kemicky
-
Items
56 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door kemicky
-
-
Zoek.exe v5.0.0.1 Updated 23-October-2015
Tool run by Michael Kempen on za 24-10-2015 at 6:22:29,90.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michael Kempen\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]
==== System Restore Info ======================
24-10-2015 6:24:12 Zoek.exe System Restore Point Created Successfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Reset Hosts File ======================
# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MyFree Codec deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\HMYGSetting deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Michael Kempen\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Michael Kempen\AppData\Local\EmieSiteList deleted successfully
C:\Users\Michael Kempen\AppData\Local\EmieUserList deleted successfully
C:\Users\Michael Kempen\AppData\Local\Secunia PSI deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully
==== Deleting Services ======================
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=-
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MyFree Codec not found
C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default\extensions\bingsearch.full@microsoft.com deleted
C:\Users\Michael Kempen\Documents\Optimizer Pro deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Michael Kempen\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\Users\Michael Kempen\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted
C:\Users\Michael Kempen\AppData\Local\Wondershare deleted
C:\Users\Michael Kempen\AppData\Local\CrashRpt deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\XTRM Group Ltd deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\REN312F.tmp deleted
C:\Windows\Syswow64\REN388E.tmp deleted
C:\Windows\Syswow64\REN5F11.tmp deleted
C:\Windows\Syswow64\REN8B1F.tmp deleted
C:\Windows\Syswow64\RENE520.tmp deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\MICHAE~1\AppData\Local\Temp ====
2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcUpdater.exe
2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcProcessor.exe
====== Java Cache =====
2015-09-29 16:27:51 05427556DB2BEF9A0EFA0D5963ADEF70 183634 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\434d8819-5cef3f91
2015-10-23 05:32:41 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-2bc4d8bf
2015-10-23 05:32:41 D288EEA5C54AAC338A26DA9D36BFAA4E 100 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2015-10-23 05:32:41 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-5c6df4ae
2015-10-23 05:32:45 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-48c554cd
====== C:\Windows\SysWOW64 =====
2015-10-23 05:31:29 C39FB2F1EB2DF9F3820BD7775F3AFC81 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-14 14:26:33 F811B932E3DBA308014F8C870F752F16 12875776 ----a-w- C:\Windows\SysWOW64\shell32.dll
2015-10-14 14:26:32 5CB2886338C82E388F68557E2745200F 1498624 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 14:26:24 A7028D5D5E3DCF820B3C0AFE0137A87E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll
2015-10-14 14:26:24 908BBA41A5B57DDB126B85EC14DD58EF 76288 ----a-w- C:\Windows\SysWOW64\mshtmled(43).dll
2015-10-14 14:26:24 0E036A353DB9D8F4F642AC0F9412F09E 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 14:26:24 098F6097F919EE77EA490E16D11E427A 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-10-14 14:26:24 04BB7AF8E0DAE83982155F0752308666 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 14:26:24 00FBEDF0E74AD8815469A95271C0E562 345688 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 14:26:23 9F36964CDB9A920779314395E3911503 504832 ----a-w- C:\Windows\SysWOW64\vbscript(50).dll
2015-10-14 14:26:22 D586CB95B4EADC0525E8929A241898F5 20357632 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-10-14 14:26:22 C89372B642726F1CF3EB479397976DA3 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 14:26:22 C848E013BB85C48C787001E1EA36905F 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 14:26:22 060409834CC8FAC3F1231DA3F0648CC5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 14:26:21 B87A11C95703AB19ACB43993DDA0F1A3 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-10-14 14:26:21 9F4234838400CC3A964AF53DE4410A50 2279936 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-10-14 14:26:21 816B489E2BBFE2479C844AAD486ABB42 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 14:26:21 7E8EABA6A2B10FE11E2381378A57322B 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 14:26:21 12DCE9300FF5B74DC2F7DBAC96B0614E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 14:26:20 F274AF14C7DB6C52C023BCBDA4197D17 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 14:26:20 BE1263EE0CB8CF942FC35CC86E0C3941 12853760 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-10-14 14:26:20 AFC4F34507B555D1C9C4F049CCA1475F 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 14:26:20 8C9BCE16E894D4FBCE151F4A5FE05F55 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-10-14 14:26:20 73189A2739491ABB556872737C501F8E 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-10-14 14:26:20 584E6632F1F4027AB64DEB0F4139E7D7 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 14:26:20 4A3CA2C73C4D66A90C63E9E532746020 480256 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-10-14 14:26:18 E401E66CCB2AE219CF41F7F901C410C1 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-10-14 14:26:18 DE53F76D63CA64E172B336BC7CFF6EDA 4527616 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-10-14 14:26:18 CEDBC9DBD9800E0EE81B0840EBC2BAC5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 14:26:18 A7012A7032207D1C16B7236EDF91F4BB 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-10-14 14:26:18 A25C9DD040CA9799C2A7E41732D0752A 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2015-10-14 14:26:18 5EE17D52CAF79663211C01C614594620 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-10-14 14:26:18 17B66052348D3A3681A9411EDD839E18 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt(42).exe
2015-10-14 14:26:07 DDCABBADA6116E8E3472D93FDF56FE66 93696 ----a-w- C:\Windows\SysWOW64\wudriver(53).dll
2015-10-14 14:26:07 C4240CA64E6B3523110DE3CAF4066F07 566784 ----a-w- C:\Windows\SysWOW64\wuapi(51).dll
2015-10-14 14:26:07 7902FB8C129A6DCAA9E0002BD3600F00 35328 ----a-w- C:\Windows\SysWOW64\wuapp(52).exe
2015-10-14 14:26:07 693F6EC2312B8B3F57B7277B069B91A3 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 14:26:06 6CE7ACA0022C27A3FAECB600E097F81B 30208 ----a-w- C:\Windows\SysWOW64\wups.dll
2015-10-14 14:25:58 C19537A50B723E0F7B53D413163B35EE 3936192 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 14:25:57 CA504606753BD62FA3128D3056320264 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-10-14 14:25:57 9E83A4F6E776F7A3E5F7FB90180FBC0B 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2015-10-14 14:25:57 63FD03CED9739062E9B94F0D1E54A406 3990976 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 14:25:56 D9F5F78F8EA5749CA651B71335A96421 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2015-10-14 14:25:56 D8269205300BB593C3698BB77178E8D3 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-10-14 14:25:56 C7293C9340BDC8291F6718913F3F7B14 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 14:25:56 C142CBB756205146B88DDB66D00BFE66 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 14:25:56 C00E4CD3AC3A0D8E339635E06546B77D 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-10-14 14:25:56 B421B311420FD650BE3B25EAC217E685 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-10-14 14:25:56 8A4ED460B6557EDCA637236073794DFF 43008 ----a-w- C:\Windows\SysWOW64\srclient(47).dll
2015-10-14 14:25:56 6D16D1B9DB2526B985BBB9B27A56B70B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-10-14 14:25:56 6848FA8B421A0CEC8990AFE7A615574F 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-10-14 14:25:56 5FC0F48FD38D0AC7FC54EBEFBC3F69C5 25600 ----a-w- C:\Windows\SysWOW64\setup16(46).exe
2015-10-14 14:25:56 4EB6A0445891D56D56BB4580B3906BEA 1311768 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2015-10-14 14:25:56 3FA49981A847AE62259E6AEB585C84B8 65536 ----a-w- C:\Windows\SysWOW64\TSpkg(48).dll
