014-11-05 17:46:50 ----A---- C:\windows\system32\audiodg.exe 2014-11-05 17:46:49 ----A---- C:\windows\system32\RecoveryDrive.exe 2014-11-05 17:46:48 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe 2014-11-05 17:46:48 ----A---- C:\windows\system32\wpncore.dll 2014-11-05 17:46:47 ----A---- C:\windows\system32\Windows.Networking.BackgroundTransfer.dll 2014-11-05 17:46:47 ----A---- C:\windows\system32\MFMediaEngine.dll 2014-11-05 17:46:46 ----A---- C:\windows\system32\XpsGdiConverter.dll 2014-11-05 17:46:44 ----A---- C:\windows\SYSWOW64\Windows.Networking.dll 2014-11-05 17:46:43 ----A---- C:\windows\system32\XpsRasterService.dll 2014-11-05 17:46:43 ----A---- C:\windows\system32\fhengine.dll 2014-11-05 17:46:43 ----A---- C:\windows\system32\dmvdsitf.dll 2014-11-05 17:46:43 ----A---- C:\windows\system32\ci.dll 2014-11-05 17:46:42 ----A---- C:\windows\SYSWOW64\mssvp.dll 2014-11-05 17:46:41 ----A---- C:\windows\SYSWOW64\wscapi.dll 2014-11-05 17:46:41 ----A---- C:\windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll 2014-11-05 17:46:41 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe 2014-11-05 17:46:41 ----A---- C:\windows\SYSWOW64\MFMediaEngine.dll 2014-11-05 17:46:41 ----A---- C:\windows\system32\Robocopy.exe 2014-11-05 17:46:41 ----A---- C:\windows\system32\mfreadwrite.dll 2014-11-05 17:46:40 ----A---- C:\windows\SYSWOW64\XpsRasterService.dll 2014-11-05 17:46:40 ----A---- C:\windows\SYSWOW64\Robocopy.exe 2014-11-05 17:46:40 ----A---- C:\windows\system32\SearchFilterHost.exe 2014-11-05 17:46:40 ----A---- C:\windows\system32\kdvm.dll 2014-11-05 17:46:39 ----A---- C:\windows\SYSWOW64\dmvdsitf.dll 2014-11-05 17:46:39 ----A---- C:\windows\system32\iuilp.dll 2014-11-05 17:46:38 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll 2014-11-05 17:46:38 ----A---- C:\windows\SYSWOW64\mfreadwrite.dll 2014-11-05 17:46:38 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll 2014-11-05 17:46:38 ----A---- C:\windows\system32\wscsvc.dll 2014-11-05 17:46:38 ----A---- C:\windows\system32\kdnet.dll 2014-11-05 17:46:38 ----A---- C:\windows\system32\drivers\wanarp.sys 2014-11-05 17:46:38 ----A---- C:\windows\system32\drivers\hidbth.sys 2014-11-05 17:46:37 ----A---- C:\windows\system32\mssvp.dll 2014-11-05 17:46:37 ----A---- C:\windows\system32\drivers\hidi2c.sys 2014-11-05 17:46:37 ----A---- C:\windows\system32\drivers\dxgmms1.sys 2014-11-05 17:46:36 ----A---- C:\windows\system32\GenuineCenter.dll 2014-11-05 17:46:36 ----A---- C:\windows\system32\drivers\ndproxy.sys 2014-11-05 17:46:35 ----A---- C:\windows\SYSWOW64\mssphtb.dll 2014-11-05 17:46:35 ----A---- C:\windows\SYSWOW64\fmifs.dll 2014-11-05 17:46:35 ----A---- C:\windows\system32\fmifs.dll 2014-11-05 17:46:34 ----A---- C:\windows\SYSWOW64\mssprxy.dll 2014-11-05 17:46:34 ----A---- C:\windows\SYSWOW64\msshooks.dll 2014-11-05 17:46:34 ----A---- C:\windows\system32\mssprxy.dll 2014-11-05 17:46:34 ----A---- C:\windows\system32\mssphtb.dll 2014-11-05 17:46:34 ----A---- C:\windows\system32\mssitlb.dll 2014-11-05 17:46:34 ----A---- C:\windows\system32\msshooks.dll 2014-11-05 17:46:33 ----A---- C:\windows\SYSWOW64\mssitlb.dll 2014-11-05 17:46:33 ----A---- C:\windows\SYSWOW64\msscntrs.dll 2014-11-05 17:46:33 ----A---- C:\windows\system32\msscntrs.dll 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbuhci.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbport.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbohci.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbhub.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbehci.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbd.sys 2014-11-05 17:40:43 ----A---- C:\windows\system32\drivers\usbccgp.sys 2014-11-05 17:40:19 ----A---- C:\windows\SYSWOW64\wlroamextension.dll 2014-11-05 17:40:18 ----A---- C:\windows\SYSWOW64\WWanAPI.dll 2014-11-05 17:40:18 ----A---- C:\windows\SYSWOW64\tasklist.exe 2014-11-05 17:40:18 ----A---- C:\windows\SYSWOW64\taskkill.exe 2014-11-05 17:40:17 ----A---- C:\windows\SYSWOW64\Windows.Networking.Connectivity.dll 2014-11-05 17:40:16 ----A---- C:\windows\SYSWOW64\duser.dll 2014-11-05 17:40:14 ----A---- C:\windows\SYSWOW64\nlaapi.dll 2014-11-05 17:40:14 ----A---- C:\windows\SYSWOW64\mbsmsapi.dll 2014-11-05 17:40:09 ----A---- C:\windows\system32\wlroamextension.dll 2014-11-05 17:40:08 ----A---- C:\windows\system32\wpd_ci.dll 2014-11-05 17:40:07 ----A---- C:\windows\system32\WWanAPI.dll 2014-11-05 17:40:07 ----A---- C:\windows\system32\tasklist.exe 2014-11-05 17:40:06 ----A---- C:\windows\system32\taskkill.exe 2014-11-05 17:40:04 ----A---- C:\windows\system32\ncsi.dll 2014-11-05 17:40:04 ----A---- C:\windows\system32\drivers\ntfs.sys 2014-11-05 17:40:03 ----A---- C:\windows\system32\Windows.Networking.Connectivity.dll 2014-11-05 17:40:03 ----A---- C:\windows\system32\mbsmsapi.dll 2014-11-05 17:40:03 ----A---- C:\windows\system32\drivers\ndis.sys 2014-11-05 17:40:02 ----A---- C:\windows\system32\wersvc.dll 2014-11-05 17:40:02 ----A---- C:\windows\system32\hotspotauth.dll 2014-11-05 17:40:02 ----A---- C:\windows\system32\duser.dll 2014-11-05 17:40:02 ----A---- C:\windows\system32\drivers\ks.sys 2014-11-05 17:40:01 ----A---- C:\windows\system32\drivers\crashdmp.sys 2014-11-05 17:40:00 ----A---- C:\windows\system32\drivers\BthhfHid.sys 2014-11-05 17:40:00 ----A---- C:\windows\system32\drivers\BthAvrcpTg.sys 2014-11-05 17:40:00 ----A---- C:\windows\system32\drivers\BtaMPM.sys 2014-11-05 17:39:54 ----A---- C:\windows\system32\drivers\mrxsmb20.sys 2014-11-05 17:39:54 ----A---- C:\windows\system32\drivers\mrxsmb.sys 2014-11-05 17:39:46 ----A---- C:\windows\SYSWOW64\GdiPlus.dll 2014-11-05 17:39:41 ----A---- C:\windows\system32\GdiPlus.dll 2014-11-05 17:39:34 ----A---- C:\windows\SYSWOW64\gdi32.dll 2014-11-05 17:39:26 ----A---- C:\windows\system32\gdi32.dll 2014-11-05 16:59:56 ----A---- C:\windows\SYSWOW64\shdocvw.dll 2014-11-05 16:59:22 ----A---- C:\windows\system32\shdocvw.dll 2014-11-05 16:59:05 ----A---- C:\windows\system32\Windows.UI.Xaml.dll 2014-11-05 16:59:00 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll 2014-11-05 16:58:58 ----A---- C:\windows\system32\AppXDeploymentServer.dll 2014-11-05 16:58:55 ----A---- C:\windows\system32\VSSVC.exe 2014-11-05 16:58:55 ----A---- C:\windows\system32\ubpm.dll 2014-11-05 16:58:55 ----A---- C:\windows\system32\sysmain.dll 2014-11-05 16:58:55 ----A---- C:\windows\system32\drivers\rdbss.sys 2014-11-05 16:58:55 ----A---- C:\windows\system32\BCP47Langs.dll 2014-11-05 16:58:51 ----D---- C:\windows\system32\MRT 2014-11-05 16:58:51 ----A---- C:\windows\SYSWOW64\ubpm.dll 2014-11-05 16:58:51 ----A---- C:\windows\system32\netprofmsvc.dll 2014-11-05 16:58:50 ----A---- C:\windows\SYSWOW64\BCP47Langs.dll 2014-11-05 16:58:47 ----A---- C:\windows\system32\netprofm.dll 2014-11-05 16:58:47 ----A---- C:\windows\system32\MRT.exe 2014-11-05 16:58:45 ----A---- C:\windows\system32\mfmp4srcsnk.dll 2014-11-05 16:58:44 ----A---- C:\windows\system32\stobject.dll 2014-11-05 16:58:43 ----A---- C:\windows\system32\netplwiz.dll 2014-11-05 16:58:43 ----A---- C:\windows\system32\Magnify.exe 2014-11-05 16:58:43 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll 2014-11-05 16:58:42 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll 2014-11-05 16:58:42 ----A---- C:\windows\system32\taskhost.exe 2014-11-05 16:58:42 ----A---- C:\windows\system32\psmsrv.dll 2014-11-05 16:58:41 ----A---- C:\windows\system32\drivers\hidclass.sys 2014-11-05 16:58:40 ----A---- C:\windows\SYSWOW64\netplwiz.dll 2014-11-05 16:58:40 ----A---- C:\windows\system32\drivers\spaceport.sys 2014-11-05 16:58:39 ----A---- C:\windows\SYSWOW64\stobject.dll 2014-11-05 16:58:39 ----A---- C:\windows\system32\DevicePairing.dll 2014-11-05 16:58:38 ----A---- C:\windows\SYSWOW64\Magnify.exe 2014-11-05 16:58:38 ----A---- C:\windows\system32\AuthHost.exe 2014-11-05 16:58:37 ----A---- C:\windows\SYSWOW64\DevicePairing.dll 