Ga naar inhoud

kemicky

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    56

  • Registratiedatum

  • Laatst bezocht

kemicky's prestaties

Bijdrager

Bijdrager (5/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. kemicky
    Beste Kape, Hartelijk dank voor je hulp! Het probleem is opgelost! Groeten Kemicky
  2. kemicky
    Zoek.exe v5.0.0.1 Updated 23-October-2015 Tool run by Michael Kempen on za 24-10-2015 at 6:22:29,90. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michael Kempen\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 24-10-2015 6:24:12 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext_64.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\MyFree Codec deleted successfully C:\Users\Michael Kempen\AppData\Roaming\HMYGSetting deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Michael Kempen\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Michael Kempen\AppData\Local\EmieSiteList deleted successfully C:\Users\Michael Kempen\AppData\Local\EmieUserList deleted successfully C:\Users\Michael Kempen\AppData\Local\Secunia PSI deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BingSvc"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\MyFree Codec not found C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default\extensions\bingsearch.full@microsoft.com deleted C:\Users\Michael Kempen\Documents\Optimizer Pro deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\Users\Michael Kempen\AppData\Roaming\Wondershare deleted C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted C:\Users\Michael Kempen\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted C:\Users\Michael Kempen\AppData\Local\Wondershare deleted C:\Users\Michael Kempen\AppData\Local\CrashRpt deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\XTRM Group Ltd deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\REN312F.tmp deleted C:\Windows\Syswow64\REN388E.tmp deleted C:\Windows\Syswow64\REN5F11.tmp deleted C:\Windows\Syswow64\REN8B1F.tmp deleted C:\Windows\Syswow64\RENE520.tmp deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\MICHAE~1\AppData\Local\Temp ==== 2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcUpdater.exe 2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcProcessor.exe ====== Java Cache ===== 2015-09-29 16:27:51 05427556DB2BEF9A0EFA0D5963ADEF70 183634 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\434d8819-5cef3f91 2015-10-23 05:32:41 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-2bc4d8bf 2015-10-23 05:32:41 D288EEA5C54AAC338A26DA9D36BFAA4E 100 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2015-10-23 05:32:41 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-5c6df4ae 2015-10-23 05:32:45 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-48c554cd ====== C:\Windows\SysWOW64 ===== 2015-10-23 05:31:29 C39FB2F1EB2DF9F3820BD7775F3AFC81 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-14 14:26:33 F811B932E3DBA308014F8C870F752F16 12875776 ----a-w- C:\Windows\SysWOW64\shell32.dll 2015-10-14 14:26:32 5CB2886338C82E388F68557E2745200F 1498624 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll 2015-10-14 14:26:24 A7028D5D5E3DCF820B3C0AFE0137A87E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2015-10-14 14:26:24 908BBA41A5B57DDB126B85EC14DD58EF 76288 ----a-w- C:\Windows\SysWOW64\mshtmled(43).dll 2015-10-14 14:26:24 0E036A353DB9D8F4F642AC0F9412F09E 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-10-14 14:26:24 098F6097F919EE77EA490E16D11E427A 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-10-14 14:26:24 04BB7AF8E0DAE83982155F0752308666 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-14 14:26:24 00FBEDF0E74AD8815469A95271C0E562 345688 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-10-14 14:26:23 9F36964CDB9A920779314395E3911503 504832 ----a-w- C:\Windows\SysWOW64\vbscript(50).dll 2015-10-14 14:26:22 D586CB95B4EADC0525E8929A241898F5 20357632 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-10-14 14:26:22 C89372B642726F1CF3EB479397976DA3 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-10-14 14:26:22 C848E013BB85C48C787001E1EA36905F 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-10-14 14:26:22 060409834CC8FAC3F1231DA3F0648CC5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-10-14 14:26:21 B87A11C95703AB19ACB43993DDA0F1A3 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-10-14 14:26:21 9F4234838400CC3A964AF53DE4410A50 2279936 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-10-14 14:26:21 816B489E2BBFE2479C844AAD486ABB42 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-10-14 14:26:21 7E8EABA6A2B10FE11E2381378A57322B 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-10-14 14:26:21 12DCE9300FF5B74DC2F7DBAC96B0614E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-10-14 14:26:20 F274AF14C7DB6C52C023BCBDA4197D17 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-10-14 14:26:20 BE1263EE0CB8CF942FC35CC86E0C3941 12853760 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-10-14 14:26:20 AFC4F34507B555D1C9C4F049CCA1475F 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-10-14 14:26:20 8C9BCE16E894D4FBCE151F4A5FE05F55 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-10-14 14:26:20 73189A2739491ABB556872737C501F8E 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-10-14 14:26:20 584E6632F1F4027AB64DEB0F4139E7D7 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-10-14 14:26:20 4A3CA2C73C4D66A90C63E9E532746020 480256 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-10-14 14:26:18 E401E66CCB2AE219CF41F7F901C410C1 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-10-14 14:26:18 DE53F76D63CA64E172B336BC7CFF6EDA 4527616 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-10-14 14:26:18 CEDBC9DBD9800E0EE81B0840EBC2BAC5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-10-14 14:26:18 A7012A7032207D1C16B7236EDF91F4BB 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-10-14 14:26:18 A25C9DD040CA9799C2A7E41732D0752A 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-10-14 14:26:18 5EE17D52CAF79663211C01C614594620 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-10-14 14:26:18 17B66052348D3A3681A9411EDD839E18 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt(42).exe 2015-10-14 14:26:07 DDCABBADA6116E8E3472D93FDF56FE66 93696 ----a-w- C:\Windows\SysWOW64\wudriver(53).dll 2015-10-14 14:26:07 C4240CA64E6B3523110DE3CAF4066F07 566784 ----a-w- C:\Windows\SysWOW64\wuapi(51).dll 2015-10-14 14:26:07 7902FB8C129A6DCAA9E0002BD3600F00 35328 ----a-w- C:\Windows\SysWOW64\wuapp(52).exe 2015-10-14 14:26:07 693F6EC2312B8B3F57B7277B069B91A3 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-10-14 14:26:06 6CE7ACA0022C27A3FAECB600E097F81B 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-10-14 14:25:58 C19537A50B723E0F7B53D413163B35EE 3936192 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-10-14 14:25:57 CA504606753BD62FA3128D3056320264 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-10-14 14:25:57 9E83A4F6E776F7A3E5F7FB90180FBC0B 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-10-14 14:25:57 63FD03CED9739062E9B94F0D1E54A406 3990976 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-10-14 14:25:56 D9F5F78F8EA5749CA651B71335A96421 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-10-14 14:25:56 D8269205300BB593C3698BB77178E8D3 