2015-10-14 14:25:56 2464CEAC16185B73774662AC625F695D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-10-14 14:25:56 2421C989BF8485B6A9EBBAC35ACADF1D 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 14:25:56 22BF275468F714A4F7E6F36449D1DCE2 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 14:25:56 1BE5DF925C30D9D1FAD1212FB215E469 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 14:25:56 1ADCC4F94981430FE968EE992353C535 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 14:25:56 15192FC6BFCB37AE43A645A9C84AEF2F 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 14:25:56 0834E70A068360D85CDC47697A4B7898 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-10-14 14:25:55 FE7B23203C757148CBCCA0A39EAD3C59 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-10-14 14:25:55 D414A645F6853BB2C8A24B85C1C86581 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-10-14 14:25:55 64B92847AA0945992BB49B62D9B0440E 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-10-14 14:25:55 09BA6677E9CCBB1884CD0FB24F6EF584 2048 ----a-w- C:\Windows\SysWOW64\user(49).exe
2015-10-14 14:25:36 0D0FF2A38473552DDFF4F21756700F9B 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll
2015-10-14 14:25:21 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:25:21 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:25:21 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:25:21 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:25:21 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:25:21 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:25:21 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:25:21 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:25:21 80BEB858D2EEE9CA657647B599E5D844 11616 ----a-w- C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:25:21 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:25:21 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:25:21 5B55E9A1360A6C52CC988DA6804D6CA2 901264 ----a-w- C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 14:25:21 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:25:21 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:25:21 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:25:21 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:25:21 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-10-21 19:11:28 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\Sysnative\aswBoot.exe
2015-10-15 15:06:35 F03EA93F045D009830C890010750B34A 25432 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe
2015-10-15 15:06:35 AFE7905DD772DEA54B9C443C6634740A 700416 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-10-15 15:06:35 9F780E22C79AACBF3A93F6ACDE2A4E0A 766464 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-10-15 15:06:35 952D66DCA6CB744381B7298F8AAE994F 73216 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-10-15 15:06:35 21C89857E5671990BBF2B430BD75B9C9 1291264 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-10-15 15:06:35 1AC3E0E57844764B0CA6D2BF0F76C773 503808 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-10-15 15:06:35 14A5CC0EE60278D483A88124B88F3524 1163776 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-10-14 14:26:35 885B08E5EC912D2680F533094B87770D 14176768 ----a-w- C:\Windows\Sysnative\shell32.dll
2015-10-14 14:26:34 0F08BB62CD162883E9A3004BBE7914BD 1866752 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll
2015-10-14 14:26:34 0F08BB62CD162883E9A3004BBE7914BD 1866752 ----a-w- C:\Windows\Sysnative\ExplorerFrame(39).dll
2015-10-14 14:26:24 BF8A5B4E696F4E8F3B2B5E9902467418 720896 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-10-14 14:26:24 9E0D0522908C1106E0D77708CB9926FE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-10-14 14:26:24 9AEE2A881FD10E6A463588303D8027AD 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-10-14 14:26:24 80E9DF296F127B3BC965EBC5A2C8F044 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-10-14 14:26:24 3A0773E21355B41176ACAD8BB099D9B3 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-10-14 14:26:22 521E1A87D4F750FD9694DBF3AB37B38F 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-10-14 14:26:21 8A2A46DD0C51E5D2D0A2EF2AA289DA4D 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-10-14 14:26:21 4AEB3F2FB0CC23A18ED997F6C0476819 391784 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-10-14 14:26:21 3295B811A0260C0A5B346ECB73C5FCF0 152064 ----a-w- C:\Windows\Sysnative\occache.dll
2015-10-14 14:26:20 D661A17B4634171C58373699CBD6455B 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-10-14 14:26:20 6E1EEB1CE2F9F3AB14A9E8A6B1E82455 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-10-14 14:26:20 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-10-14 14:26:20 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility(40).exe
2015-10-14 14:26:20 12C1DECE9502828C0A5ADB50AB1673A0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-10-14 14:26:19 F6F91F217D760981017E4AA4F1C7E633 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-10-14 14:26:19 E91FD3ACC10C971CBA991FCD058ABB58 2886656 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-10-14 14:26:19 7C3050383491011FEDD40961A37A2D99 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-10-14 14:26:19 0FA614470B3A78FC5B8F3F3F742B9837 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-10-14 14:26:18 A865136AC6436533E0A4A3C67F259401 585728 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-10-14 14:26:18 84C63F3D2D488A918A947E06BD1105EF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-10-14 14:26:18 45A56A2CC2D6A4B649B7DC3B5DF259FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-10-14 14:26:17 BC92D9D88959542FBAF1F8CF21F86B38 14458368 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-10-14 14:26:17 B0917E6238C1675E48CFE64947DD9FD9 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-10-14 14:26:17 88D3F690043A1AA43F33DEC6DDA82178 616960 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-10-14 14:26:17 5175A9C2C71D49394424C07CA856B803 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-10-14 14:26:17 4A9FFAC9325EFFDEFD7E8C0830B0ABEC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-10-14 14:26:17 373B3EFBBF1A2706F8660C4DE4202694 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2015-10-14 14:26:16 E36C7069B9C56DF9A53DD4FA5DCDDE72 5990912 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-10-14 14:26:16 BD06D875FB79E92DAF724C91DE743AFA 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-10-14 14:26:16 58DD42AC31D1F86D303BAAF5955A59BA 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-10-14 14:26:16 454669BB12162610D93954BCC942A41C 817664 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-10-14 14:26:16 1DE918244ED8AB9D3F2C4B9A1F91A24D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-10-14 14:26:15 BEA081F4F2D507D6461B142AB11995B3 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-10-14 14:26:15 99BA96F5AC545D857E662A9FC576D919 25851904 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-10-14 14:26:15 0783994A921469A6E97F3117AA0934DD 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-10-14 14:26:07 ECB1C858D9989C4F19FDCE3B7F8BA1F7 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll
2015-10-14 14:26:07 DA4450EE180CBDFB800FB230978BBC58 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll
2015-10-14 14:26:07 C64C6AA9F061E89AE6CA1B484AC3F94E 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2015-10-14 14:26:07 96983751026F0940CAEEB15901B49FF2 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe
2015-10-14 14:26:07 64B432FB351118B222A5342A7A461696 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2015-10-14 14:26:07 5F1A7C984117F478F7411BDD98411B58 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll
2015-10-14 14:26:07 2FFBB9A44A8BA9CBC9589C31E0A36605 3168768 ----a-w- C:\Windows\Sysnative\wucltux.dll
2015-10-14 14:26:07 291778E1A36716182AFBC1731B2DFEAB 2607104 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2015-10-14 14:26:06 B322CE702FA01DA60876BC5D417B15FE 36864 ----a-w- C:\Windows\Sysnative\wups.dll
2015-10-14 14:26:06 7A2E35CA7131819A8CCE1FA1368D7813 37888 ----a-w- C:\Windows\Sysnative\wups2.dll