2014-11-05 16:58:37 ----A---- C:\windows\system32\taskhostex.exe 2014-11-05 16:58:36 ----A---- C:\windows\SYSWOW64\netprofm.dll 2014-11-05 16:58:36 ----A---- C:\windows\system32\drivers\hidusb.sys 2014-11-05 16:58:36 ----A---- C:\windows\system32\biwinrt.dll 2014-11-05 16:58:35 ----A---- C:\windows\SYSWOW64\biwinrt.dll 2014-11-05 16:58:34 ----A---- C:\windows\system32\bisrv.dll 2014-11-05 16:58:33 ----A---- C:\windows\system32\muifontsetup.dll 2014-11-05 16:58:32 ----A---- C:\windows\SYSWOW64\npmproxy.dll 2014-11-05 16:58:32 ----A---- C:\windows\SYSWOW64\nlmsprep.dll 2014-11-05 16:58:32 ----A---- C:\windows\SYSWOW64\nlmproxy.dll 2014-11-05 16:58:32 ----A---- C:\windows\SYSWOW64\muifontsetup.dll 2014-11-05 16:57:38 ----A---- C:\windows\system32\untfs.dll 2014-11-05 16:57:38 ----A---- C:\windows\system32\autochk.exe 2014-11-05 16:57:37 ----A---- C:\windows\SYSWOW64\untfs.dll 2014-11-05 16:57:37 ----A---- C:\windows\SYSWOW64\autochk.exe 2014-11-05 16:57:18 ----A---- C:\windows\SYSWOW64\msdrm.dll 2014-11-05 16:57:11 ----A---- C:\windows\system32\msdrm.dll 2014-11-05 16:56:40 ----A---- C:\windows\SYSWOW64\scrrun.dll 2014-11-05 16:56:40 ----A---- C:\windows\SYSWOW64\scrobj.dll 2014-11-05 16:56:40 ----A---- C:\windows\SYSWOW64\cscript.exe 2014-11-05 16:56:40 ----A---- C:\windows\system32\scrrun.dll 2014-11-05 16:56:40 ----A---- C:\windows\system32\scrobj.dll 2014-11-05 16:56:40 ----A---- C:\windows\system32\cscript.exe 2014-11-05 16:56:24 ----A---- C:\windows\SYSWOW64\wintrust.dll 2014-11-05 16:56:23 ----A---- C:\windows\SYSWOW64\apprepsync.dll 2014-11-05 16:56:23 ----A---- C:\windows\SYSWOW64\apprepapi.dll 2014-11-05 16:56:14 ----A---- C:\windows\system32\wintrust.dll 2014-11-05 16:56:14 ----A---- C:\windows\system32\cryptsvc.dll 2014-11-05 16:56:12 ----A---- C:\windows\system32\apprepsync.dll 2014-11-05 16:56:12 ----A---- C:\windows\system32\apprepapi.dll 2014-11-05 16:48:25 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe 2014-11-05 16:48:25 ----A---- C:\windows\system32\TsWpfWrp.exe 2014-11-05 15:57:24 ----D---- C:\ProgramData\McAfee 2014-11-05 12:50:26 ----A---- C:\windows\SYSWOW64\lpk.dll 2014-11-05 12:50:26 ----A---- C:\windows\SYSWOW64\fontsub.dll 2014-11-05 12:50:26 ----A---- C:\windows\SYSWOW64\dciman32.dll 2014-11-05 12:50:26 ----A---- C:\windows\SYSWOW64\atmlib.dll 2014-11-05 12:50:26 ----A---- C:\windows\SYSWOW64\atmfd.dll 2014-11-05 12:50:26 ----A---- C:\windows\system32\lpk.dll 2014-11-05 12:50:26 ----A---- C:\windows\system32\fontsub.dll 2014-11-05 12:50:26 ----A---- C:\windows\system32\dciman32.dll 2014-11-05 12:50:26 ----A---- C:\windows\system32\atmlib.dll 2014-11-05 12:50:26 ----A---- C:\windows\system32\atmfd.dll 2014-11-05 12:42:39 ----A---- C:\windows\SYSWOW64\DWrite.dll 2014-11-05 12:42:39 ----A---- C:\windows\system32\DWrite.dll 2014-11-05 12:42:38 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-11-05 12:42:38 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-11-05 12:42:37 ----A---- C:\windows\system32\pcasvc.dll 2014-11-05 12:42:37 ----A---- C:\windows\system32\pcadm.dll 2014-11-05 12:42:36 ----A---- C:\windows\system32\pcalua.exe 2014-11-05 12:42:36 ----A---- C:\windows\system32\pcaevts.dll 2014-11-05 12:41:36 ----A---- C:\windows\system32\drivers\usb8023.sys 2014-11-05 12:40:45 ----A---- C:\windows\system32\ntoskrnl.exe 2014-11-05 12:40:43 ----A---- C:\windows\system32\KernelBase.dll 2014-11-05 12:40:41 ----A---- C:\windows\system32\winlogon.exe 2014-11-05 12:40:41 ----A---- C:\windows\system32\sspicli.dll 2014-11-05 12:40:41 ----A---- C:\windows\system32\objsel.dll 2014-11-05 12:40:41 ----A---- C:\windows\system32\msv1_0.dll 2014-11-05 12:40:41 ----A---- C:\windows\system32\drivers\cng.sys 2014-11-05 12:40:40 ----A---- C:\windows\SYSWOW64\objsel.dll 2014-11-05 12:40:40 ----A---- C:\windows\SYSWOW64\msv1_0.dll 2014-11-05 12:40:40 ----A---- C:\windows\SYSWOW64\KernelBase.dll 2014-11-05 12:40:40 ----A---- C:\windows\system32\usercpl.dll 2014-11-05 12:40:40 ----A---- C:\windows\system32\drivers\ksecdd.sys 2014-11-05 12:40:40 ----A---- C:\windows\system32\dpapisrv.dll 2014-11-05 12:40:39 ----A---- C:\windows\SYSWOW64\wdigest.dll 2014-11-05 12:40:39 ----A---- C:\windows\SYSWOW64\usercpl.dll 2014-11-05 12:40:39 ----A---- C:\windows\SYSWOW64\TSpkg.dll 2014-11-05 12:40:39 ----A---- C:\windows\SYSWOW64\sspicli.dll 2014-11-05 12:40:39 ----A---- C:\windows\system32\wdigest.dll 2014-11-05 12:40:39 ----A---- C:\windows\system32\TSpkg.dll 2014-11-05 12:40:39 ----A---- C:\windows\system32\lsass.exe 2014-11-05 12:40:38 ----A---- C:\windows\SYSWOW64\dimsroam.dll 2014-11-05 12:40:38 ----A---- C:\windows\SYSWOW64\credssp.dll 2014-11-05 12:40:38 ----A---- C:\windows\system32\workerdd.dll 2014-11-05 12:40:38 ----A---- C:\windows\system32\sspisrv.dll 2014-11-05 12:40:38 ----A---- C:\windows\system32\dimsroam.dll 2014-11-05 12:40:38 ----A---- C:\windows\system32\credssp.dll 2014-11-05 12:39:40 ----A---- C:\windows\system32\drivers\USBXHCI.SYS 2014-11-05 12:39:40 ----A---- C:\windows\system32\drivers\USBHUB3.SYS 2014-11-05 12:39:40 ----A---- C:\windows\system32\drivers\UCX01000.SYS 2014-11-05 12:39:39 ----A---- C:\windows\SYSWOW64\d2d1.dll 2014-11-05 12:39:39 ----A---- C:\windows\system32\d2d1.dll 2014-11-05 12:39:37 ----A---- C:\windows\system32\drivers\afd.sys 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnsvr.exe 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnlobby.dll 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnhupnp.dll 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnhpast.dll 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnet.dll 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnathlp.dll 2014-11-05 12:39:32 ----A---- C:\windows\SYSWOW64\dpnaddr.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnsvr.exe 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnlobby.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnhupnp.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnhpast.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnet.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnathlp.dll 2014-11-05 12:39:32 ----A---- C:\windows\system32\dpnaddr.dll 2014-11-05 12:39:17 ----A---- C:\windows\SYSWOW64\qedit.dll 2014-11-05 12:39:17 ----A---- C:\windows\system32\qedit.dll 2014-11-05 12:38:55 ----A---- C:\windows\system32\drivers\http.sys 2014-11-05 12:38:54 ----A---- C:\windows\SYSWOW64\d3d11.dll 2014-11-05 12:38:54 ----A---- C:\windows\system32\d3d11.dll 2014-11-05 12:38:51 ----A---- C:\windows\SYSWOW64\WMPhoto.dll 2014-11-05 12:38:51 ----A---- C:\windows\system32\WMPhoto.dll 2014-11-05 12:38:48 ----A---- C:\windows\SYSWOW64\esent.dll 2014-11-05 12:38:47 ----A---- C:\windows\system32\esent.dll 2014-11-05 12:38:36 ----A---- C:\windows\system32\rpcrt4.dll 2014-11-05 12:38:35 ----A---- C:\windows\SYSWOW64\rpcrt4.dll 2014-11-05 12:38:25 ----A---- C:\windows\system32\drivers\portcls.sys 2014-11-05 12:38:25 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS 2014-11-05 12:38:24 ----A---- C:\windows\system32\SysFxUI.dll 2014-11-05 12:38:24 ----A---- C:\windows\system32\drivers\drmkaud.sys 2014-11-05 12:38:24 ----A---- C:\windows\system32\drivers\drmk.sys 2014-11-05 12:38:23 ----A---- C:\windows\SYSWOW64\cryptdlg.dll 2014-11-05 12:38:23 ----A---- C:\windows\system32\cryptdlg.dll 2014-11-05 12:38:16 ----A---- C:\windows\system32\actxprxy.dll 2014-11-05 12:38:15 ----A---- C:\windows\SYSWOW64\actxprxy.dll 2014-11-05 12:38:14 ----A---- C:\windows\system32\drivers\pdc.sys 2014-11-05 12:38:14 ----A---- C:\windows\system32\consent.exe 2014-11-05 12:38:14 ----A---- C:\windows\system32\appinfo.dll 2014-11-05 12:38:01 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll 2014-11-05 12:38:01 ----A---- C:\windows\system32\WindowsCodecs.dll 2014-11-05 12:37:58 ----A---- C:\windows\SYSWOW64\msxml3r.dll 2014-11-05 12:37:58 ----A---- C:\windows\system32\msxml3r.dll 