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-10-14 14:25:56 C7293C9340BDC8291F6718913F3F7B14 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-10-14 14:25:56 C142CBB756205146B88DDB66D00BFE66 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-10-14 14:25:56 C00E4CD3AC3A0D8E339635E06546B77D 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-10-14 14:25:56 B421B311420FD650BE3B25EAC217E685 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-10-14 14:25:56 8A4ED460B6557EDCA637236073794DFF 43008 ----a-w- C:\Windows\SysWOW64\srclient(47).dll 2015-10-14 14:25:56 6D16D1B9DB2526B985BBB9B27A56B70B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-10-14 14:25:56 6848FA8B421A0CEC8990AFE7A615574F 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-10-14 14:25:56 5FC0F48FD38D0AC7FC54EBEFBC3F69C5 25600 ----a-w- C:\Windows\SysWOW64\setup16(46).exe 2015-10-14 14:25:56 4EB6A0445891D56D56BB4580B3906BEA 1311768 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-10-14 14:25:56 3FA49981A847AE62259E6AEB585C84B8 65536 ----a-w- C:\Windows\SysWOW64\TSpkg(48).dll 2015-10-14 14:25:56 2464CEAC16185B73774662AC625F695D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-10-14 14:25:56 2421C989BF8485B6A9EBBAC35ACADF1D 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2015-10-14 14:25:56 22BF275468F714A4F7E6F36449D1DCE2 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-10-14 14:25:56 1BE5DF925C30D9D1FAD1212FB215E469 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-10-14 14:25:56 1ADCC4F94981430FE968EE992353C535 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-10-14 14:25:56 15192FC6BFCB37AE43A645A9C84AEF2F 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2015-10-14 14:25:56 0834E70A068360D85CDC47697A4B7898 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-10-14 14:25:55 FE7B23203C757148CBCCA0A39EAD3C59 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-10-14 14:25:55 D414A645F6853BB2C8A24B85C1C86581 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-10-14 14:25:55 64B92847AA0945992BB49B62D9B0440E 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-10-14 14:25:55 09BA6677E9CCBB1884CD0FB24F6EF584 2048 ----a-w- C:\Windows\SysWOW64\user(49).exe 2015-10-14 14:25:36 0D0FF2A38473552DDFF4F21756700F9B 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2015-10-14 14:25:21 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 14:25:21 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 14:25:21 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 14:25:21 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 14:25:21 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 14:25:21 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 14:25:21 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 14:25:21 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 14:25:21 80BEB858D2EEE9CA657647B599E5D844 11616 ----a-w- C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 14:25:21 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 14:25:21 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 14:25:21 5B55E9A1360A6C52CC988DA6804D6CA2 901264 ----a-w- C:\Windows\SysWOW64\ucrtbase.dll 2015-10-14 14:25:21 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 14:25:21 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 14:25:21 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 14:25:21 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 14:25:21 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-10-21 19:11:28 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2015-10-15 15:06:35 F03EA93F045D009830C890010750B34A 25432 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-10-15 15:06:35 AFE7905DD772DEA54B9C443C6634740A 700416 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-10-15 15:06:35 9F780E22C79AACBF3A93F6ACDE2A4E0A 766464 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-10-15 15:06:35 952D66DCA6CB744381B7298F8AAE994F 73216 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-10-15 15:06:35 21C89857E5671990BBF2B430BD75B9C9 1291264 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-10-15 15:06:35 1AC3E0E57844764B0CA6D2BF0F76C773 503808 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-10-15 15:06:35 14A5CC0EE60278D483A88124B88F3524 1163776 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-10-14 14:26:35 885B08E5EC912D2680F533094B87770D 14176768 ----a-w- C:\Windows\Sysnative\shell32.dll 2015-10-14 14:26:34 0F08BB62CD162883E9A3004BBE7914BD 1866752 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2015-10-14 14:26:34 0F08BB62CD162883E9A3004BBE7914BD 1866752 ----a-w- C:\Windows\Sysnative\ExplorerFrame(39).dll 2015-10-14 14:26:24 BF8A5B4E696F4E8F3B2B5E9902467418 720896 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-10-14 14:26:24 9E0D0522908C1106E0D77708CB9926FE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-10-14 14:26:24 9AEE2A881FD10E6A463588303D8027AD 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-10-14 14:26:24 80E9DF296F127B3BC965EBC5A2C8F044 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-10-14 14:26:24 3A0773E21355B41176ACAD8BB099D9B3 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-10-14 14:26:22 521E1A87D4F750FD9694DBF3AB37B38F 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-10-14 14:26:21 8A2A46DD0C51E5D2D0A2EF2AA289DA4D 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-10-14 14:26:21 4AEB3F2FB0CC23A18ED997F6C0476819 391784 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-10-14 14:26:21 3295B811A0260C0A5B346ECB73C5FCF0 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2015-10-14 14:26:20 D661A17B4634171C58373699CBD6455B 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-10-14 14:26:20 6E1EEB1CE2F9F3AB14A9E8A6B1E82455 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-10-14 14:26:20 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-10-14 14:26:20 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility(40).exe 2015-10-14 14:26:20 12C1DECE9502828C0A5ADB50AB1673A0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-10-14 14:26:19 F6F91F217D760981017E4AA4F1C7E633 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-10-14 14:26:19 E91FD3ACC10C971CBA991FCD058ABB58 2886656 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-10-14 14:26:19 7C3050383491011FEDD40961A37A2D99 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-10-14 14:26:19 0FA614470B3A78FC5B8F3F3F742B9837 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-10-14 14:26:18 A865136AC6436533E0A4A3C67F259401 585728 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-10-14 14:26:18 84C63F3D2D488A918A947E06BD1105EF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-10-14 14:26:18 45A56A2CC2D6A4B649B7DC3B5DF259FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-10-14 14:26:17 BC92D9D88959542FBAF1F8CF21F86B38 14458368 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-10-14 14:26:17 B0917E6238C1675E48CFE64947DD9FD9 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-10-14 14:26:17 88D3F690043A1AA43F33DEC6DDA82178 616960 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-10-14 14:26:17 5175A9C2C71D49394424C07CA856B803 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-10-14 14:26:17 4A9FFAC9325EFFDEFD7E8C0830B0ABEC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-10-14 14:26:17 373B3EFBBF1A2706F8660C4DE4202694 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-10-14 