2015-10-14 14:26:06 74F288D562E78E1062D4AA2A6C3AB74C 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-10-14 14:25:58 3FE5671328B8A655F766D872D12DC373 5569472 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-10-14 14:25:57 F337ACC4CF6B9DFBE46D9A7E54E10756 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-10-14 14:25:57 CD349AD99C801523B55030AC234CC1EF 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2015-10-14 14:25:57 A06A96A26FE0BE22B08B641362296B68 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2015-10-14 14:25:57 91DDAFAFCEC3E360881FE35AF06B9EE4 1730496 ----a-w- C:\Windows\Sysnative\ntdll.dll
2015-10-14 14:25:57 6C190505923A971F0474F8BA8DA50789 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-10-14 14:25:57 5B9427E47B86AFDA813A8D252713FC35 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-10-14 14:25:57 5401C9D2F4B0A98B60259C621DDF1EB6 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2015-10-14 14:25:57 4AD1C61152A0199E3D7F9A82C07AC629 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2015-10-14 14:25:57 365480590A46ECB0E4BF1DBD7BC69713 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-10-14 14:25:57 338FD40323ADD43B5C94B4A6CB91874B 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2015-10-14 14:25:57 11C18D613F66CB5CE829B821599ED339 1164800 ----a-w- C:\Windows\Sysnative\kernel32.dll
2015-10-14 14:25:56 FCFE939A325054DFC69E1D8C58751A62 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2015-10-14 14:25:56 EE035334B7A58C7F748C3D0394574A35 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-10-14 14:25:56 E9CCB68290F27837A3D7058FEB51F7A8 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-10-14 14:25:56 E91002F7EC3A9BF7F62BF1E215A32451 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2015-10-14 14:25:56 E43F36D0B4C674FEA2C992564A3E0F28 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-10-14 14:25:56 D2E2A613EBD0C959E72556C3A63A6B4A 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-10-14 14:25:56 D2BF3CD0F66139B5F1BA1D35C6613E78 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-10-14 14:25:56 C0EC18A77CBE5505019AF1BEB6CE824D 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-10-14 14:25:56 96DE914D834FD7809A1720AF5D913C96 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-10-14 14:25:56 95E4E6C645175731B1DC8084329121AA 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-10-14 14:25:56 8F15F0D6F42A2B8A58EDD1AA55D7FB98 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-10-14 14:25:56 8260FD420E49C1E3DD6539BCEA2B376E 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-10-14 14:25:56 78461527B753B9A6043038AEF25745D3 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2015-10-14 14:25:56 5424EC756808C1002457033D969115C7 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-10-14 14:25:56 4E10C0CD94FD2E9F04B0AA11C4DB1592 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-10-14 14:25:56 3CF93F8BA5016A86073F7ACE4A225D69 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll
2015-10-14 14:25:56 23682AD752DE308760672C84A7E74554 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-10-14 14:25:56 06AA22DBBD294BB40F01E23BF826AA9C 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-10-14 14:25:56 023394934150F7EC547EBCC2107EEA5F 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-10-14 14:25:55 DD01EBF9D35E614CAEA1BF4876B07134 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-10-14 14:25:55 B5D2DF46AB955A070F67FF192C52E7BD 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-10-14 14:25:55 7CDA2FE5F02370B5879DF8D35133B0E1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-10-14 14:25:38 87FEDB1FF42C3A10FFE2CE95AB2AF306 616360 ----a-w- C:\Windows\Sysnative\winresume.efi
2015-10-14 14:25:38 541B7C53EDA8F84790A593B13FB32E56 692672 ----a-w- C:\Windows\Sysnative\winload.efi
2015-10-14 14:25:36 B6C85437FDC8EC6464BE359D41BBC3F7 59392 ----a-w- C:\Windows\Sysnative\appidapi.dll
2015-10-14 14:25:36 7030F95F994B2F2CCC1C521E342369DB 147456 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe
2015-10-14 14:25:35 B17B1E5FB5CE63DA4DB4D49E3683487F 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe
2015-10-14 14:25:35 ABC373B9C6275D45F17DB559408FFD1B 32768 ----a-w- C:\Windows\Sysnative\appidsvc.dll
2015-10-14 14:25:35 7503BAD9B2A08B8A95319F7C0CA9F869 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll
2015-10-14 14:25:21 F97E7878A2B372291B1269D80327BBF6 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:25:21 ED14B64C94F543974B7FDC592FA0594B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:25:21 ECCF5973B80D771A79643732017CEA9A 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:25:21 E9F6D776545843A9817D8ACF38D06D09 19808 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:25:21 CC337898E64D9078CB697AC19F995C7F 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:25:21 BBAE7B5436D6D1B0FC967FF67E35415F 16224 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:25:21 AF851DFD0D9FECB76FF2B403F3C30F5B 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:25:21 761DDD8669A661D57D9CF9C335949C06 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:25:21 6631C212F79350458589A5281374B38B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:25:21 653CB5DF3CEC6A4A0E402B33D8AA5C08 63840 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:25:21 56556659C691DD043DBE24B0A195D64C 20832 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:25:21 53E9526AF1FDCE39F799BFE9217397A8 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:25:21 32B2264317EA6200DA5DEEEC7DCB0EEB 11616 ----a-w- C:\Windows\Sysnative\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:25:21 2381E189321EAD521FF71E72D08A6B17 984448 ----a-w- C:\Windows\Sysnative\ucrtbase.dll
2015-10-14 14:25:21 1908861649E67CDC20C563C234A89914 15712 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:25:21 0F143310FADE4DE116070A3917A79C18 13664 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:25:21 090DD0BB2BDDEE3EAAE5B6FF15FAE209 14176 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
====== C:\Windows\Sysnative\drivers =====
2015-10-14 14:25:57 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-10-14 14:25:57 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-10-14 14:25:57 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-10-14 14:25:56 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-10-14 14:25:56 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-10-14 14:25:35 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
====== C:\Windows\Tasks ======
2015-09-25 08:06:36 F4BB59742FC6E50EA92E4A43E4779E8C 1002 ----a-w- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-25 08:06:36 E790C216865198C7F7B1CDD7BB526566 4024 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-10-23 05:31:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-09-28 18:55:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Michael Kempen\AppData\Roaming ======
2015-09-25 03:58:20 -------- d-----w- C:\Users\Michael Kempen\AppData\Roaming\Sun
====== C:\Users\Michael Kempen ======
2015-10-23 11:57:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
2015-10-23 05:31:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-23 05:24:32 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\Users\Michael Kempen\Downloads\jxpiinstall.exe
2015-10-03 18:51:45 -------- d-----w- C:\Users\Public\Documents\AirDroid
2015-09-28 18:55:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-26 04:20:36 -------- d-----w- C:\Windows\SysNative\config\systemprofile\.oracle_jre_usage
2015-09-26 04:20:31 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\.oracle_jre_usage
2015-09-25 03:58:20 -------- d-----w- C:\Users\Michael Kempen\.oracle_jre_usage
====== C: exe-files ==
2015-10-23 11:57:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
2015-10-23 05:31:29 A53E431775DF91EA016AF5817DF26B41 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-10-23 05:31:29 50CC4A65F784A51813A169EA33CF319A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-10-23 05:31:29 4547FB479010206D8BEA10B2694C5C6D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe
2015-10-23 05:31:20 FAE99E011922F5BE4CB2160E316D057B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmiregistry.exe
2015-10-23 05:31:20 FA5E33B54BD044F489BA4281B3D6ED95 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\servertool.exe