2014-11-05 12:37:52 ----A---- C:\windows\system32\VmHostAI.dll 2014-11-05 12:37:52 ----A---- C:\windows\system32\RDWebAI.dll 2014-11-05 12:37:52 ----A---- C:\windows\system32\appserverai.dll 2014-11-05 12:37:51 ----A---- C:\windows\SYSWOW64\poqexec.exe 2014-11-05 12:37:41 ----A---- C:\windows\system32\msxml6.dll 2014-11-05 12:37:40 ----A---- C:\windows\SYSWOW64\msxml6.dll 2014-11-05 12:37:39 ----A---- C:\windows\SYSWOW64\msxml6r.dll 2014-11-05 12:37:39 ----A---- C:\windows\system32\msxml6r.dll 2014-11-05 12:37:37 ----A---- C:\windows\SYSWOW64\tzres.dll 2014-11-05 12:37:37 ----A---- C:\windows\system32\tzres.dll 2014-11-05 12:37:13 ----A---- C:\windows\SYSWOW64\msieftp.dll 2014-11-05 12:37:13 ----A---- C:\windows\system32\msieftp.dll 2014-11-05 12:29:54 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys 2014-11-05 12:29:42 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-05 12:29:42 ----A---- C:\windows\system32\drivers\mwac.sys 2014-11-05 12:29:42 ----A---- C:\windows\system32\drivers\mbamchameleon.sys 2014-11-05 12:26:09 ----D---- C:\Users\Ellen\AppData\Roaming\Malwarebytes 2014-11-05 12:24:46 ----D---- C:\ProgramData\Malwarebytes 2014-11-05 12:24:43 ----A---- C:\windows\system32\drivers\mbam.sys 2014-11-05 12:13:18 ----D---- C:\windows\AutoKMS 2014-11-05 12:07:21 ----D---- C:\Program Files (x86)\Google 2014-11-05 12:05:15 ----D---- C:\Users\Ellen\AppData\Roaming\uTorrent 2014-11-05 11:57:21 ----D---- C:\Users\Ellen\AppData\Roaming\Auslogics 2014-11-05 11:57:20 ----AD---- C:\ProgramData\TEMP 2014-11-05 11:57:14 ----D---- C:\Program Files (x86)\Auslogics 2014-11-05 05:02:37 ----ASH---- C:\swapfile.sys 2014-11-05 05:02:36 ----SHD---- C:\System Volume Information 2014-11-05 05:02:36 ----ASH---- C:\pagefile.sys 2014-11-05 05:02:35 ----ASH---- C:\hiberfil.sys 2014-11-05 05:02:20 ----A---- C:\Recovery.txt 2014-11-04 23:02:38 ----D---- C:\sources 2014-11-04 22:40:15 ----A---- C:\windows\SYSWOW64\wups.dll 2014-11-04 22:40:14 ----A---- C:\windows\system32\wushareduxresources.dll 2014-11-04 22:40:14 ----A---- C:\windows\system32\wups2.dll 2014-11-04 22:40:14 ----A---- C:\windows\system32\wups.dll 2014-11-04 22:32:23 ----D---- C:\ProgramData\Microsoft Help 2014-11-04 22:31:30 ----D---- C:\Users\Ellen\AppData\Roaming\LSC 2014-11-04 22:24:08 ----D---- C:\Users\Ellen\AppData\Roaming\Nitro PDF 2014-11-04 22:23:52 ----D---- C:\Users\Ellen\AppData\Roaming\Lenovo 2014-11-04 22:23:07 ----D---- C:\Users\Ellen\AppData\Roaming\Adobe 2014-11-04 22:23:01 ----D---- C:\Users\Ellen\AppData\Roaming\Synaptics 2014-11-04 22:21:29 ----D---- C:\AuthLog 2014-11-04 22:19:23 ----SD---- C:\Users\Ellen\AppData\Roaming\Microsoft 2014-11-04 22:19:23 ----D---- C:\Users\Ellen\AppData\Roaming\Macromedia ======List of files/folders modified in the last 1 month====== 2014-11-27 17:15:56 ----RD---- C:\Program Files 2014-11-27 17:15:44 ----D---- C:\windows\Prefetch 2014-11-27 17:00:02 ----D---- C:\windows\system32\sru 2014-11-27 16:57:28 ----D---- C:\windows\Temp 2014-11-27 16:57:26 ----AD---- C:\Windows 2014-11-27 16:42:25 ----D---- C:\ProgramData\PRICache 2014-11-27 16:42:20 ----D---- C:\windows\system32\config 2014-11-27 16:41:50 ----D---- C:\windows\Microsoft.NET 2014-11-27 16:41:44 ----D---- C:\windows\WinSxS 2014-11-27 16:41:36 ----D---- C:\windows\SysWOW64 2014-11-27 16:40:11 ----D---- C:\windows\System32 2014-11-27 16:37:30 ----D---- C:\windows\SYSWOW64\nl-NL 2014-11-27 16:37:29 ----D---- C:\windows\system32\nl-NL 2014-11-27 16:37:26 ----D---- C:\windows\system32\Drivers 2014-11-27 16:37:22 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-27 16:37:21 ----D---- C:\Program Files\Internet Explorer 2014-11-27 16:37:20 ----D---- C:\windows\WinStore 2014-11-27 16:36:45 ----D---- C:\windows\SYSWOW64\migration 2014-11-27 16:36:44 ----D---- C:\windows\system32\wbem 2014-11-27 16:36:44 ----D---- C:\windows\system32\migration 2014-11-27 16:36:33 ----D---- C:\windows\Inf 2014-11-27 16:36:27 ----D---- C:\windows\PolicyDefinitions 2014-11-27 16:36:14 ----RD---- C:\windows\ToastData 2014-11-27 16:35:26 ----D---- C:\Program Files\Windows Defender 2014-11-27 16:35:26 ----D---- C:\Program Files (x86)\Windows Defender 2014-11-27 16:35:22 ----D---- C:\windows\system32\SecureBootUpdates 2014-11-27 16:35:22 ----D---- C:\windows\apppatch 2014-11-27 16:34:34 ----A---- C:\windows\SYSWOW64\log.txt 2014-11-27 16:34:16 ----D---- C:\windows\system32\DriverStore 2014-11-27 16:33:35 ----D---- C:\windows\system32\drivers\UMDF 2014-11-27 16:26:04 ----D---- C:\windows\debug 2014-11-27 16:04:08 ----A---- C:\ProgramData\MH_ErrorLog.txt 2014-11-27 14:05:38 ----D---- C:\windows\system32\NDF 2014-11-27 03:18:02 ----D---- C:\windows\CbsTemp 2014-11-22 13:12:47 ----D---- C:\windows\system32\wdi 2014-11-20 14:57:10 ----RD---- C:\Program Files (x86) 2014-11-20 14:57:08 ----SHD---- C:\windows\Installer 2014-11-19 16:39:37 ----D---- C:\windows\system32\catroot2 2014-11-17 18:17:09 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-11-16 22:13:24 ----D---- C:\windows\Tasks 2014-11-11 18:29:55 ----D---- C:\windows\rescache 2014-11-11 18:28:44 ----D---- C:\windows\Logs 2014-11-11 18:26:20 ----RSD---- C:\windows\assembly 2014-11-11 18:09:23 ----D---- C:\Program Files\Windows Journal 2014-11-11 17:59:33 ----D---- C:\windows\system32\Tasks 2014-11-11 17:44:43 ----RSD---- C:\windows\Fonts 2014-11-11 17:44:43 ----D---- C:\windows\SYSWOW64\wbem 2014-11-11 17:44:43 ----D---- C:\windows\system32\Boot 2014-11-11 17:44:03 ----D---- C:\windows\SYSWOW64\Dism 2014-11-11 17:44:03 ----D---- C:\Program Files\Windows Photo Viewer 2014-11-11 17:44:03 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2014-11-11 17:44:02 ----D---- C:\windows\system32\Dism 2014-11-06 21:11:43 ----SD---- C:\ProgramData\Microsoft 2014-11-05 19:36:00 ----A---- C:\windows\win.ini 2014-11-05 19:35:52 ----D---- C:\windows\ShellNew 2014-11-05 19:18:44 ----D---- C:\Program Files (x86)\Common Files 2014-11-05 19:18:20 ----D---- C:\Program Files (x86)\Microsoft Office 2014-11-05 19:18:17 ----D---- C:\Program Files (x86)\Microsoft.NET 2014-11-05 19:16:44 ----D---- C:\Program Files\Common Files\microsoft shared 2014-11-05 18:57:14 ----D---- C:\windows\SoftwareDistribution 2014-11-05 18:52:14 ----D---- C:\windows\Panther 2014-11-05 18:48:47 ----AHD---- C:\ProgramData 2014-11-05 17:12:12 ----D---- C:\windows\servicing 2014-11-05 16:50:06 ----D---- C:\windows\system32\oobe 2014-11-05 16:37:37 ----D---- C:\ProgramData\Adobe 2014-11-05 15:56:35 ----D---- C:\Program Files (x86)\Adobe 2014-11-05 12:43:54 ----D---- C:\ProgramData\Norton 2014-11-05 12:02:00 ----HD---- C:\windows\ELAMBKUP 2014-11-05 12:01:59 ----D---- C:\Program Files\Common Files 2014-11-05 11:58:46 ----SD---- C:\windows\Downloaded Program Files 2014-11-05 01:14:13 ----D---- C:\Program Files (x86)\Windows Media Player 2014-11-05 01:14:13 ----D---- C:\Program Files (x86)\Windows Mail 2014-11-05 01:14:11 ----D---- C:\Program Files\Windows Mail 2014-11-05 01:14:10 ----D---- C:\Program Files\Windows Media Player 2014-11-05 01:14:06 ----D---- C:\windows\fr-FR 2014-11-05 01:13:45 ----D---- C:\windows\SYSWOW64\winrm 2014-11-05 01:13:45 ----D---- C:\windows\SYSWOW64\oobe 2014-11-05 01:13:45 ----D---- C:\windows\SYSWOW64\migwiz 2014-11-05 01:13:45 ----D---- C:\windows\SYSWOW64\fr-FR 2014-11-05 01:13:24 ----D---- C:\windows\SYSWOW64\XPSViewer 2014-11-05 01:13:24 ----D---- C:\windows\SYSWOW64\sysprep 2014-11-05 01:13:24 ----D---- C:\windows\SYSWOW64\slmgr 2014-11-05 01:13:24 ----D---- C:\windows\SYSWOW64\drivers 2014-11-05 01:13:23 ----D---- C:\windows\SYSWOW64\WCN 2014-11-05 01:13:23 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts 2014-11-05 01:13:23 ----D---- C:\windows\SYSWOW64\MUI 2014-11-05 01:13:23 ----D---- C:\windows\SYSWOW64\drivers\UMDF 2014-11-05 01:13:21 ----D---- C:\windows\SYSWOW64\Com 2014-11-05 01:13:16 ----RD---- C:\windows\ImmersiveControlPanel 