14:26:16 E36C7069B9C56DF9A53DD4FA5DCDDE72 5990912 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-10-14 14:26:16 BD06D875FB79E92DAF724C91DE743AFA 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-10-14 14:26:16 58DD42AC31D1F86D303BAAF5955A59BA 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-10-14 14:26:16 454669BB12162610D93954BCC942A41C 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-10-14 14:26:16 1DE918244ED8AB9D3F2C4B9A1F91A24D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-10-14 14:26:15 BEA081F4F2D507D6461B142AB11995B3 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-10-14 14:26:15 99BA96F5AC545D857E662A9FC576D919 25851904 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-10-14 14:26:15 0783994A921469A6E97F3117AA0934DD 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-10-14 14:26:07 ECB1C858D9989C4F19FDCE3B7F8BA1F7 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-10-14 14:26:07 DA4450EE180CBDFB800FB230978BBC58 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-10-14 14:26:07 C64C6AA9F061E89AE6CA1B484AC3F94E 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-10-14 14:26:07 96983751026F0940CAEEB15901B49FF2 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-10-14 14:26:07 64B432FB351118B222A5342A7A461696 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-10-14 14:26:07 5F1A7C984117F478F7411BDD98411B58 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-10-14 14:26:07 2FFBB9A44A8BA9CBC9589C31E0A36605 3168768 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-10-14 14:26:07 291778E1A36716182AFBC1731B2DFEAB 2607104 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-10-14 14:26:06 B322CE702FA01DA60876BC5D417B15FE 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-10-14 14:26:06 7A2E35CA7131819A8CCE1FA1368D7813 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-10-14 14:26:06 74F288D562E78E1062D4AA2A6C3AB74C 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-10-14 14:25:58 3FE5671328B8A655F766D872D12DC373 5569472 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-10-14 14:25:57 F337ACC4CF6B9DFBE46D9A7E54E10756 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-10-14 14:25:57 CD349AD99C801523B55030AC234CC1EF 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-10-14 14:25:57 A06A96A26FE0BE22B08B641362296B68 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-10-14 14:25:57 91DDAFAFCEC3E360881FE35AF06B9EE4 1730496 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-10-14 14:25:57 6C190505923A971F0474F8BA8DA50789 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-10-14 14:25:57 5B9427E47B86AFDA813A8D252713FC35 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-10-14 14:25:57 5401C9D2F4B0A98B60259C621DDF1EB6 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-10-14 14:25:57 4AD1C61152A0199E3D7F9A82C07AC629 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-10-14 14:25:57 365480590A46ECB0E4BF1DBD7BC69713 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-10-14 14:25:57 338FD40323ADD43B5C94B4A6CB91874B 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2015-10-14 14:25:57 11C18D613F66CB5CE829B821599ED339 1164800 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-10-14 14:25:56 FCFE939A325054DFC69E1D8C58751A62 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-10-14 14:25:56 EE035334B7A58C7F748C3D0394574A35 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-10-14 14:25:56 E9CCB68290F27837A3D7058FEB51F7A8 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-10-14 14:25:56 E91002F7EC3A9BF7F62BF1E215A32451 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-10-14 14:25:56 E43F36D0B4C674FEA2C992564A3E0F28 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-10-14 14:25:56 D2E2A613EBD0C959E72556C3A63A6B4A 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-10-14 14:25:56 D2BF3CD0F66139B5F1BA1D35C6613E78 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-10-14 14:25:56 C0EC18A77CBE5505019AF1BEB6CE824D 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-10-14 14:25:56 96DE914D834FD7809A1720AF5D913C96 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-10-14 14:25:56 95E4E6C645175731B1DC8084329121AA 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-10-14 14:25:56 8F15F0D6F42A2B8A58EDD1AA55D7FB98 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-10-14 14:25:56 8260FD420E49C1E3DD6539BCEA2B376E 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-10-14 14:25:56 78461527B753B9A6043038AEF25745D3 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-10-14 14:25:56 5424EC756808C1002457033D969115C7 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-10-14 14:25:56 4E10C0CD94FD2E9F04B0AA11C4DB1592 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-10-14 14:25:56 3CF93F8BA5016A86073F7ACE4A225D69 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2015-10-14 14:25:56 23682AD752DE308760672C84A7E74554 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-10-14 14:25:56 06AA22DBBD294BB40F01E23BF826AA9C 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-10-14 14:25:56 023394934150F7EC547EBCC2107EEA5F 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-10-14 14:25:55 DD01EBF9D35E614CAEA1BF4876B07134 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-10-14 14:25:55 B5D2DF46AB955A070F67FF192C52E7BD 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-10-14 14:25:55 7CDA2FE5F02370B5879DF8D35133B0E1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-10-14 14:25:38 87FEDB1FF42C3A10FFE2CE95AB2AF306 616360 ----a-w- C:\Windows\Sysnative\winresume.efi 2015-10-14 14:25:38 541B7C53EDA8F84790A593B13FB32E56 692672 ----a-w- C:\Windows\Sysnative\winload.efi 2015-10-14 14:25:36 B6C85437FDC8EC6464BE359D41BBC3F7 59392 ----a-w- C:\Windows\Sysnative\appidapi.dll 2015-10-14 14:25:36 7030F95F994B2F2CCC1C521E342369DB 147456 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2015-10-14 14:25:35 B17B1E5FB5CE63DA4DB4D49E3683487F 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2015-10-14 14:25:35 ABC373B9C6275D45F17DB559408FFD1B 32768 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2015-10-14 14:25:35 7503BAD9B2A08B8A95319F7C0CA9F869 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2015-10-14 14:25:21 F97E7878A2B372291B1269D80327BBF6 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 14:25:21 ED14B64C94F543974B7FDC592FA0594B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 14:25:21 ECCF5973B80D771A79643732017CEA9A 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 14:25:21 E9F6D776545843A9817D8ACF38D06D09 19808 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 14:25:21 CC337898E64D9078CB697AC19F995C7F 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 14:25:21 BBAE7B5436D6D1B0FC967FF67E35415F 16224 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 14:25:21 AF851DFD0D9FECB76FF2B403F3C30F5B 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 14:25:21 761DDD8669A661D57D9CF9C335949C06 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 14:25:21 6631C212F79350458589A5281374B38B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 14:25:21 653CB5DF3CEC6A4A0E402B33D8AA5C08 63840 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 14:25:21 56556659C691DD043DBE24B0A195D64C 20832 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 14:25:21 53E9526AF1FDCE39F799BFE9217397A8 