2015-10-23 05:31:20 CC0CF93D2BF12A423DA4134FFB9C324D 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssvagent.exe
2015-10-23 05:31:20 BBC68E5519B11A74B8208AA7B85F3B80 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmid.exe
2015-10-23 05:31:20 B6DBE62611DA178B2CA578BC2B7BBA30 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javacpl.exe
2015-10-23 05:31:20 B61623580A304714A4E2FE6A5E73327F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\pack200.exe
2015-10-23 05:31:20 AA79E5830F4B6C29A5A976891ED0E86B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jjs.exe
2015-10-23 05:31:20 A53E431775DF91EA016AF5817DF26B41 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe
2015-10-23 05:31:20 940EE00C074A46D638A756723964D65D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\orbd.exe
2015-10-23 05:31:20 8ED50DA4BAE0046E05BEC0110CF20B17 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java-rmi.exe
2015-10-23 05:31:20 857117663B1F28ABBA4E1C6110A09282 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\policytool.exe
2015-10-23 05:31:20 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jabswitch.exe
2015-10-23 05:31:20 6211595DD15306DFD8E07B95E6F2984D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\tnameserv.exe
2015-10-23 05:31:20 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\keytool.exe
2015-10-23 05:31:20 50CC4A65F784A51813A169EA33CF319A 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaws.exe
2015-10-23 05:31:20 4D2DDC988E4F67E7E07E78954FBEED2D 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\unpack200.exe
2015-10-23 05:31:20 4547FB479010206D8BEA10B2694C5C6D 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe
2015-10-23 05:31:20 2AA43B8A44341F90DCCFAE38107BA484 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2launcher.exe
2015-10-23 05:31:20 1A859E08A65ECBA7B687ACAED5EA5080 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ktab.exe
2015-10-23 05:31:20 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\klist.exe
2015-10-23 05:31:20 0AD21325149141252F05B32F7809F441 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\kinit.exe
2015-10-23 05:24:32 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\Users\Michael Kempen\Downloads\jxpiinstall.exe
2015-10-21 19:11:28 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\System32\aswBoot.exe
2015-10-17 09:22:48 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe
2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcUpdater.exe
2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ST1BXC6Q\BSvcUpdater[1].exe
2015-10-17 09:22:47 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe
2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\BSvcProcessor.exe
2015-10-17 09:22:47 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ST1BXC6Q\BSvcProcessor[1].exe
2015-10-17 09:12:46 77C01F1850E55373280A1B865D824F58 144008 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\BingSvc\BingSvc.exe
2015-10-17 09:12:46 67935AE83509795F8A4315B9504C9C69 2650776 ----a-w- C:\Users\Michael Kempen\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe
2015-10-17 05:02:41 D65E66A618FA52CEF893A5FAEA2503DE 301224 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe
=== C: other files ==
2015-10-23 05:31:20 577B724A8DB4380F8B8F0098D1C9A722 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\lib\deploy\ffjcext.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
"autoRunTest"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe"
"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"
"OpwareSE4"="C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
"autoRunTest"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "
==== Startup Folders ======================
2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [17-10-2015 10:15]
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-10-2015 10:15]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-09-2015 08:51]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-09-2015 08:51]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1396635249" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{4F11B628-B826-4E6F-9BCD-60B7BAC0A38F}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2015-05-02 07:12:42 -------- d-----w- C:\PROGRA~3\eBook Converter
2015-05-20 12:06:51 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2015-05-28 06:07:11 -------- d-----w- C:\PROGRA~3\NCH Software
2015-06-14 10:24:27 -------- d-----w- C:\PROGRA~3\Wondershare
2015-06-15 13:25:31 -------- d-----w- C:\PROGRA~3\Applications
2015-08-21 06:53:26 -------- d-----w- C:\PROGRA~3\1&1 Mail & Media GmbH
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\MICHAE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default
user_pref("browser.startup.homepage", "http://www.gmx.com/|https://web.whatsapp.com/|https://mail.google.com/mail/u/1/#inbox|https://mail.google.com/mail/u/2/#inbox|https://mail.google.com/mail/u/3/#inbox|https://calendar.google.com/calendar/b/3/render?tab=mc#main_7|https://mail.google.com/mail/u/4/#inbox|https://mail.google.com/mail/u/5/#inbox|http://www.rhein-zeitung.de/bilder/karikaturen-galerie_galerie,-Karikaturen-Oktober-2015-_costart,1_mediagalid,37825.html");
user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21-10-2015 21:11]
==== Firefox Extensions ======================
ProfilePath: C:\Users\MICHAE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default
- GMX MailCheck - C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default\extensions\browser-mailcheck@gmx.net
- GMX MailCheck - %ProfilePath%\extensions\browser-mailcheck@gmx.net
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Michael Kempen\AppData\Roaming\Mozilla\Firefox\Profiles\wfqg3tyo.default
863AF0003392FEBC2667A8A790DED955 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.71
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22-04-2015 20:46]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]
Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
GMX MailCheck - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm
selector is not a valid CSS selector - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast Online Security - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Hangouts - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl
Google Wallet - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
My Font for Gmail™ - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcogoioikcdeceiakjbandbaifohik
Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
MSN Homepage Bing Search Engine - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Google Sheets - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Web Store Payments - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
selector is not a valid CSS selector - Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp
==== Chromium Startpages ======================
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://news.google.de/",
==== Chromium Fix ======================
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Michael Kempen\AppData\Local\Mozilla\Firefox\Profiles\wfqg3tyo.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Michael Kempen\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=151 folders=81 66364647 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\TEMP\AppData\Local\temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\admin.brightcove.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\cdn2.dashbida.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\f.vimeocdn.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\menhdv.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\sadmin.brightcove.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\secretmedia.s3.amazonaws.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\secure.insightexpressai.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\static.issuu.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\staticfiles.rtl.nl" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\www.cdn-net.com" not found
"C:\Users\Michael Kempen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\347VPBKV\www.t-online.de" not found
==== EOF on za 24-10-2015 at 6:48:12,25 ======================
-
Beste Clarkie,
Fijn dat jij mij ermee helpt! Met deze bericht doe ik het log.txt bestand toevoegen!