2014-11-05 01:13:14 ----D---- C:\windows\system32\winrm 2014-11-05 01:13:14 ----D---- C:\windows\system32\migwiz 2014-11-05 01:13:14 ----D---- C:\windows\system32\fr-FR 2014-11-05 01:11:48 ----D---- C:\windows\system32\Sysprep 2014-11-05 01:11:48 ----D---- C:\windows\system32\slmgr 2014-11-05 01:11:42 ----D---- C:\windows\system32\WCN 2014-11-05 01:11:13 ----D---- C:\windows\system32\Printing_Admin_Scripts 2014-11-05 01:11:04 ----D---- C:\windows\system32\SystemResetPlatform 2014-11-05 01:11:04 ----D---- C:\windows\system32\Com 2014-11-05 01:00:34 ----D---- C:\windows\AUInstallAgent 2014-11-05 01:00:15 ----HD---- C:\Program Files\WindowsApps 2014-11-05 00:14:47 ----SHD---- C:\$Recycle.Bin 2014-11-05 00:08:33 ----D---- C:\windows\SYSWOW64\it-IT 2014-11-05 00:08:33 ----D---- C:\windows\it-IT 2014-11-05 00:05:00 ----D---- C:\windows\SYSWOW64\en-US 2014-11-05 00:04:35 ----D---- C:\windows\en-US 2014-11-05 00:02:48 ----D---- C:\windows\system32\MUI 2014-11-04 23:06:01 ----D---- C:\windows\SYSWOW64\de-DE 2014-11-04 23:06:01 ----D---- C:\windows\de-DE 2014-11-04 23:05:14 ----D---- C:\windows\system32\de-DE 2014-11-04 22:42:42 ----D---- C:\windows\system32\it-IT 2014-11-04 22:42:40 ----D---- C:\windows\system32\en-US 2014-11-04 22:31:04 ----D---- C:\windows\system32\restore 2014-11-04 22:25:53 ----D---- C:\windows\system32\LogFiles 2014-11-04 22:19:23 ----RD---- C:\Users ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952] R1 TPPWRIF;TPPWRIF; C:\windows\System32\drivers\Tppwr64v.sys [2012-08-29 20328] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000] R3 AmUStor;@oem4.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-07-20 100992] R3 bcbtums;@oem14.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-08-17 164152] R3 BCM43XX;@oem16.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2013-01-12 6824520] R3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2012-09-20 51712] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-09-20 74752] R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-08-10 158008] R3 btwaudio;@oem9.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-07-26 186680] R3 btwavdt;@oem9.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\windows\System32\drivers\btwavdt.sys [2012-07-26 212792] R3 btwl2cap;@oem12.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248] R3 btwrchid;btwrchid; C:\windows\System32\drivers\btwrchid.sys [2012-07-26 22328] R3 IBMPMDRV;IBMPMDRV; C:\windows\system32\DRIVERS\ibmpmdrv.sys [2012-08-15 42344] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-24 9000256] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-08-21 4106256] R3 IntcDAud;@oem19.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528] R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-10-01 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-27 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-10-01 64216] R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672] R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-12 683664] R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-16 43832] R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-08-16 447800] R3 vm331avs;@oem17.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2012-09-05 981112] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-09-20 1171968] S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824] S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672] S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-09-20 210304] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BcmBtRSupport;@oem14.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\windows\system32\BtwRSupportService.exe [2012-08-17 2252600] R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2012-08-17 953720] R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] S4 cphs;Intel® Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-26 276288] S4 FPLService;TrueSuiteService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2012-08-31 2139496] S4 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05 107912] S4 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05 107912] S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120] S4 IBMPMSVC;@oem2.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\windows\system32\ibmpmsvc.exe [2012-08-15 49544] S4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] S4 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896] S4 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760] S4 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2012-08-16 559504] S4 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2012-08-13 78432] S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-24 127072] S4 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-08-13 72288] S4 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2012-08-13 222304] S4 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288] S4 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 276864] S4 LnvHotSpotSvc;LnvMHService; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2012-08-20 457824] S4 LocationTaskManager;Location Task Manager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2012-08-15 458336] S4 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-08-31 228872] S4 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2012-08-31 69640] S4 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-08-29 1692552] S4 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2012-08-16 21928] S4 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2012-05-29 147040] S4 TrueService;TrueAPI Service component; C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-07-16 401256] S4 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 364416] -----------------EOF-----------------

vannacht stond mijn laptop op standby. Toen ik hem vanmorgen wou gebruiken stond de laptop op een zwart scherm. Ik kon hem niet meer normaal opstarten, want hij reageerde niet. Ik heb de laptop uitgezet en het opnieuw geprobeerd maar hij liep weer vast. Vervolgens opnieuw opgestart en veilige modus, dit lukte wel. Vervolgens met systeemherstel de pc proberen terug te zetten naar een punt voor de problemen. (er was blijkbaar een update om 3 uur snachts die nacht, misschien dat hier de problemen zijn ontstaan?). Dit werkte ook niet, hij bleef weer hangen op een zwart scherm. Toen weer uitgedrukt en het opnieuw geprobeerd. Systeem werkte niet meer bestanden corrupt er waren geen herstel punten meer. Ik zag dat mijn antivirus programma verwijderd was. Ik heb deze opnieuw geinstalleerd en ben deze nu aan het draaien. Hierbij een hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:20:18, on 13-6-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19418) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe D:\Progam Files\uTorrent-3.3 (1).exe D:\Progam Files\Malwarebytes' Anti-Malware\mbam.exe D:\Progam Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.hanze.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Progam Files\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Progam Files\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Progam Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\Users\Ellen\AppData\Local\Temp\MsgPlusUninstall.exe" /Cleanup O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-nl.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - MSN Games - Free Online Games O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: Google Updateservice (gupdate1c9950031d30f40) (gupdate1c9950031d30f40) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Progam Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Progam Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Scrybe-updateprogramma (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 9542 bytes Hopelijk kunnen jullie mij verder helpen! Alvast bedankt!