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 14:25:21 32B2264317EA6200DA5DEEEC7DCB0EEB 11616 ----a-w- C:\Windows\Sysnative\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 14:25:21 2381E189321EAD521FF71E72D08A6B17 984448 ----a-w- C:\Windows\Sysnative\ucrtbase.dll 2015-10-14 14:25:21 1908861649E67CDC20C563C234A89914 15712 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 14:25:21 0F143310FADE4DE116070A3917A79C18 13664 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 14:25:21 090DD0BB2BDDEE3EAAE5B6FF15FAE209 14176 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll ====== C:\Windows\Sysnative\drivers ===== 2015-10-14 14:25:57 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-10-14 14:25:57 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-10-14 14:25:57 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-10-14 14:25:56 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-10-14 14:25:56 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-10-14 14:25:35 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys ====== C:\Windows\Tasks ====== 2015-09-25 08:06:36 F4BB59742FC6E50EA92E4A43E4779E8C 1002 ----a-w- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-09-25 08:06:36 E790C216865198C7F7B1CDD7BB526566 4024 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-10-23 05:31:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-09-28 18:55:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype ======= C: ===== ====== C:\Users\Michael Kempen\AppData\Roaming ====== 2015-09-25 03:58:20 -------- d-----w- C:\Users\Michael Kempen\AppData\Roaming\Sun ====== C:\Users\Michael Kempen ====== 2015-10-23 11:57:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe 2015-10-23 05:31:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-23 05:24:32 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\Users\Michael Kempen\Downloads\jxpiinstall.exe 2015-10-03 18:51:45 -------- d-----w- C:\Users\Public\Documents\AirDroid 2015-09-28 18:55:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-26 04:20:36 -------- d-----w- C:\Windows\SysNative\config\systemprofile\.oracle_jre_usage 2015-09-26 04:20:31 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\.oracle_jre_usage 2015-09-25 03:58:20 -------- d-----w- C:\Users\Michael Kempen\.oracle_jre_usage ====== C: exe-files == 2015-10-23 11:57:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe 2015-10-23 05:31:29 A53E431775DF91EA016AF5817DF26B41 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-10-23 05:31:29 50CC4A65F784A51813A169EA33CF319A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-10-23 05:31:29 4547FB479010206D8BEA10B2694C5C6D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-10-23 05:31:20 FAE99E011922F5BE4CB2160E316D057B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmiregistry.exe 2015-10-23 05:31:20 FA5E33B54BD044F489BA4281B3D6ED95 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\servertool.exe 2015-10-23 05:31:20 CC0CF93D2BF12A423DA4134FFB9C324D 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssvagent.exe 2015-10-23 05:31:20 BBC68E5519B11A74B8208AA7B85F3B80 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmid.exe 2015-10-23 05:31:20 B6DBE62611DA178B2CA578BC2B7BBA30 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javacpl.exe 2015-10-23 05:31:20 B61623580A304714A4E2FE6A5E73327F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\pack200.exe 2015-10-23 05:31:20 AA79E5830F4B6C29A5A976891ED0E86B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jjs.exe 2015-10-23 05:31:20 A53E431775DF91EA016AF5817DF26B41 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe 2015-10-23 05:31:20 940EE00C074A46D638A756723964D65D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\orbd.exe 2015-10-23 05:31:20 8ED50DA4BAE0046E05BEC0110CF20B17 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java-rmi.exe 2015-10-23 05:31:20 857117663B1F28ABBA4E1C6110A09282 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\policytool.exe 2015-10-23 05:31:20 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jabswitch.exe 2015-10-23 05:31:20 6211595DD15306DFD8E07B95E6F2984D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\tnameserv.exe 2015-10-23 05:31:20 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\keytool.exe 2015-10-23 05:31:20 50CC4A65F784A51813A169EA33CF319A 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaws.exe 2015-10-23 05:31:20 4D2DDC988E4F67E7E07E78954FBEED2D 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\unpack200.exe 2015-10-23 05:31:20 4547FB479010206D8BEA10B2694C5C6D 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe 2015-10-23 05:31:20 2AA43B8A44341F90DCCFAE38107BA484 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2launcher.exe 2015-10-23 05:31:20 1A859E08A65ECBA7B687ACAED5EA5080 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ktab.exe 2015-10-23 05:31:20 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\klist.exe 2015-10-23 05:31:20 0AD21325149141252F05B32F7809F441 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\kinit.exe 2015-10-23 05:24:32 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\Users\Michael Kempen\Downloads\jxpiinstall.exe 2015-10-21 19:11:28 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\System32\aswBoot.exe 2015-10-17 09:22:48 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe 2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcUpdater.exe 2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ST1BXC6Q\BSvcUpdater[1].exe 2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe 2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcProcessor.exe 2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ST1BXC6Q\BSvcProcessor[1].exe 2015-10-17 09:12:46 77C01F1850E55373280A1B865D824F58 144008 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BingSvc.exe 2015-10-17 09:12:46 67935AE83509795F8A4315B9504C9C69 2650776 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe 2015-10-17 05:02:41 D65E66A618FA52CEF893A5FAEA2503DE 301224 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe === C: other files == 2015-10-23 05:31:20 577B724A8DB4380F8B8F0098D1C9A722 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" "autoRunTest"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "OpwareSE4"="C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" "autoRunTest"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Folders ====================== 2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [17-10-2015 10:15] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-10-2015 10:15] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-09-2015 08:51] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-09-2015 08:51] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1396635249" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{4F11B628-B826-4E6F-9BCD-60B7BAC0A38F}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-05-02 07:12:42 -------- d-----w- C:\PROGRA~3\eBook Converter 2015-05-20 12:06:51 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com 2015-05-28 06:07:11 -------- d-----w- C:\PROGRA~3\NCH Software 2015-06-14 10:24:27 -------- d-----w- C:\PROGRA~3\Wondershare 2015-06-15 13:25:31 -------- d-----w- C:\PROGRA~3\Applications 2015-08-21 06:53:26 -------- d-----w- C:\PROGRA~3\1&1 Mail & Media GmbH ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\MICHAE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default user_pref("browser.startup.homepage", "http://www.gmx.com/|https://web.whatsapp.com/|https://mail.google.com/mail/u/1/#inbox|https://mail.google.com/mail/u/2/#inbox|https://mail.google.com/mail/u/3/#inbox|https://calendar.google.com/calendar/b/3/render?tab=mc#main_7|https://mail.google.com/mail/u/4/#inbox|https://mail.google.com/mail/u/5/#inbox|http://www.rhein-zeitung.de/bilder/karikaturen-galerie_galerie,-Karikaturen-Oktober-2015-_costart,1_mediagalid,37825.html"); user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21-10-2015 21:11] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MICHAE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default - GMX MailCheck - C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default\extensions\browser-mailcheck@gmx.net - GMX MailCheck - %ProfilePath%\extensions\browser-mailcheck@gmx.net - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default 863AF0003392FEBC2667A8A790DED955 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.71 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22-04-2015 20:46] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo GMX MailCheck - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm selector is not a valid CSS selector - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Hangouts - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl Google Wallet - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda My Font for Gmail™ - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcogoioikcdeceiakjbandbaifohik Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf MSN Homepage Bing Search Engine - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd Google Sheets - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia selector is not a valid CSS selector - Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp ==== Chromium Startpages ====================== C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://news.google.de/", ==== Chromium Fix ====================== C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage deleted successfully C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" {C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Michael Kempen\AppData\Local\Mozilla\Firefox\Profiles\wfqg3tyo.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Michael Kempen\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=151 folders=81 66364647 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\admin.brightcove.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\cdn2.dashbida.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\f.vimeocdn.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\menhdv.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\sadmin.brightcove.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\secretmedia.s3.amazonaws.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\secure.insightexpressai.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\static.issuu.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\staticfiles.rtl.nl" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\www.cdn-net.com" not found "C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\www.t-online.de" not found ==== EOF on za 24-10-2015 at 6:48:12,25 ======================
  3. kemicky
    Beste Clarkie, Fijn dat jij mij ermee helpt! Met deze bericht doe ik het log.txt bestand toevoegen! Graag hoor ik hoe verder Mvg Kemicky log.txt
  4. kemicky
    Hallo lieve computervrienden, Sinds een paar dagen krijg ik telkens weer die melding op de scherm nadat ik mijn pc heb opgestart. Zie bijlage. Weten jullie wat er aan de hand zou kunnen zijn? Alvast hartelijk dank hiervoor Groeten Kemicky
  5. kemicky
    [ATTACH]34837[/ATTACH] AdwCleaner[S0].txt
  6. kemicky
    [ATTACH]34832[/ATTACH] zoek-results.log
  7. kemicky
    Logfile of random's system information tool 1.10 (written by random/random) Run by Michael Kempen at 2014-08-17 12:46:57 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 469 GB (63%) free of 749 GB Total RAM: 8174 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:47:00, on 17-8-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17239) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\StickyPad\StickyPad.exe C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe C:\Program Files (x86)\pdf24\pdf24.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Michael Kempen.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [sticky Pad] C:\Program Files (x86)\StickyPad\StickyPad.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Device Monitor.lnk = C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9917 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" C:\Windows\system32\viakaraokesrv.exe "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1996 taskeng.exe {8816C4F0-386D-4409-A1D6-AFAC3061E694} C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ac55e6d5-2f1c-484d-8555-6788f290b76f -SystemEventPortName:HostProcess-c9e44646-11d5-4c3b-b16f-ecd203f0177f -IoCancelEventPortName:HostProcess-cf1c8566-316a-4e74-bffb-196089518371 -NonStateChangingEventPortName:HostProcess-f75756bc-697a-4967-a03b-9c8c73c352c7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d693550f-e3bc-4b13-a9b1-a122e0e2c99a -DeviceGroupId:WpdFsGroup C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\StickyPad\StickyPad.exe" "C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe" -H "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r "C:\Program Files (x86)\pdf24\pdf24.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui ArcCon.ac 66080 0 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4868.0.433700417\700138830" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.2.422063\978564104" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.3.1534538756\1544163750" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.4.338213189\784160120" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.7.693633228\943675824" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4868.17.1440207909\1601011347" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.43.798578669\908295222" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.45.233357259\48357849" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.47.1794708830\750711544" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.48.811115915\328906152" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.54.664704599\2001495697" /prefetch:673131151 C:\Windows\splwow64.exe 8192 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.55.1463423733\1556002853" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.60.1673398172\92129748" /prefetch:673131151 C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540 C:\Windows\system32\PrintIsolationHost.exe -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Michael Kempen\Downloads\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-13 581824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-13 436600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584] "Sticky Pad"=C:\Program Files (x86)\StickyPad\StickyPad.exe [2012-08-13 516153] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "PDFPrint"=C:\Program Files (x86)\pdf24\pdf24.exe [2013-02-19 162856] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-09 3890208] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Device Monitor.lnk - C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-08-17 12:45:45 ----D---- C:\rsit 2014-08-14 10:41:17 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Oracle 2014-08-14 10:40:56 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\java.exe 2014-08-14 06:24:07 ----A---- C:\Windows\SYSWOW64\infocardapi.dll 2014-08-14 06:24:07 ----A---- C:\Windows\SYSWOW64\icardagt.exe 2014-08-14 06:24:07 ----A---- C:\Windows\system32\infocardapi.dll 2014-08-14 06:24:07 ----A---- C:\Windows\system32\icardagt.exe 2014-08-14 06:24:05 ----A---- C:\Windows\SYSWOW64\icardres.dll 2014-08-14 06:24:05 ----A---- C:\Windows\system32\icardres.dll 2014-08-14 06:23:34 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe 2014-08-14 06:23:34 ----A---- C:\Windows\system32\TsWpfWrp.exe 2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDYAK.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDTAT.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDRU1.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDRU.DLL 2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDBASH.DLL 2014-08-14 06:04:45 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-08-14 06:04:45 ----A---- C:\Windows\system32\tzres.dll 2014-08-14 06:04:40 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-08-14 06:04:40 ----A---- C:\Windows\system32\msi.dll 2014-08-14 06:04:40 ----A---- C:\Windows\system32\authui.dll 2014-08-14 06:04:39 ----A---- C:\Windows\SYSWOW64\msihnd.dll 2014-08-14 06:04:39 ----A---- C:\Windows\SYSWOW64\authui.dll 2014-08-14 06:04:39 ----A---- C:\Windows\system32\msihnd.dll 2014-08-14 06:04:39 ----A---- C:\Windows\system32\consent.exe 2014-08-14 06:04:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-08-14 06:04:28 ----A---- C:\Windows\system32\win32k.sys 2014-08-14 06:04:27 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-08-14 06:04:27 ----A---- C:\Windows\system32\gdi32.dll 2014-08-14 06:04:22 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-08-14 06:04:22 ----A---- C:\Windows\system32\shell32.dll 2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-08-14 06:04:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-14 06:04:15 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-08-14 06:04:14 ----A---- C:\Windows\system32\urlmon.dll 2014-08-14 06:04:14 ----A---- C:\Windows\system32\iernonce.dll 2014-08-14 06:04:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-08-14 06:04:14 ----A---- C:\Windows\system32\ie4uinit.exe 2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-08-14 06:04:13 ----A---- C:\Windows\system32\msfeeds.dll 2014-08-14 06:04:13 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-08-14 06:04:13 ----A---- C:\Windows\system32\dxtmsft.dll 2014-08-14 06:04:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-08-14 06:04:12 ----A---- C:\Windows\system32\iesetup.dll 2014-08-14 06:04:12 ----A---- C:\Windows\system32\iertutil.dll 2014-08-14 06:04:12 ----A---- C:\Windows\system32\iedkcs32.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-08-14 06:04:11 ----A---- C:\Windows\system32\jsproxy.dll 2014-08-14 06:04:10 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-08-14 06:04:10 ----A---- C:\Windows\system32\mshtmled.dll 2014-08-14 06:04:10 ----A---- C:\Windows\system32\ieui.dll 2014-08-14 06:04:10 ----A---- C:\Windows\system32\ieframe.dll 2014-08-14 06:04:10 ----A---- C:\Windows\system32\dxtrans.dll 2014-08-14 06:04:09 ----A---- C:\Windows\system32\wininet.dll 2014-08-14 06:04:09 ----A---- C:\Windows\system32\vbscript.dll 2014-08-14 06:04:09 ----A---- C:\Windows\system32\jscript9diag.dll 2014-08-14 06:04:09 ----A---- C:\Windows\system32\jscript9.dll 2014-08-14 06:04:09 ----A---- C:\Windows\system32\ieUnatt.exe 2014-08-14 06:04:09 ----A---- C:\Windows\system32\ieapfltr.dll 2014-08-14 06:04:08 ----A---- C:\Windows\system32\msrating.dll 2014-08-14 06:04:08 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-08-14 06:04:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-14 06:04:02 ----A---- C:\Windows\system32\mshtml.dll 2014-08-14 06:03:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2014-08-14 06:03:53 ----A---- C:\Windows\system32\rpcrt4.dll 2014-08-14 06:03:52 ----A---- C:\Windows\system32\aepdu.dll 2014-08-14 06:03:50 ----A---- C:\Windows\system32\aeinv.dll ======List of files/folders modified in the last 1 month====== 2014-08-17 12:46:58 ----D---- C:\Windows\Temp 2014-08-17 12:46:58 ----D---- C:\Program Files\trend micro 2014-08-17 12:46:39 ----D---- C:\Windows\Prefetch 2014-08-17 11:08:35 ----D---- C:\Windows\system32\config 2014-08-17 11:08:32 ----SHD---- C:\Windows\Installer 2014-08-17 11:08:31 ----D---- C:\Windows\SysWOW64 2014-08-14 11:08:44 ----SHD---- C:\System Volume Information 2014-08-14 11:07:19 ----D---- C:\Windows\rescache 2014-08-14 10:41:40 ----SHD---- C:\Config.Msi 2014-08-14 10:41:33 ----D---- C:\Windows\System32 2014-08-14 10:41:06 ----D---- C:\ProgramData\Oracle 2014-08-14 10:41:01 ----D---- C:\Program Files (x86)\Common Files 2014-08-14 10:40:50 ----D---- C:\Program Files (x86)\Java 2014-08-14 07:20:01 ----D---- C:\Windows\Microsoft.NET 2014-08-14 07:19:34 ----RSD---- C:\Windows\assembly 2014-08-14 06:45:41 ----D---- C:\Windows\winsxs 2014-08-14 06:43:11 ----RSD---- C:\Windows\Fonts 2014-08-14 06:43:11 ----D---- C:\Windows\ehome 2014-08-14 06:43:05 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-08-14 06:43:05 ----D---- C:\Windows\system32\nl-NL 2014-08-14 06:43:04 ----D---- C:\Windows\SYSWOW64\en-US 2014-08-14 06:43:04 ----D---- C:\Windows\system32\en-US 2014-08-14 06:43:04 ----D---- C:\Windows\system32\drivers 2014-08-14 06:43:04 ----D---- C:\Windows\PolicyDefinitions 2014-08-14 06:43:04 ----D---- C:\Program Files\Internet Explorer 2014-08-14 06:43:04 ----D---- C:\Program Files (x86)\Internet Explorer 2014-08-14 06:35:25 ----D---- C:\Windows\system32\catroot2 2014-08-14 06:35:25 ----D---- C:\Windows\system32\catroot 2014-08-14 06:32:13 ----D---- C:\Windows\system32\MRT 2014-08-14 06:28:14 ----A---- C:\Windows\system32\MRT.exe 2014-08-14 06:22:42 ----SD---- C:\Windows\system32\CompatTel 2014-08-14 05:55:07 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Dropbox 2014-08-10 16:54:07 ----D---- C:\Windows\inf 2014-08-10 16:54:07 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-08-09 12:12:12 ----D---- C:\Windows\system32\wdi 2014-07-24 21:43:55 ----D---- C:\Program Files\Microsoft Silverlight 2014-07-24 21:43:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-13 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-13 208416] R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 16440] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-13 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-13 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-13 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256] R3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2012-01-10 222464] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech HD Webcam C525(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 15416] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768] S1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 USB28xxBGA;USB 2828x Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2012-06-20 732928] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2012-06-20 1232128] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-13 50344] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-02-21 113704] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-13 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  8. kemicky