Graag hoor ik hoe verder
Mvg
Kemicky
-
Hallo lieve computervrienden,
Sinds een paar dagen krijg ik telkens weer die melding op de scherm nadat ik mijn pc heb opgestart. Zie bijlage. Weten jullie wat er aan de hand zou kunnen zijn? Alvast hartelijk dank hiervoor
Groeten Kemicky
-
[ATTACH]34837[/ATTACH]
-
[ATTACH]34832[/ATTACH]
-
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michael Kempen at 2014-08-17 12:46:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 469 GB (63%) free of 749 GB
Total RAM: 8174 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:47:00, on 17-8-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\StickyPad\StickyPad.exe
C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
C:\Program Files (x86)\pdf24\pdf24.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michael Kempen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [sticky Pad] C:\Program Files (x86)\StickyPad\StickyPad.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Device Monitor.lnk = C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9917 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1996
taskeng.exe {8816C4F0-386D-4409-A1D6-AFAC3061E694}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ac55e6d5-2f1c-484d-8555-6788f290b76f -SystemEventPortName:HostProcess-c9e44646-11d5-4c3b-b16f-ecd203f0177f -IoCancelEventPortName:HostProcess-cf1c8566-316a-4e74-bffb-196089518371 -NonStateChangingEventPortName:HostProcess-f75756bc-697a-4967-a03b-9c8c73c352c7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d693550f-e3bc-4b13-a9b1-a122e0e2c99a -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\StickyPad\StickyPad.exe"
"C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe" -H
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\pdf24\pdf24.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
ArcCon.ac 66080 0
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4868.0.433700417\700138830" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.2.422063\978564104" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.3.1534538756\1544163750" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.4.338213189\784160120" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.7.693633228\943675824" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4868.17.1440207909\1601011347" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.43.798578669\908295222" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.45.233357259\48357849" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.47.1794708830\750711544" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.48.811115915\328906152" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.54.664704599\2001495697" /prefetch:673131151
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.55.1463423733\1556002853" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4868.60.1673398172\92129748" /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Michael Kempen\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-13 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-13 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Sticky Pad"=C:\Program Files (x86)\StickyPad\StickyPad.exe [2012-08-13 516153]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"PDFPrint"=C:\Program Files (x86)\pdf24\pdf24.exe [2013-02-19 162856]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-09 3890208]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Device Monitor.lnk - C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPath"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-17 12:45:45 ----D---- C:\rsit
2014-08-14 10:41:17 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Oracle
2014-08-14 10:40:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-14 10:40:51 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-14 06:24:07 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 06:24:07 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 06:24:07 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 06:24:07 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 06:24:05 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 06:24:05 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 06:23:34 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 06:23:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 06:04:51 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 06:04:45 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 06:04:45 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 06:04:40 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 06:04:40 ----A---- C:\Windows\system32\msi.dll
2014-08-14 06:04:40 ----A---- C:\Windows\system32\authui.dll
2014-08-14 06:04:39 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 06:04:39 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 06:04:39 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 06:04:39 ----A---- C:\Windows\system32\consent.exe
2014-08-14 06:04:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 06:04:28 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 06:04:27 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-14 06:04:27 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 06:04:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 06:04:22 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 06:04:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 06:04:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 06:04:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 06:04:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 06:04:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 06:04:14 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 06:04:14 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 06:04:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 06:04:14 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 06:04:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 06:04:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 06:04:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 06:04:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 06:04:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 06:04:12 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 06:04:12 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 06:04:12 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 06:04:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 06:04:11 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 06:04:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 06:04:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 06:04:10 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 06:04:10 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 06:04:10 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 06:04:09 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 06:04:09 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 06:04:09 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 06:04:09 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 06:04:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 06:04:09 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 06:04:08 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 06:04:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 06:04:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 06:04:02 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 06:03:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 06:03:53 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 06:03:52 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 06:03:50 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-08-17 12:46:58 ----D---- C:\Windows\Temp
2014-08-17 12:46:58 ----D---- C:\Program Files\trend micro
2014-08-17 12:46:39 ----D---- C:\Windows\Prefetch
2014-08-17 11:08:35 ----D---- C:\Windows\system32\config
2014-08-17 11:08:32 ----SHD---- C:\Windows\Installer
2014-08-17 11:08:31 ----D---- C:\Windows\SysWOW64
2014-08-14 11:08:44 ----SHD---- C:\System Volume Information
2014-08-14 11:07:19 ----D---- C:\Windows\rescache
2014-08-14 10:41:40 ----SHD---- C:\Config.Msi
2014-08-14 10:41:33 ----D---- C:\Windows\System32
2014-08-14 10:41:06 ----D---- C:\ProgramData\Oracle
2014-08-14 10:41:01 ----D---- C:\Program Files (x86)\Common Files
2014-08-14 10:40:50 ----D---- C:\Program Files (x86)\Java
2014-08-14 07:20:01 ----D---- C:\Windows\Microsoft.NET
2014-08-14 07:19:34 ----RSD---- C:\Windows\assembly
2014-08-14 06:45:41 ----D---- C:\Windows\winsxs
2014-08-14 06:43:11 ----RSD---- C:\Windows\Fonts
2014-08-14 06:43:11 ----D---- C:\Windows\ehome
2014-08-14 06:43:05 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-08-14 06:43:05 ----D---- C:\Windows\system32\nl-NL
2014-08-14 06:43:04 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 06:43:04 ----D---- C:\Windows\system32\en-US
2014-08-14 06:43:04 ----D---- C:\Windows\system32\drivers
2014-08-14 06:43:04 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 06:43:04 ----D---- C:\Program Files\Internet Explorer
2014-08-14 06:43:04 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 06:35:25 ----D---- C:\Windows\system32\catroot2
2014-08-14 06:35:25 ----D---- C:\Windows\system32\catroot
2014-08-14 06:32:13 ----D---- C:\Windows\system32\MRT
2014-08-14 06:28:14 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 06:22:42 ----SD---- C:\Windows\system32\CompatTel
2014-08-14 05:55:07 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Dropbox
2014-08-10 16:54:07 ----D---- C:\Windows\inf
2014-08-10 16:54:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-09 12:12:12 ----D---- C:\Windows\system32\wdi
2014-07-24 21:43:55 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 21:43:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-13 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-13 208416]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-13 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-13 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-13 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2012-01-10 222464]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C525(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768]
S1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USB28xxBGA;USB 2828x Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2012-06-20 732928]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2012-06-20 1232128]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-13 50344]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-02-21 113704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-13 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Beste mensen,
Sommige vrienden van mij in Duitsland krijgen van mij onbedoeld spam-mails zoals facturen vanuit Nederland waar zij niet eens kennissen/vrienden in Nederland hebben. Is er een malware in mijn pc?
Alvast bedankt
Vriendelijke groeten
Kemicky
-
Hallo goedemiddag,
Ik heb toch een probleem: Nadat ik volgende programma's heb geïnstalleerd
RSIT
Zoek.exe
Adw Cleaner
Malware Bytes
Delfix by Xplode
en laten doorlopen kan ik nu niet meer tot https:webtxt.rtvwest.nl komen wat voorheen goed was. Telkens werd ik gevraagd om Java te installeren wat ik ook deed. Het lukt mij niet meer om in te loggen! Wat is er aan de hand?
Alvast bedankt
Vriendelijke groet
Kemicky
-
Voor zover gaat het weer prima en de computer draait weer op volle toeren! Heel hartelijk dank voor je moeite!