Heb combofix ook maar gedraaid, aangezien dit mij eerder heeft geholpen. River nile zit er nog steeds in, wat een irritant programma is dat zeg. Hoe kom je aan dat virus? en hoe voorkom ik dat die weer in mijn pc komt? Het logje van combofix: ComboFix 13-04-20.02 - Dennis 20-04-2013 21:55:13.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8125.6769 [GMT 2:00] Gestart vanuit: c:\users\Dennis\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2013-03-20 to 2013-04-20 )))))))))))))))))))))))))))))) . . 2013-04-20 19:39 . 2013-04-20 19:36 24064 ----a-w- c:\windows\zoek-delete.exe 2013-04-19 07:50 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E3B116CA-8244-4D37-A453-188DF90DB547}\mpengine.dll 2013-04-17 10:35 . 2013-04-17 10:35 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-04-06 09:35 . 2013-04-06 09:35 388096 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-04-06 09:35 . 2013-04-06 09:35 -------- d-----w- c:\program files (x86)\Trend Micro 2013-04-06 01:03 . 2013-04-06 01:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2013-04-06 01:00 . 2013-04-06 01:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-05 22:57 . 2013-04-05 22:57 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2013-04-05 22:54 . 2013-04-05 22:54 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-05 22:54 . 2013-04-05 22:54 -------- d-----w- c:\program files (x86)\Java 2013-04-05 22:37 . 2013-04-20 19:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-04-05 22:37 . 2013-04-05 23:00 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2013-04-03 09:52 . 2013-04-03 09:52 -------- d-----w- c:\program files (x86)\evry 2013-04-03 09:52 . 2013-04-03 09:52 -------- d-----w- C:\Ensemble 2013-04-03 09:37 . 2013-04-04 09:09 -------- d-----w- c:\windows\AutoKMS 2013-04-03 09:31 . 2013-04-03 09:31 -------- d-----w- c:\programdata\Microsoft Toolkit 2013-04-03 07:42 . 2013-04-03 07:42 -------- d-----w- c:\program files (x86)\Samsung Magician 2013-04-03 07:42 . 2013-04-03 07:42 -------- d-----w- c:\programdata\Samsung 2013-04-03 07:24 . 2013-04-03 07:24 -------- d-----w- c:\program files (x86)\Auslogics 2013-04-03 07:14 . 2013-04-03 07:14 -------- d-----w- c:\program files\Speccy 2013-03-29 13:32 . 2013-03-29 13:32 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-03-29 13:32 . 2013-03-29 13:32 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite 2013-03-26 00:18 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-22 22:11 . 2013-03-22 22:39 -------- d-----w- c:\program files (x86)\Diablo III 2013-03-22 22:10 . 2013-03-22 22:10 -------- d-----w- c:\programdata\Battle.net . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-11 22:00 . 2013-01-28 14:56 72702784 ----a-w- c:\windows\system32\MRT.exe 2013-04-05 22:54 . 2013-01-28 14:10 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-04-04 12:50 . 2013-02-02 13:28 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-14 12:45 . 2013-03-14 12:45 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat 2013-03-14 12:45 . 2013-03-14 12:45 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2013-03-12 21:48 . 2013-01-28 14:10 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-12 21:48 . 2013-01-28 14:10 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-11 23:10 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe 2013-02-13 00:26 . 2013-02-13 00:26 28544 ----a-w- c:\windows\system32\xfcodec64.dll 2013-02-12 05:45 . 2013-03-14 08:11 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-14 08:11 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-14 08:11 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-14 08:11 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-14 08:11 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-14 08:11 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-28 14:26 . 2013-01-28 14:10 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify"="c:\users\Dennis\AppData\Roaming\Spotify\spotify.exe" [2013-04-17 4555776] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024] "Spotify Web Helper"="c:\users\Dennis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-04-17 1105408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x] R3 NTIOLib_1_0_C;NTIOLib_1_0_C;D:\NTIOLib_X64.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-28 1255736] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-29 283200] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256] S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632] S3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968] . . Inhoud van de 'Gedeelde Taken' map . 2013-04-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-28 21:48] . . --------- X64 Entries ----------- . . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default\ FF - prefs.js: browser.startup.homepage - hxxps://duckduckgo.com/ FF - ExtSQL: 2013-02-27 11:38; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-04-06 00:40; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi FF - ExtSQL: 2013-04-06 00:51; trackerblock@privacychoice.org; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default\extensions\trackerblock@privacychoice.org.xpi . - - - - ORPHANS VERWIJDERD - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-04-20 21:58:08 ComboFix-quarantined-files.txt 2013-04-20 19:58 . Pre-Run: 62.735.011.840 bytes beschikbaar Post-Run: 62.461.902.848 bytes beschikbaar . - - End Of File - - DBC298AF9C0B7BCE1E91A1316D50AF7A

Zoek.exe Version 4.0.0.2 Updated 17-April-2013 Tool run by Dennis on za 20-04-2013 at 21:36:33,58. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Dennis\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-04-11 08:31:59 3275F17533CB1599841AAABA3C8D3E8E 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-04-11 08:31:58 BFDD0C5F3E435596F197F003609989C4 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-04-11 08:31:58 B5DEC0D4CBBC333CA99FE10B06D4747E 2046464 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-04-11 08:31:58 B5D742C535D37A7DA0649E03B32CAD80 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-04-11 08:31:58 A7CFDA703AF9AD409DAA521487E0CB53 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-04-11 08:31:58 90F785F7594E3AF23D4392677042BE9A 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-04-11 08:31:58 3FA7F736B877B46EDF1EE6BE6051848D 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-04-11 08:31:58 1B6A7D965462BE6220727721A4CDB247 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-04-11 08:31:57 69CB1A65B835EE6ADF9E16ED6D443072 1129984 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-04-11 08:31:56 9B59687619B27CDA24638CDC3AF079FB 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-04-11 08:31:56 6EF6B6EACCA13DD6131624E0DD5C14A3 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-04-11 08:31:55 CFE0CEE587F9CEA4C29DEEC6D85FC91C 1766912 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-04-11 08:31:55 87B775A458A73BB7381E5B67B5652496 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-04-11 08:31:54 0B6118058942961D504AAEA04FECB116 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-04-11 08:31:53 D017BF8D92938EEB9B3A1D1C53FDA152 14323200 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-04-11 08:31:32 2DFAB8C3C394E95D262E1325BDA5DFE4 3913560 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-11 08:31:31 88355CFE81D381F93C74716DAA803587 3968856 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-11 08:31:31 7F21DA4760CE9B4B1B12CBC58C2A642A 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-04-20 07:38:22 7DCB4EF2FC4591C3C5FF7FB5B2C3CAA1 418088 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2013-04-11 08:31:59 E198851141465033273480C5EEAD5DE5 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-04-11 08:31:58 F03E5925B7E99800B8BFE1332556E1E2 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-04-11 08:31:58 F021824E70447D98DB6CCED4456A0891 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-04-11 08:31:58 A89103864B67CE1ED3BB5D48569D3D94 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-04-11 08:31:58 82F604599DE379AA539EE2DF48399DC5 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-04-11 08:31:58 38BEBBC4CF9FE6566262F0037DF843BF 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-04-11 08:31:58 268E23EAEDF3FAF87A7A87F0257C9E87 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-04-11 08:31:58 1C3C4D34DCF354620B76B42620B4DFAD 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-04-11 08:31:57 85F1FE2D5EDBFD26066F5ABB9504A69C 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-04-11 08:31:57 29812E9971077BE3F8B9DC225CF9D454 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-04-11 08:31:56 DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-04-11 08:31:56 8C1EFE99D4C9462EF2E10E7140B44D4A 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-04-11 08:31:55 753C0848AE7872A3F59663078A517293 2240512 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-04-11 08:31:55 194125E7839D4902F2490A70049E8F78 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-04-11 08:31:54 D744D5B8145C2303B19A288AF695E9AD 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-04-11 08:31:52 394ECD933CD66BADF97EA85A183B9E1E 19230208 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-04-11 08:31:32 AC3232ED772403D38D64C18CD5A66FBD 5550424 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-04-11 08:31:32 86F96630D28523F1C402C783F046DEF1 3153408 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-04-11 08:31:31 F0371DE302FFFF8F086661611BE60848 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2013-04-11 08:31:31 CEC1EDF4022DC4DCA40384DCEC672B0E 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll ====== C:\Windows\Sysnative\drivers ===== 2013-04-11 08:31:32 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2013-03-29 13:32:05 46571ED73AE84469DCA53081D33CF3C8 283200 ----a-w- C:\Windows\Sysnative\drivers\dtsoftbus01.sys 2013-03-26 00:18:22 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-04-03 07:14:48 -------- d-----w- C:\Program Files\Speccy ======= C:\Program Files (x86) ===== 2013-04-17 10:35:56 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2013-04-06 09:35:58 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-04-05 22:57:48 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe 2013-04-05 22:57:48 -------- d-----w- C:\Program Files (x86)\Adobe 2013-04-05 22:37:59 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2013-04-03 09:52:34 -------- d-----w- C:\Program Files (x86)\evry 2013-04-03 07:42:08 -------- d-----w- C:\Program Files (x86)\Samsung Magician 2013-03-29 13:32:03 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2013-03-22 22:11:12 -------- d-----w- C:\Program Files (x86)\Diablo III ======= C: ===== ====== C:\Users\Dennis\AppData\Roaming ====== 2013-04-06 01:03:47 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help 2013-04-06 01:03:47 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help ====== C:\Users\Dennis ====== 2013-04-05 22:38:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2013-04-05 22:37:59 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-04-03 09:31:58 -------- d-----w- C:\ProgramData\Microsoft Toolkit 2013-04-03 07:42:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2013-04-03 07:42:08 -------- d-----w- C:\ProgramData\Samsung 2013-03-22 22:11:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2013-03-22 22:10:31 -------- d-----w- C:\ProgramData\Battle.net ====== C: exe-files == === C: other files == 2013-04-19 22:17:42 3DF04E8FE2E8BA65543943740EDA4A6E 401 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\RiverNileCasino8.zip 2013-04-19 22:06:50 5AF94F87E6B57D579D59333979877C14 2292589 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\Updates\includes.zip 2013-04-19 22:06:49 4E63F3992D930A7347383F5202908B6F 929837 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\Updates\supplemental.zip 2013-04-19 22:06:48 9A2F4425500F5B4BC3EDE0CAB3C41445 238288 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\Updates\includes.spybots.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2213299290-1646557224-3230048632-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Dennis\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\Dennis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Dennis\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Dennis\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\Dennis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Dennis\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2013 23:48] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default - PrivacyChoice TrackerBlock - %ProfilePath%\extensions\trackerblock@privacychoice.org.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\ykx4cynv.default 47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\Dennis\AppData\Local\Mozilla\Firefox\Profiles\ykx4cynv.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Dennis\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied - - - Updated - - - spybot geeft aan dat rivernile er nog steeds in zit. Ik heb het niet in safemode gedraaid btw, weet niet in hoeverre dit uitmaakt.