    Beste mensen, Sommige vrienden van mij in Duitsland krijgen van mij onbedoeld spam-mails zoals facturen vanuit Nederland waar zij niet eens kennissen/vrienden in Nederland hebben. Is er een malware in mijn pc? Alvast bedankt Vriendelijke groeten Kemicky
  9. kemicky
    Hallo goedemiddag, Ik heb toch een probleem: Nadat ik volgende programma's heb geïnstalleerd RSIT Zoek.exe Adw Cleaner Malware Bytes Delfix by Xplode en laten doorlopen kan ik nu niet meer tot https:webtxt.rtvwest.nl komen wat voorheen goed was. Telkens werd ik gevraagd om Java te installeren wat ik ook deed. Het lukt mij niet meer om in te loggen! Wat is er aan de hand? Alvast bedankt Vriendelijke groet Kemicky
  10. kemicky
    Voor zover gaat het weer prima en de computer draait weer op volle toeren! Heel hartelijk dank voor je moeite! Vriendelijke groet Michael
  11. kemicky
    # AdwCleaner v3.017 - Report created 15/01/2014 at 16:21:11 # Updated 12/01/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Michael Kempen - MICHAELKEMPEN # Running from : C:\Users\Michael Kempen\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\d Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86] Key Deleted : HKCU\Software\855dfd1e634be48 Key Deleted : HKLM\SOFTWARE\855dfd1e634be48 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\DataMngr [#] Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\Software\ImInstaller Key Deleted : HKLM\Software\simplitec Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9154 octets] - [15/01/2014 16:19:50] AdwCleaner[s0].txt - [8584 octets] - [15/01/2014 16:21:11] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8644 octets] ########## - - - Updated - - - Jij schreef dat ik de resultaten zou moeten bekijken en vervolgens de geselecteerde moet verwijderen maar ik vind ze niet. Ik kreeg alleen het logbestand (zie onderaan). Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.01.15.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Michael Kempen :: MICHAELKEMPEN [administrator] 15-1-2014 16:37:58 mbam-log-2014-01-15 (16-37-58).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 204586 Verstreken tijd: 1 minuut/minuten, 38 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  12. kemicky
    Zoek.exe v5.0.0.0 Updated 12-Januari-2014 Tool run by Michael Kempen on wo 15-01-2014 at 9:40:23,34. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michael Kempen\Downloads\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2013-03-26-084240.log 85023 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\SearchScopes\{21BBB4A2-531E-4A6C-BC3E-E4970BF9B3E7} deleted successfully HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\PC Speed Up deleted C:\PROGRA~2\EZDownloader deleted C:\PROGRA~2\Optimizer Pro deleted C:\PROGRA~2\Yontoo deleted C:\PROGRA~2\Search Results Toolbar deleted C:\Users\Michael Kempen\AppData\Roaming\simplitec deleted C:\Users\Michael Kempen\AppData\Roaming\BabSolution deleted C:\Users\Michael Kempen\AppData\Roaming\Babylon deleted C:\Users\Michael Kempen\AppData\Roaming\Yontoo deleted C:\Users\Michael Kempen\AppData\Roaming\Optimizer Pro deleted C:\ProgramData\Ask deleted C:\ProgramData\Datamngr deleted C:\ProgramData\simplitec deleted C:\ProgramData\StarApp deleted C:\ProgramData\Wincert deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Tarma Installer deleted C:\ProgramData\Babylon deleted C:\ProgramData\SummerSoft deleted C:\Users\Michael Kempen\AppData\Local\iLivid deleted C:\Users\Michael Kempen\AppData\Local\Smartbar deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec deleted C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect deleted C:\Users\Michael Kempen\AppData\LocalLow\ilividtoolbargaw deleted C:\Users\Michael Kempen\AppData\LocalLow\DataMngr deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Michael Kempen\Documents\PCSpeedUp deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr.dll" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted "C:\PROGRA~2\simplitec\simplicheck\simplicheck.exe" deleted "C:\PROGRA~2\Movies Toolbar" not deleted "C:\PROGRA~2\simplitec" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64" not deleted "C:\PROGRA~2\simplitec\simplicheck" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\MICHAE~1\AppData\Local\Temp ==== 2014-01-14 22:00:00 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-01-14 21:59:04 DD1D66259110B305696B01F52C3EC7FE 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-15 07:48:17 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Michael Kempen\AppData\Roaming ====== ====== C:\Users\Michael Kempen ====== 2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe ====== C: exe-files == 2014-01-15 07:48:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michael Kempen.exe 2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe 2014-01-14 22:00:00 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe 2014-01-14 06:57:37 07DA1B3241B7B174083C3A69C76FECBD 8105040 ----a-w- C:\Windows\Temp\226d32c2\SetupDataMngr_iLivid.exe === C: other files == 2014-01-14 09:43:26 77520BBF6E050E229F5AAC185EFEAFB5 157365 ----a-w- C:\Users\Michael Kempen\Downloads\grundschrift-2013-09-01.zip 2014-01-14 09:32:44 0DDC21E475FD632ECD6EC33F80B02BC7 21091 ----a-w- C:\Users\Michael Kempen\Downloads\heather.zip 2014-01-13 16:16:28 88DCE197EC65E23CC75FF0451C701B3D 14060557 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (5).zip 2014-01-13 15:45:13 650E1A111CD7B35147F11C1BB5C4FF95 9725195 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (4).zip 2014-01-13 08:38:17 E50907951E3159C53A4A5D1AE5F617F1 95141 ----a-w- C:\Users\Michael Kempen\Downloads\cursive_standard.zip 2014-01-10 10:06:18 55E13BAC6B4BB23851DB5D7F910A9760 3991910 ----a-w- C:\AAA-Fotos\2013\13-12-23 Ma 85\85ste verjaardag van oma Rika.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~2\\movies~1\\datamngr\\mgrldr.dll c:\\progra~3\\wincert\\win32c~1.dll" ==== Startup Folders ====================== 2013-07-07 17:30:36 1063 ----a-w- C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk 2013-03-25 06:17:07 2051 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 19:15] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{0F827075-B026-42F3-885D-98981EE7B1AE}"="C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" [] ==== Chrome Look ====================== Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf PricePeep - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb Google Wallet - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-550&v=a9301-109&t=4" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\mozilla\Firefox\Extensions\{0F827075-B026-42F3-885D-98981EE7B1AE} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{292BBB37-8CE1-AAAB-A2FD-7C9BC8EF280D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DA94119-74DB-7341-8021-B97FD2AC76DF} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4303 folders=466 206054161 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Movies Toolbar" not found ==== EOF on wo 15-01-2014 at 9:55:21,98 ====================== - - - Updated - - - Dat klopt, want ik had niet in de gaten dat er nog internet open was.