Vriendelijke groet
Michael
-
# AdwCleaner v3.017 - Report created 15/01/2014 at 16:21:11
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michael Kempen - MICHAELKEMPEN
# Running from : C:\Users\Michael Kempen\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\855dfd1e634be48
Key Deleted : HKLM\SOFTWARE\855dfd1e634be48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\simplitec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9154 octets] - [15/01/2014 16:19:50]
AdwCleaner[s0].txt - [8584 octets] - [15/01/2014 16:21:11]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8644 octets] ##########
- - - Updated - - -
Jij schreef dat ik de resultaten zou moeten bekijken en vervolgens de geselecteerde moet verwijderen maar ik vind ze niet. Ik kreeg alleen het logbestand (zie onderaan).
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2014.01.15.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Michael Kempen :: MICHAELKEMPEN [administrator]
15-1-2014 16:37:58
mbam-log-2014-01-15 (16-37-58).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 204586
Verstreken tijd: 1 minuut/minuten, 38 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
-
-
Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Michael Kempen on wo 15-01-2014 at 9:40:23,34.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michael Kempen\Downloads\zoek.exe [scan all users] [Quick Scan] [Auto Clean]
==== Older Logs ======================
C:\zoek-results2013-03-26-084240.log 85023 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\SearchScopes\{21BBB4A2-531E-4A6C-BC3E-E4970BF9B3E7} deleted successfully
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~2\PC Speed Up deleted
C:\PROGRA~2\EZDownloader deleted
C:\PROGRA~2\Optimizer Pro deleted
C:\PROGRA~2\Yontoo deleted
C:\PROGRA~2\Search Results Toolbar deleted
C:\Users\Michael Kempen\AppData\Roaming\simplitec deleted
C:\Users\Michael Kempen\AppData\Roaming\BabSolution deleted
C:\Users\Michael Kempen\AppData\Roaming\Babylon deleted
C:\Users\Michael Kempen\AppData\Roaming\Yontoo deleted
C:\Users\Michael Kempen\AppData\Roaming\Optimizer Pro deleted
C:\ProgramData\Ask deleted
C:\ProgramData\Datamngr deleted
C:\ProgramData\simplitec deleted
C:\ProgramData\StarApp deleted
C:\ProgramData\Wincert deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\Tarma Installer deleted
C:\ProgramData\Babylon deleted
C:\ProgramData\SummerSoft deleted
C:\Users\Michael Kempen\AppData\Local\iLivid deleted
C:\Users\Michael Kempen\AppData\Local\Smartbar deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec deleted
C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted
C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect deleted
C:\Users\Michael Kempen\AppData\LocalLow\ilividtoolbargaw deleted
C:\Users\Michael Kempen\AppData\LocalLow\DataMngr deleted
C:\windows\SysNative\Tasks\BrowserProtect deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Michael Kempen\Documents\PCSpeedUp deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr.dll" deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted
"C:\PROGRA~2\simplitec\simplicheck\simplicheck.exe" deleted
"C:\PROGRA~2\Movies Toolbar" not deleted
"C:\PROGRA~2\simplitec" deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr" not deleted
"C:\PROGRA~2\Movies Toolbar\Datamngr\x64" not deleted
"C:\PROGRA~2\simplitec\simplicheck" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\MICHAE~1\AppData\Local\Temp ====
2014-01-14 22:00:00 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-01-14 21:59:04 DD1D66259110B305696B01F52C3EC7FE 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-15 07:48:17 -------- d-----w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Michael Kempen\AppData\Roaming ======
====== C:\Users\Michael Kempen ======
2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
====== C: exe-files ==
2014-01-15 07:48:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michael Kempen.exe
2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
2014-01-14 22:00:00 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
2014-01-14 06:57:37 07DA1B3241B7B174083C3A69C76FECBD 8105040 ----a-w- C:\Windows\Temp\226d32c2\SetupDataMngr_iLivid.exe
=== C: other files ==
2014-01-14 09:43:26 77520BBF6E050E229F5AAC185EFEAFB5 157365 ----a-w- C:\Users\Michael Kempen\Downloads\grundschrift-2013-09-01.zip
2014-01-14 09:32:44 0DDC21E475FD632ECD6EC33F80B02BC7 21091 ----a-w- C:\Users\Michael Kempen\Downloads\heather.zip
2014-01-13 16:16:28 88DCE197EC65E23CC75FF0451C701B3D 14060557 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (5).zip
2014-01-13 15:45:13 650E1A111CD7B35147F11C1BB5C4FF95 9725195 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (4).zip
2014-01-13 08:38:17 E50907951E3159C53A4A5D1AE5F617F1 95141 ----a-w- C:\Users\Michael Kempen\Downloads\cursive_standard.zip
2014-01-10 10:06:18 55E13BAC6B4BB23851DB5D7F910A9760 3991910 ----a-w- C:\AAA-Fotos\2013\13-12-23 Ma 85\85ste verjaardag van oma Rika.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~2\\movies~1\\datamngr\\mgrldr.dll c:\\progra~3\\wincert\\win32c~1.dll"
==== Startup Folders ======================
2013-07-07 17:30:36 1063 ----a-w- C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
2013-03-25 06:17:07 2051 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 19:15]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
==== Firefox Extensions Registry ======================
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{0F827075-B026-42F3-885D-98981EE7B1AE}"="C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" []
==== Chrome Look ======================
Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
PricePeep - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Google Wallet - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-550&v=a9301-109&t=4"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\mozilla\Firefox\Extensions\{0F827075-B026-42F3-885D-98981EE7B1AE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{377e5d4d-77e5-476a-8716-7e70a9272da0} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{292BBB37-8CE1-AAAB-A2FD-7C9BC8EF280D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DA94119-74DB-7341-8021-B97FD2AC76DF} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=4303 folders=466 206054161 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\Movies Toolbar" not found
==== EOF on wo 15-01-2014 at 9:55:21,98 ======================
- - - Updated - - -
Dat klopt, want ik had niet in de gaten dat er nog internet open was.