Spybotsearch and destroy geeft het volgende virus aan: RiverNileCasino 1 entry PUPSC Enig idee hoe ik dit virus weg kan krijgen? hijack this log erbij voor het geval dat dat nodig is: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:53:08, on 20-4-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Users\Dennis\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Dennis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKCU\..\Run: [spotify] "C:\Users\Dennis\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Dennis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7670 bytes Alvast heel erg bedankt!

Bij het opnieuw installeren van windows xp is de pc helaas gesneuveld. Hij doet helemaal niets meer. Helaas. Maar het was toch altijd voor een nieuwe. Bedankt voor al je hulp Kape!

Zoek.exe Version 4.0.0.2 Updated 13-April-2013 Tool run by JeroenvanDuren on 11/04/2013 at 10:27:31.12. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\spotify.exe C:\Documents and Settings\JeroenvanDuren\Mijn documenten\Downloads\zoek.exe ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Apple Software Update Asus ACPI Driver ASUSUpdate for Eee PC Atheros Client Installation Program Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver µTorrent Auslogics BoostSpeed Azurewave Wireless LAN Card Beveiligingsupdate voor Windows Internet Explorer 7 (KB2183461) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2360131) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2416400) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2799329) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB974455) Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2817183) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Beveiligingsupdate voor Windows XP (KB2808735) Beveiligingsupdate voor Windows XP (KB2813170) Beveiligingsupdate voor Windows XP (KB2813345) Beveiligingsupdate voor Windows XP (KB2820917) Canon ScanGear Starter CCleaner Compatibiliteitspakket voor het 2007 Microsoft Office system Data Sync DivX Plus Web Player Eee Docking 1.3.1.0 EeePC_1005HA Screen Saver EeeSplendid FontResizer Google Update Helper HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix voor Windows Internet Explorer 7 (KB947864) Intel® Graphics Media Accelerator Driver Java 7 Update 17 Java Auto Updater Java 6 Update 29 Junk Mail filter update K-Lite Codec Pack 6.5.0 (Basic) Malwarebytes Anti-Malware versie 1.70.0.1100 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (Dutch) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Mozilla Firefox 19.0.2 (x86 nl) MSVCRT Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UI Skype™ 5.10 Speccy Spotify Super Hybrid Engine Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update voor Windows Internet Explorer 7 (KB976749) Update voor Windows Internet Explorer 7 (KB980182) Update voor Windows Internet Explorer 8 (KB2598845) Update voor Windows XP (KB2492386) USB2.0 UVC Camera Device VC80CRTRedist - 8.0.50727.4053 VLC media player 1.1.5 WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 WinRAR 4.11 (32-bit) ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSHX deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AVGIDSHX deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSShim deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AVGIDSShim deleted successfully ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\prefs.js: Added to C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\jetpack" deleted ==== System Specs ====================== Windows: Windows XP Home Edition Service Pack 3 (Build 2600) Internet Explorer: 8.0.6001.18702 Memory (RAM): 1016 MB CPU Info: Intel® Atom CPU N270 @ 1.60GHz CPU Speed: 1566.0 MHz Sound Card: Realtek HD Audio output | Display Adapters: Mobile Intel® 945 Express Chipset Family | Mobile Intel® 945 Express Chipset Family | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Digitaal LCD-scherm (1024x768) | Digitaal LCD-scherm (1024x768) | Screen Resolution: 1024 X 600 - 32 bit Network: Network Present Network Adapters: Atheros AR8132 PCI-E Fast Ethernet Controller - Pakketplanner-minipoort | Atheros AR9285 Wireless Network Adapter - Pakketplanner-minipoort CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 72.1GB | D: 72.1GB Hard Disks - Free: C: 32.6GB | D: 72.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/24/09 | A_M_I_ - 7000924 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. 1005HA Sun Java version: 1.7.0_17 Country: Verenigd Koninkrijk Language: ENG ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-03-29 21:27:13 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2013-03-29 21:27:13 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2013-03-29 21:27:13 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2013-03-29 21:27:13 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2013-03-29 21:27:13 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe 2013-03-29 19:17:32 A698AA267F5597C2C7F59D294E78A393 1374 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\JEROEN~1\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== 2013-04-10 20:05:15 B253322243140638CE19F628D278438D 184320 ----a-w- C:\WINDOWS\System32\SET35.tmp 2013-04-10 20:05:15 6CC90E5A54231908F7AF720DE188711F 630272 ----a-w- C:\WINDOWS\System32\SET30.tmp 2013-04-10 20:05:15 175DD046B1333A0FED3C37FEA9CDBA35 2004992 ----a-w- C:\WINDOWS\System32\SET34.tmp 2013-04-10 20:05:14 AB53F82857878CA1BE2CA0119C97773A 55296 ----a-w- C:\WINDOWS\System32\SET2F.tmp 2013-04-10 20:05:14 97B97DA5FBB71B2F379F7B26D6CA184B 105984 ----a-w- C:\WINDOWS\System32\SET2A.tmp 2013-04-10 20:05:11 66C483FD3EF382EA2B049B2831E23AA0 916480 ----a-w- C:\WINDOWS\System32\SET28.tmp 2013-04-10 20:05:11 31925230DC16721EC8C1F03123B11444 1212928 ----a-w- C:\WINDOWS\System32\SET29.tmp 2013-04-10 20:05:11 0419CEAD46E9E7D106C63A101B9A3B36 6012416 ----a-w- C:\WINDOWS\System32\SET2E.tmp 2013-04-10 20:05:10 8C63E848CFE5377F754AE41EC2278F22 11111424 ----a-w- C:\WINDOWS\System32\SET36.tmp 2013-03-28 21:43:06 CA9F4B5957EC8179FDC97376FDE53B94 186608 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT 2013-03-28 20:56:56 350C713C2D9B9F5549C50A8D3924E789 94112 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2013-03-28 11:37:45 229770FF9B87160AC3C22517BBFE6BF4 691592 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== 2069-03-05 10:37:45 8B6D38199C15ACE96931D73BE380D847 902 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2069-03-05 10:37:44 74B02DB465D844209351CF2E089C97EF 898 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-03-28 11:37:47 D2CD7B84975C58FBD08FBD6B44F51CB1 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2069-03-05 10:37:27 -------- d-----w- C:\Program Files\Google 2069-03-05 08:36:16 -------- d-----w- C:\Program Files\uTorrent 2013-03-29 20:45:48 -------- d-----w- C:\Program Files\Speccy 2013-03-29 09:48:01 -------- d-----w- C:\Program Files\Trend Micro ======= C: ===== 2013-03-29 21:28:42 17D7055859D99A0D606CFAF17AE38638 211 ----a-w- C:\Boot.bak 2013-03-29 21:28:39 271E9B6A3AEC7BCA63D9231A4B3575C0 261936 --sha-r- C:\cmldr 2013-03-29 11:53:37 6246D53D2FB83F3CA224541196F9C25F 1569 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Documents and Settings\JeroenvanDuren\Application Data ====== 2069-03-05 09:22:04 34876946C055062B85AF132B2F99BAF1 34814 ----a-w- C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\dt.dat 2069-03-05 08:35:07 -------- d-----w- C:\Documents and Settings\JeroenvanDuren\Application Data\uTorrent 2013-03-29 21:18:50 -------- d-----r- C:\Documents and Settings\JeroenvanDuren\Menu Start\Programma's\Systeembeheer 2013-03-28 22:11:57 7F1447EB499BCADD2BFE7A2CF4411775 38768 ----a-w- C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-03-28 20:46:21 -------- d-----w- C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Mozilla 2013-03-28 20:46:21 -------- d-----w- C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla 2013-03-27 19:08:51 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Battle.net ====== C:\Documents and Settings\JeroenvanDuren ====== 2013-03-29 21:04:29 -------- d-sh--w- C:\Documents and Settings\NetworkService\IETldCache 2013-03-29 21:04:22 -------- d-sh--w- C:\Documents and Settings\JeroenvanDuren\IETldCache 2013-03-28 21:41:11 -------- d--h--r- C:\Documents and Settings\JeroenvanDuren\Onlangs geopend ====== C: exe-files == 2069-03-05 10:37:42 F02A533F517EB38333CB12A9E8963773 136176 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe 2069-03-05 10:32:45 71BA5983A665FB4CCE507093B1FA143B 74761776 ----a-w- C:\Documents and Settings\JeroenvanDuren\Mijn documenten\Downloads\avast_free_antivirus_setup.exe 2069-03-05 08:36:16 CB4A9ABA55F2AA98265BA3D8AE029A6B 880496 ----a-w- C:\Program Files\uTorrent\uTorrent.exe 2069-03-05 08:34:42 CB4A9ABA55F2AA98265BA3D8AE029A6B 880496 ----a-w- C:\Documents and Settings\JeroenvanDuren\Mijn documenten\Downloads\uTorrent (1).exe 2013-04-11 08:04:15 E9D1BD6793C0DE2C6FB87CB64CB785A2 20190136 ----a-w- C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\Spotify_new.exe 2013-04-11 07:26:14 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe 2013-04-11 07:26:13 A669C1B40E5D23F5EBE7EF498631B7D1 174080 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\ie4uinit.exe 2013-04-11 07:20:06 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe === C: other files == 2013-04-11 08:10:13 F726DE38388D240FD2ECEA5BB58409DC 703265996 ----a-w- C:\Documents and Settings\JeroenvanDuren\Mijn documenten\Downloads\Windows XP Professional SP3 32-bit - Black Edition 2013.3.17.zip 2013-04-11 07:45:57 00A86FC133963F5155FE205A63B1C175 302169 ----a-w- C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1986488926-2133969174-3349548801-1006\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" "Google Update"="C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Eee Docking"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe" "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "Eee Docking (1)"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe" "Google Update (1)"="C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify Web Helper"="C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\Spotify.exe /uri spotify:autostart" "HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2841737L05ST:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "RTHDCPL"="RTHDCPL.EXE" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "AsusTray"="C:\Program Files\EeePC\ACPI\AsTray.exe" "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" "AsusACPIServer"="C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe" "SynAsusAcpi"="C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe" "AsusEPCMonitor"="C:\Program Files\EeePC\ACPI\AsEPCMon.