  13. kemicky
    Zoek.exe v5.0.0.0 Updated 12-Januari-2014 Tool run by Michael Kempen on wo 15-01-2014 at 12:11:10,36. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michael Kempen\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2013-03-26-084240.log 85023 bytes C:\zoek-results2014-01-15-085521.log 16444 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "DATAMNGR"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\SEARCH~1 not found C:\Program Files (x86)\Movies Toolbar not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\MICHAE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-01-14 21:59:04 DD1D66259110B305696B01F52C3EC7FE 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-15 07:48:17 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Michael Kempen\AppData\Roaming ====== 2014-01-15 08:53:49 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-01-15 08:53:49 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-01-15 08:53:49 -------- d-----w- C:\Users\Michael Kempen\AppData\Local\Temp 2014-01-15 08:53:49 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-01-15 08:53:49 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\Michael Kempen ====== 2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe ====== C: exe-files == 2014-01-15 07:48:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michael Kempen.exe 2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe === C: other files == 2014-01-14 09:43:26 77520BBF6E050E229F5AAC185EFEAFB5 157365 ----a-w- C:\Users\Michael Kempen\Downloads\grundschrift-2013-09-01.zip 2014-01-14 09:32:44 0DDC21E475FD632ECD6EC33F80B02BC7 21091 ----a-w- C:\Users\Michael Kempen\Downloads\heather.zip 2014-01-13 16:16:28 88DCE197EC65E23CC75FF0451C701B3D 14060557 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (5).zip 2014-01-13 15:45:13 650E1A111CD7B35147F11C1BB5C4FF95 9725195 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (4).zip 2014-01-13 08:38:17 E50907951E3159C53A4A5D1AE5F617F1 95141 ----a-w- C:\Users\Michael Kempen\Downloads\cursive_standard.zip 2014-01-10 10:06:18 55E13BAC6B4BB23851DB5D7F910A9760 3991910 ----a-w- C:\AAA-Fotos\2013\13-12-23 Ma 85\85ste verjaardag van oma Rika.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe" ==== Startup Folders ====================== 2013-07-07 17:30:36 1063 ----a-w- C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk 2013-03-25 06:17:07 2051 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 19:15] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chrome Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4303 folders=466 206054161 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 15-01-2014 at 12:43:36,98 ======================
  14. kemicky
    Logfile of random's system information tool 1.09 (written by random/random) Run by Michael Kempen at 2014-01-15 08:48:17 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 486 GB (65%) free of 749 GB Total RAM: 8174 MB (65% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:48:24, on 15-1-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\StickyPad\StickyPad.exe C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\pdf24\pdf24.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Michael Kempen.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing) O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [sticky Pad] C:\Program Files (x86)\StickyPad\StickyPad.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Device Monitor.lnk = C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe O4 - Global Startup: simplicheck.lnk = C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\movies~1\datamngr\mgrldr.dll c:\progra~3\wincert\win32c~1.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10966 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 496 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\viakaraokesrv.exe "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1448 taskeng.exe {9FF8DD30-3FC9-4D4E-A30E-171936824A0D} C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5914bdf9-506d-4b66-b3b4-bcac07710ee2 -SystemEventPortName:HostProcess-3c620bf2-2270-4528-a892-2e43bb589d09 -IoCancelEventPortName:HostProcess-9490e4df-422e-4d57-87b1-0cbe91cbbf4d -NonStateChangingEventPortName:HostProcess-52892984-3d4a-420c-b5ee-257f1d8d1394 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:33a8c1f3-1be9-450e-ac8e-171178ad6743 -DeviceGroupId:WpdFsGroup "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe" C:\Windows\Explorer.EXE "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\StickyPad\StickyPad.exe" "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r "C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe" -H C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\pdf24\pdf24.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe" -timer "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4672.0.1668145010\1127584770" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="4672.1.1533491842\1088063294" /prefetch:673131151 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.5.944644283\1285403916" /prefetch:673131151 C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.13.1897714331\385808954" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4672.14.2104983905\1544426636" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.15.1112773604\320906047" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service C:\Windows\splwow64.exe 8192 ArcCon.ac 131976 0 "C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.37.1997777008\1334304775" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.38.106503283\185631269" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544 "c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 3AE606F8-8839-DD3F-8F59-9E6F128F2F07 -Reinvoke "C:\Users\Michael Kempen\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-06 553384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-06 210856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}] Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688] {377e5d4d-77e5-476a-8716-7e70a9272da0} - Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584] "Sticky Pad"=C:\Program Files (x86)\StickyPad\StickyPad.exe [2012-08-13 516153] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "PDFPrint"=C:\Program Files (x86)\pdf24\pdf24.exe [2013-02-19 162856] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968] "DATAMNGR"=C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE [] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe [2013-11-23 180184] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Device Monitor.lnk - C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe simplicheck.lnk - C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-15 08:48:17 ----D---- C:\rsit 2014-01-15 08:48:17 ----D---- C:\Program Files\trend micro 2014-01-06 08:16:27 ----D---- C:\Michael 2013-12-17 21:32:15 ----SHD---- C:\Config.Msi ======List of files/folders modified in the last 1 month====== 2014-01-15 08:48:24 ----D---- C:\Windows\Prefetch 2014-01-15 08:48:22 ----D---- C:\Windows\Temp 2014-01-15 08:48:21 ----D---- C:\ProgramData\Datamngr 2014-01-15 08:48:17 ----RD---- C:\Program Files 2014-01-15 07:55:26 ----D---- C:\Windows\system32\config 2014-01-15 07:45:15 ----D---- C:\Windows\system32\catroot 2014-01-15 07:44:58 ----D---- C:\Windows\system32\catroot2 2014-01-15 07:42:34 ----SHD---- C:\System Volume Information 2014-01-15 07:40:51 ----SHD---- C:\Windows\Installer 2014-01-15 07:40:15 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Dropbox 2014-01-15 07:38:57 ----D---- C:\Windows 2014-01-14 23:32:42 ----D---- C:\Windows\Panther 2014-01-14 23:32:42 ----D---- C:\Windows\Minidump 2014-01-14 23:32:42 ----D---- C:\Windows\Logs 2014-01-14 23:32:42 ----D---- C:\Windows\inf 2014-01-14 23:32:42 ----D---- C:\Windows\debug 2014-01-14 23:00:04 ----D---- C:\Windows\SysWOW64 2014-01-14 22:59:04 ----D---- C:\Windows\system32\Tasks 2014-01-14 22:51:55 ----D---- C:\Windows\Tasks 2014-01-14 22:51:55 ----D---- C:\Windows\system32\wfp 2014-01-14 22:51:54 ----D---- C:\Windows\system32\wbem 2014-01-14 22:50:59 ----D---- C:\Windows\system32\DriverStore 2014-01-14 22:50:59 ----D---- C:\Windows\System32 2014-01-14 22:50:58 ----D---- C:\Windows\AppCompat 2014-01-14 22:50:58 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Stammbaumdrucker 7 Premium 2014-01-14 22:50:56 ----HD---- C:\ProgramData 2014-01-14 22:50:56 ----D---- C:\ProgramData\Wincert 2014-01-14 22:50:54 ----D---- C:\Windows\registration 2014-01-14 22:50:34 ----RD---- C:\Program Files (x86) 2014-01-07 13:29:49 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Skype 2014-01-07 12:51:54 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-04 16:53:13 ----RSD---- C:\Windows\Fonts 2014-01-01 11:42:17 ----D---- C:\AAA-Fotos 2013-12-16 07:15:26 ----D---- C:\Windows\system32\MRT ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336] R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936] R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 16440] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256] R3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2012-01-10 222464] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 15416] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768] S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech HD Webcam C525(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 USB28xxBGA;USB 2828x Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2012-06-20 732928] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2012-06-20 1232128] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808] R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-09-17 3418624] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-13 1255736] -----------------EOF-----------------
  15. kemicky
    Hallo mensen, Volgens mij heeft zich spyware of malware in mijn computer ingeslopen. Kunnen jullie mij helpen? Alvast bedankt Vriendelijke groeten Kemicky
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.