-
Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Michael Kempen on wo 15-01-2014 at 12:11:10,36.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michael Kempen\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2013-03-26-084240.log 85023 bytes
C:\zoek-results2014-01-15-085521.log 16444 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DATAMNGR"=-
==== Deleting Files \ Folders ======================
C:\PROGRA~2\SEARCH~1 not found
C:\Program Files (x86)\Movies Toolbar not found
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\MICHAE~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-01-14 21:59:04 DD1D66259110B305696B01F52C3EC7FE 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-15 07:48:17 -------- d-----w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Michael Kempen\AppData\Roaming ======
2014-01-15 08:53:49 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-01-15 08:53:49 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-01-15 08:53:49 -------- d-----w- C:\Users\Michael Kempen\AppData\Local\Temp
2014-01-15 08:53:49 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2014-01-15 08:53:49 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
====== C:\Users\Michael Kempen ======
2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
====== C: exe-files ==
2014-01-15 07:48:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michael Kempen.exe
2014-01-15 07:47:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michael Kempen\Downloads\RSITx64.exe
=== C: other files ==
2014-01-14 09:43:26 77520BBF6E050E229F5AAC185EFEAFB5 157365 ----a-w- C:\Users\Michael Kempen\Downloads\grundschrift-2013-09-01.zip
2014-01-14 09:32:44 0DDC21E475FD632ECD6EC33F80B02BC7 21091 ----a-w- C:\Users\Michael Kempen\Downloads\heather.zip
2014-01-13 16:16:28 88DCE197EC65E23CC75FF0451C701B3D 14060557 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (5).zip
2014-01-13 15:45:13 650E1A111CD7B35147F11C1BB5C4FF95 9725195 ----a-w- C:\Users\Michael Kempen\Downloads\Fotos_gedownload_door_AirDroid (4).zip
2014-01-13 08:38:17 E50907951E3159C53A4A5D1AE5F617F1 95141 ----a-w- C:\Users\Michael Kempen\Downloads\cursive_standard.zip
2014-01-10 10:06:18 55E13BAC6B4BB23851DB5D7F910A9760 3991910 ----a-w- C:\AAA-Fotos\2013\13-12-23 Ma 85\85ste verjaardag van oma Rika.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"
==== Startup Folders ======================
2013-07-07 17:30:36 1063 ----a-w- C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-08-11 08:55:30 2081 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
2013-03-25 06:17:07 2051 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 19:15]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 17:17]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
==== Chrome Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=4303 folders=466 206054161 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 15-01-2014 at 12:43:36,98 ======================
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michael Kempen at 2014-01-15 08:48:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 486 GB (65%) free of 749 GB
Total RAM: 8174 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:48:24, on 15-1-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\StickyPad\StickyPad.exe
C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\pdf24\pdf24.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michael Kempen.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe /check
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [sticky Pad] C:\Program Files (x86)\StickyPad\StickyPad.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Device Monitor.lnk = C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
O4 - Global Startup: simplicheck.lnk = C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\movies~1\datamngr\mgrldr.dll c:\progra~3\wincert\win32c~1.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10966 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe"
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 496
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1448
taskeng.exe {9FF8DD30-3FC9-4D4E-A30E-171936824A0D}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5914bdf9-506d-4b66-b3b4-bcac07710ee2 -SystemEventPortName:HostProcess-3c620bf2-2270-4528-a892-2e43bb589d09 -IoCancelEventPortName:HostProcess-9490e4df-422e-4d57-87b1-0cbe91cbbf4d -NonStateChangingEventPortName:HostProcess-52892984-3d4a-420c-b5ee-257f1d8d1394 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:33a8c1f3-1be9-450e-ac8e-171178ad6743 -DeviceGroupId:WpdFsGroup
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\StickyPad\StickyPad.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe" -H
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\pdf24\pdf24.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe" -timer
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4672.0.1668145010\1127584770" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="4672.1.1533491842\1088063294" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.5.944644283\1285403916" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.13.1897714331\385808954" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4672.14.2104983905\1544426636" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.15.1112773604\320906047" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
C:\Windows\splwow64.exe 8192
ArcCon.ac 131976 0
"C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.37.1997777008\1334304775" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4672.38.106503283\185631269" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 3AE606F8-8839-DD3F-8F59-9E6F128F2F07 -Reinvoke
"C:\Users\Michael Kempen\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-06 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-06 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}]
Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{377e5d4d-77e5-476a-8716-7e70a9272da0} - Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Sticky Pad"=C:\Program Files (x86)\StickyPad\StickyPad.exe [2012-08-13 516153]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"PDFPrint"=C:\Program Files (x86)\pdf24\pdf24.exe [2013-02-19 162856]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"DATAMNGR"=C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE []
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\ee8560b2-e902-47fa-812e-756ed5779fc1.exe [2013-11-23 180184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Device Monitor.lnk - C:\Program Files (x86)\ArcSoft\MediaConverter 4 Platinum\Monitor.exe
simplicheck.lnk - C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe
C:\Users\Michael Kempen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michael Kempen\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-15 08:48:17 ----D---- C:\rsit
2014-01-15 08:48:17 ----D---- C:\Program Files\trend micro
2014-01-06 08:16:27 ----D---- C:\Michael
2013-12-17 21:32:15 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2014-01-15 08:48:24 ----D---- C:\Windows\Prefetch
2014-01-15 08:48:22 ----D---- C:\Windows\Temp
2014-01-15 08:48:21 ----D---- C:\ProgramData\Datamngr
2014-01-15 08:48:17 ----RD---- C:\Program Files
2014-01-15 07:55:26 ----D---- C:\Windows\system32\config
2014-01-15 07:45:15 ----D---- C:\Windows\system32\catroot
2014-01-15 07:44:58 ----D---- C:\Windows\system32\catroot2
2014-01-15 07:42:34 ----SHD---- C:\System Volume Information
2014-01-15 07:40:51 ----SHD---- C:\Windows\Installer
2014-01-15 07:40:15 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Dropbox
2014-01-15 07:38:57 ----D---- C:\Windows
2014-01-14 23:32:42 ----D---- C:\Windows\Panther
2014-01-14 23:32:42 ----D---- C:\Windows\Minidump
2014-01-14 23:32:42 ----D---- C:\Windows\Logs
2014-01-14 23:32:42 ----D---- C:\Windows\inf
2014-01-14 23:32:42 ----D---- C:\Windows\debug
2014-01-14 23:00:04 ----D---- C:\Windows\SysWOW64
2014-01-14 22:59:04 ----D---- C:\Windows\system32\Tasks
2014-01-14 22:51:55 ----D---- C:\Windows\Tasks
2014-01-14 22:51:55 ----D---- C:\Windows\system32\wfp
2014-01-14 22:51:54 ----D---- C:\Windows\system32\wbem
2014-01-14 22:50:59 ----D---- C:\Windows\system32\DriverStore
2014-01-14 22:50:59 ----D---- C:\Windows\System32
2014-01-14 22:50:58 ----D---- C:\Windows\AppCompat
2014-01-14 22:50:58 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Stammbaumdrucker 7 Premium
2014-01-14 22:50:56 ----HD---- C:\ProgramData
2014-01-14 22:50:56 ----D---- C:\ProgramData\Wincert
2014-01-14 22:50:54 ----D---- C:\Windows\registration
2014-01-14 22:50:34 ----RD---- C:\Program Files (x86)
2014-01-07 13:29:49 ----D---- C:\Users\Michael Kempen\AppData\Roaming\Skype
2014-01-07 12:51:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-04 16:53:13 ----RSD---- C:\Windows\Fonts
2014-01-01 11:42:17 ----D---- C:\AAA-Fotos
2013-12-16 07:15:26 ----D---- C:\Windows\system32\MRT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2012-01-10 222464]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Webcam C525(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USB28xxBGA;USB 2828x Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2012-06-20 732928]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2012-06-20 1232128]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-09-17 3418624]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-13 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-13 1255736]
-----------------EOF-----------------
-
Hallo mensen,
Volgens mij heeft zich spyware of malware in mijn computer ingeslopen. Kunnen jullie mij helpen?
Alvast bedankt
Vriendelijke groeten
Kemicky
-
Hallo Kape en Passer,
verlaat (vakantie van die vriend van mij en mijn vakantie erna) wil ik jullie laten weten dat de vriend van mij tevreden is met zijn laptop want ik heb van hem geen klachten meer gehoord!
Bij dezen heel hartelijk dank voor jullie inzet!
Hiermee kan ik de »discussie« als opgelost markeren en sluiten!