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" "Google Update"="C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Eee Docking"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe" "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "Eee Docking (1)"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe" "Google Update (1)"="C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify Web Helper"="C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Documents and Settings\JeroenvanDuren\Application Data\Spotify\Spotify.exe /uri spotify:autostart" "HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2841737L05ST:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MsnMsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/04/2013 09:24] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/03/2069 12:37] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/03/2069 12:37] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default - DoNotTrackMe - %ProfilePath%\extensions\donottrackplus@abine.com - DuckDuckGo Plus - %ProfilePath%\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default F7E72D3A281F922BACEC1A71A826D4C2 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash 05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U17 D4BD9F86123C87ECA570418B69326F99 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2 A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery EDBA797E78300759A09AF77C77F5D9E7 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Web Player 7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=ASUBDF&PC=MAAU&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {E457BA7A-CA69-4E49-99D5-AC050CAB0149} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7NNVC_nlNL491" ==== Reset Google Chrome ====================== Nothing found to reset ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\JeroenvanDuren\Bureaublad\Auslogics BoostSpeed.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Documents and Settings\JeroenvanDuren\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\JeroenvanDuren\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\Internet.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Bureaublad\Speccy.lnk - C:\Program Files\Speccy\Speccy.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\JeroenvanDuren\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\JeroenvanDuren\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Documents and Settings\JeroenvanDuren\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\JeroenvanDuren\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Auslogics BoostSpeed on the Web.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.url C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Auslogics BoostSpeed.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Auslogics Rescue Center.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\RescueCenter.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Uninstall Auslogics BoostSpeed.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\unins000.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Console Defragmentation.lnk - C:\WINDOWS\system32\cmd.exe /K "C:\Program Files\Auslogics\Auslogics BoostSpeed\cdefrag.exe" C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Disk Cleaner.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DiskCleaner.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Disk Defrag.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DiskDefrag.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Disk Doctor.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DiskDoctor.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Disk Explorer.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DiskExplorer.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Disk Wiper.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DiskWiper.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Duplicate File Finder.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\DuplicateFileFinder.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics File Recovery.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\FileRecovery.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics File Shredder.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\FileShredder.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Internet Optimizer.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\InternetOptimizer.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Registry Cleaner.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\RegCleaner.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Registry Defrag.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\RegistryDefrag.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Rescue Center.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\RescueCenter.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Service Manager.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\ServiceManager.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Startup Manager.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\StartupManager.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics System Information.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\SystemInformation.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Task Manager.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\TaskManager.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Track Eraser.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\TrackEraser.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Tweak Manager.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\TweakManager.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Auslogics\BoostSpeed\Utilities\Auslogics Uninstall Manager.lnk - C:\Program Files\Auslogics\Auslogics BoostSpeed\UninstallManager.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Skype\Skype.lnk - C:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\JeroenvanDuren\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Silent Runners ====================== "Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat! Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM…CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM…CLSID} = Windows Live Aanmelden - Help \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM…CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding -> {HKLM…CLSID} = HyperTerminal Icon Ext \InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.] {2F603045-309F-11CF-9774-0020AFD0CFF6} = Synaptics Control Panel -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [synaptics Incorporated] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM…CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM…CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {0563DB41-F538-4B37-A92D-4659049B7766} = WLMD Message Handler -> {HKLM…CLSID} = CLSID_WLMCMimeFilter \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search -> {HKLM…CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS] {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> igfxcui\DLLName = igfxdev.dll [intel Corporation] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM…CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294} -> {HKLM…CLSID} = HxProtocol Class \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS] <<!>> ms-itss\CLSID = {0A9007C0-4076-11D3-8789-0000F8105754} -> {HKLM…CLSID} = Microsoft Infotech Storage Protocol for IE 4.0 \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [MS] <<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKLM…CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies] <<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -> {HKLM…CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM…CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} -> {HKLM…CLSID} = GraphicsShellExt Class \InProcServer32\(Default) = C:\WINDOWS\system32\igfxpph.dll [intel Corporation] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM…CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM…CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ disableregistrytools = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} HKCU\Software\Policies\Microsoft\Windows\System\ disablecmd = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Disable the command prompt} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ DisableStatusMessages = (REG_DWORD) dword:0x00000001 {unrecognized setting} VerboseStatus = (REG_DWORD) dword:0x00000000 {unrecognized setting} DisableRegistryTools = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_2.bmp Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_2.bmp Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\WINDOWS\system32\ssstars.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MSLivePhotoAcqHWEventHandler\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = Microsoft.LivePhotoAcqHWEventHandler HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} -> {HKLM…CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS] MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] MSLiveVideoCameraArrivalCaptureWizard\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = WLXAutoPlayMgr.WLXHWEventHandler InitCmdLine = WLXVideoAcquireWizard HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22} -> {HKLM…CLSID} = WLXWEventHandler Class \LocalServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS] MSWPDShellNamespaceHandler\ Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = -> {HKLM…CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda://%1 [the VideoLAN Team] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd://%1 [the VideoLAN Team] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd://%1 [the VideoLAN Team] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd://%1 [the VideoLAN Team] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] Enabled Scheduled Tasks: {++} ------------------------ Adobe Flash Player Updater -> launches: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ ButtonText = In weblog opnemen MenuText = &In weblog opnemen met Windows Live Writer CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -> {HKLM…CLSID} = BlogThisToolbarButton Class \InProcServer32\(Default) = C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [MS] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Verzenden naar OneNote MenuText = Verz&enden naar OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM…CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM…CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS] {E2E2DD38-D088-4134-82B7-F2BA38496583}\ MenuText = @xpsp3res.dll,-20001 Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ ButtonText = Messenger MenuText = Windows Messenger Exec = C:\Program Files\Messenger\msmsgs.exe [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [Oracle Corporation] MBAMScheduler, MBAMScheduler, "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [Malwarebytes Corporation] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <<!>> PEVSystemStart, Service <<!>> procexp90.Sys, Driver HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <<!>> PEVSystemStart, Service <<!>> procexp90.Sys, Driver Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor iP3500 series\Driver = CNMLM8V.DLL [CANON INC.] HP B111 Status Monitor\Driver = hpinkstsB111LM.dll [Hewlett-Packard Co.] HP Discovery Port Monitor (HP Photosmart 5520 series)\Driver = HPDiscoPMB111.dll [Hewlett-Packard Co.] Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS] ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\JeroenvanDuren\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\JeroenvanDuren\Local Settings\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\JEROEN~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\JeroenvanDuren\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found Hierbij het logje. Nogal late reactie, was erg druk. Bedankt voor je hulp. Mocht het niet werken ga ik xp opnieuw installeren. Liever niet natuurlijk.

avg remover heb ik al gedraaid. Krijg nog steeds dezelfde melding. Werkt dus blijkbaar niet. Ondergrond is eigenlijk altijd gewoon glad, hard en stofvrij weet ik niet, enigzins denk ik. Ik zit er aan te denken om xp opnieuw te installeren. Of zal ik dan voor vista gaan? Stof zou het probleem kunnen zijn. Ik zal daar is naar kijken. Verder nog opties?

Ik heb trouwens combofix gedraaid. Zag dat dat aanbevolen werd in gevallen die leken op de mijne. Het vreemde was dat hij een waarschuwing gaf dat avg 2012 draaide. Dit terwijl deze helemaal niet op de pc staat. Heb even gezocht, vond wel een aantal oude mappen, het heeft er ooit wel opgestaan. Heb deze handmatig verwijdert en opnieuw combofix gedraaid. Nog steeds zelfde melding. Hier het log iig ervan: ComboFix 13-03-31.01 - JeroenvanDuren 29/03/2013 22:30:06.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1015.579 [GMT 1:00] Gestart vanuit: c:\documents and settings\JeroenvanDuren\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-28 to 2013-03-29 )))))))))))))))))))))))))))))) . . 2069-03-05 10:37 . 2012-12-17 14:19 -------- d-----w- c:\program files\Google 2069-03-05 10:36 . 2013-01-13 20:48 -------- d-----w- c:\program files\AVAST Software 2069-03-05 10:36 . 2013-01-13 20:48 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2069-03-05 09:54 . 2069-03-05 09:54 -------- d-----w- c:\windows\LastGood.Tmp 2069-03-05 09:48 . 2069-03-05 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Auslogics 2069-03-05 08:47 . 2069-03-05 08:47 -------- d-----w- c:\program files\Auslogics 2069-03-05 08:36 . 2069-03-05 08:36 -------- d-----w- c:\program files\uTorrent 2069-03-05 08:35 . 2013-03-28 21:13 -------- d-----w- c:\documents and settings\JeroenvanDuren\Application Data\uTorrent 2013-03-29 21:04 . 2013-03-29 21:04 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2013-03-29 21:04 . 2013-03-29 21:04 -------- d-sh--w- c:\documents and settings\JeroenvanDuren\IETldCache 2013-03-29 20:45 . 2013-03-29 20:45 -------- d-----w- c:\program files\Speccy 2013-03-29 20:20 . 2013-02-05 20:15 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2013-03-29 20:19 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2013-03-29 20:18 . 2013-02-05 20:15 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2013-03-29 20:18 . 2013-02-05 20:14 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2013-03-29 20:18 . 2013-02-05 20:14 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2013-03-29 20:17 . 2013-03-29 20:18 -------- dc-h--w- c:\windows\ie8 2013-03-29 09:48 . 2013-03-29 09:48 388096 ----a-r- c:\documents and settings\JeroenvanDuren\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-03-29 09:48 . 2013-03-29 09:48 -------- d-----w- c:\program files\Trend Micro 2013-03-28 21:41 . 2013-03-29 21:26 -------- d--h--r- c:\documents and settings\JeroenvanDuren\Onlangs geopend 2013-03-28 20:57 . 2013-03-28 20:57 -------- d-----w- c:\program files\Common Files\Java 2013-03-28 20:57 . 2013-03-28 20:56 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-03-28 20:56 . 2013-03-28 20:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-28 20:46 . 2013-03-28 20:46 -------- d-----w- c:\documents and settings\JeroenvanDuren\Local Settings\Application Data\Mozilla 2013-03-28 11:37 . 2013-03-28 11:37 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-27 19:08 . 2013-03-27 19:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Battle.net 2013-03-12 02:25 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-28 20:56 . 2010-04-25 17:07 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-28 20:56 . 2010-04-25 17:07 143872 ----a-w- c:\windows\system32\javacpl.cpl 2013-03-28 11:37 . 2011-11-24 09:01 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-12 00:32 . 2009-05-20 12:34 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-05 20:15 . 2009-05-20 12:34 916480 ----a-w- c:\windows\system32\wininet.dll 2013-02-05 20:15 . 2009-05-20 12:34 43520 ------w- c:\windows\system32\licmgr10.dll 2013-02-05 20:14 . 2009-05-20 12:34 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-02-05 05:55 . 2009-05-20 12:34 385024 ------w- c:\windows\system32\html.iec 2013-01-26 03:55 . 2009-05-20 12:34 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 07:27 . 2008-04-14 22:11 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 07:26 . 2008-04-14 22:11 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 10:10 . 2009-05-20 12:34 1867392 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49 . 2009-05-20 12:34 1296384 ----a-w- c:\windows\system32\quartz.dll 2013-01-02 06:49 . 2009-05-20 12:34 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-03-07 14:30 . 2013-03-28 20:46 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Premium Sound . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "c:\\Documents and Settings\\JeroenvanDuren\\Application Data\\Spotify\\spotify.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.954\\Agent.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1675\\Agent.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58616:TCP"= 58616:TCP:Pando Media Booster "58616:UDP"= 58616:UDP:Pando Media Booster . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [30/12/2012 02:21 398184] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [20/05/2009 02:38 38912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [27/05/2012 11:34 21104] S0 AVGIDSHX;AVGIDSHX; [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [27/05/2012 11:34 682344] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 12:28 160944] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2; [x] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/05/2009 15:09 1684736] S3 AVGIDSShim;AVGIDSShim; [x] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [20/05/2009 15:10 966912] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [20/05/2009 16:06 232872] S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [21/03/2009 18:35 39040] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2013-03-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28 11:37] . 2069-03-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34] . 2013-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2069-03-05 10:37] . 2013-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2069-03-05 10:37] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 10.0.0.138 FF - ProfilePath - c:\documents and settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\ FF - ExtSQL: 2013-03-28 21:58; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-03-28 23:06; donottrackplus@abine.com; c:\documents and settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\extensions\donottrackplus@abine.com . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-03-29 22:35 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2013-03-29 22:37:44 ComboFix-quarantined-files.txt 2013-03-29 21:37 . Pre-Run: 36,043,714,560 bytes beschikbaar Post-Run: 36,158,611,456 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 17569A120B7A5A5625266E26B7EBA1F7 Het heeft nog niet geholpen.

alle essentiele updates zijn wel geinstalleerd. aantal optionele niet, waaronder explorer 8. Hierbij de link: http://speccy.piriform.com/results/PKSmLW5nZfAzBJUrSapWwJk

nog niet echt. de cpu blijft omhoog vliegen, uit het niets, bij het minste of geringste. misschien dat het ietsie sneller is. Maar nog erg langzaam.

# AdwCleaner v2.115 - Verslag gemaakt op 29/03/2013 om 12:53:37 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : JeroenvanDuren - JEROEN # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\JeroenvanDuren\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Program Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\IGearSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} ***** [browsers] ***** -\\ Internet Explorer v7.0.6000.17123 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v19.0.2 (nl) File : C:\Documents and Settings\JeroenvanDuren\Application Data\Mozilla\Firefox\Profiles\gfn9bfrh.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [1440 octets] - [29/03/2013 12:53:37] ########## EOF - C:\AdwCleaner[s1].txt - [1500 octets] ########## hijack this log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:58:15, on 29/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17123) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 5374 bytes ik zal die panda is installeren.

Ik heb weer eens een pc die niet mee wil werken. Klein laptopje van me pa gekregen, alle rommel er een beetje afgegooid, maar hij is erg langzaam. Zie de cpu naar 90-100% vliegen zonder dat ik echt wat doe. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:48:48, on 29/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17123) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = duxet.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 5563 bytes Hierbij het logje van hijack this. Ik weet dat ik geen antivirus aan heb. Er stond avast op maar het was niet vooruit te branden. Hopelijk kan iemand mij hier helpen.

goed! echt super bedankt! het lijkt erop dat het opgelost is. moet ik nog weer een ander logje plaatsen voor de zekerheid?