Met vriendelijke groet
Kemicky
-
Hallo Kape en Passer,
Bedankt voor je antwoord! Ik wacht op de reactie van de vriend af of hij dan tevreden is! Daarna laat ik 't aan jullie weten. Oké? Ik sluit de discussie nog niet af en markeer ze pas opgelost als ik antwoord van die vriend krijg.
Vriendelijke groet
Kemicky
-
Hallo goedemorgen!
Het duurt ca. 70 seconden tot ik een aanmeldscherm van Windows krijg! Dan daarna nog eens 1 minuut en 40 seconden voordat ik een programma zoals internet of dergelijke kan beginnen!
Deze laptop is van een vriend van mij en hij is nu met vakantie en komt zondag terug. Ik weet nog niet hoe het voor hem is hoe snel de computer opstart.
Ik hoor het nog van je of de duur van opstarten normaal zou zijn volgens jou.
Alvast bedankt
Vriendelijke groet
Kemicky
-
ComboFix 13-06-30.01 - Wimmie 01-07-2013 15:43:46.3.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1791.1526 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Wimmie\Bureaublad\ComboFix.exe
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
---- Voorgaande Run -------
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-06-01 to 2013-07-01 ))))))))))))))))))))))))))))))
.
.
2013-06-30 09:30 . 2013-06-30 09:30 388096 ----a-r- c:\documents and settings\Wimmie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-30 09:30 . 2013-06-30 09:30 -------- d-----w- c:\program files\Trend Micro
2013-06-21 07:00 . 2013-06-12 19:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-18 18:14 . 2013-06-18 18:14 8610696 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-06-18 17:58 . 2013-06-18 17:58 -------- d-----w- c:\documents and settings\Wimmie\Application Data\AVG2013
2013-06-18 17:56 . 2013-06-18 17:56 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013
2013-06-18 17:54 . 2013-06-18 17:54 -------- d-----w- c:\documents and settings\Wimmie\Application Data\TuneUp Software
2013-06-18 17:47 . 2013-06-18 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013
2013-06-18 17:36 . 2013-06-18 19:28 -------- d-----w- c:\documents and settings\Wimmie\Local Settings\Application Data\Avg2013
2013-06-18 17:36 . 2013-06-18 17:36 -------- d-----w- c:\documents and settings\Wimmie\Local Settings\Application Data\MFAData
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 06:01 . 2012-11-09 10:33 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-06-18 18:14 . 2012-06-06 10:43 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-18 18:14 . 2012-06-06 10:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 19:48 . 2012-07-08 11:41 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-12 19:48 . 2010-05-01 07:52 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 19:35 . 2008-02-21 18:17 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-05-07 22:27 . 2004-08-03 23:03 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:27 . 2004-08-03 23:03 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:27 . 2004-08-03 23:03 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2004-08-03 22:55 385024 ----a-w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2004-08-04 00:58 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-03 05:39 . 2004-08-03 22:58 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 14:01 . 2004-08-03 22:56 1876480 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-03 19604072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-23 16342528]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-23 827392]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-23 752136]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-21 8433664]
"nwiz"="nwiz.exe" [2008-02-21 0]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-21 81920]
"WireLessMouse"="c:\program files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe" [2007-03-06 212992]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Wimmie\Menu Start\Programma's\Opstarten\
Mediacontrole PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe /noballoononstart [2011-6-19 333088]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 11:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 4:50 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8-2-2013 4:37 245048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31-1-2012 4:46 39224]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [9-11-2012 12:33 37664]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 13:32 208184]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 13:32 22328]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22-2-2012 5:25 170808]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19-3-2012 5:17 182072]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12-2-2008 17:44 8944]
S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-2-2008 17:44 51440]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [10-4-2013 11:07 1428472]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [14-5-2013 0:54 4937264]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [18-4-2013 4:34 283136]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe [28-2-2007 19:12 208896]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3-6-2013 16:34 162408]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [27-6-2013 8:01 1598128]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 20:19 13592]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12-1-2012 19:52 30944]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12-1-2012 19:52 30944]
S3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [24-1-2007 16:04 10336]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-2-2006 17:51 4096]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MDMXSDK
*NewlyCreated* - PARPORT
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 06:50 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 18:14]
.
2013-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 18:32]
.
2013-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 18:32]
.
2013-07-01 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
2013-07-01 c:\windows\Tasks\User_Feed_Synchronization-{8EDF34C8-0DCE-45C6-9857-0AB036DDAC18}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.telegraaf.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.2.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-07-01 15:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(276)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Voltooingstijd: 2013-07-01 15:55:05
ComboFix-quarantined-files.txt 2013-07-01 13:55
ComboFix2.txt 2013-06-30 13:22
.
Pre-Run: 137.776.386.048 bytes beschikbaar
Post-Run: 137.773.875.200 bytes beschikbaar
.
- - End Of File - - 9D282ACA172A69E37178254441D1D3FE
3051207086651214E435112E51817DC5
-
Ja, helaas is dat zo ...
-
Hallo goedemorgen,
Ik heb gisteren 3 x Combo Fix gedaan en daarna blijft de computer telkens weer vast zitten! En het logbestand is zo dat ik op C:\ComboFix.txt heb gevonden! Wellicht is er misgegaan tijdens scan (ik heb de computer niet gebruikt tijdens andere zaken).
Vr Gr
Kemicky
- Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
- Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
-
ComboFix 13-06-30.01 - Wimmie 30-06-2013 18:47:54.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1791.936 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\Wimmie\Bureaublad\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
-
hallo Kape,
Hartelijk dank voor je moeite! voor zover gaat de pc iets sneller maar het uploaden van de website duurt iets langer en zodra alles is geladen gaat 't dan lekker verder!
Groetjes
Kemicky
-
# AdwCleaner v2.303 - Verslag gemaakt op 30/06/2013 om 13:18:44
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Wimmie - ASPIRE-7520
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\Wimmie\Mijn documenten\Downloads\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijderd : C:\DOCUME~1\Wimmie\LOCALS~1\Temp\Uninstall.exe
File Verwijderd : C:\user.js
Map Verwijderd : C:\DOCUME~1\Wimmie\LOCALS~1\Temp\avg@toolbar
Map Verwijderd : C:\DOCUME~1\Wimmie\LOCALS~1\Temp\BabylonToolbar
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Ask
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Babylon
Map Verwijderd : C:\Documents and Settings\Wimmie\Application Data\AVG Secure Search
Map Verwijderd : C:\Documents and Settings\Wimmie\Application Data\Babylon
Map Verwijderd : C:\Documents and Settings\Wimmie\Local Settings\Application Data\AVG Secure Search
Map Verwijderd : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Babylon
Map Verwijderd : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0
Map Verwijderd : C:\Documents and Settings\Wimmie\Local Settings\Application Data\I Want This
Map Verwijderd : C:\Program Files\AVG Secure Search
Map Verwijderd : C:\Program Files\DealPly
Map Verwijderd : C:\Program Files\I Want This
Verwijderd bij het opstarten : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Verwijderd bij het opstarten : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Verwijderd bij het opstarten : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Verwijderd bij het opstarten : C:\Program Files\Common Files\AVG Secure Search
***** [Register] *****
Sleutel Verwijderd : HKCU\Software\AVG Secure Search
Sleutel Verwijderd : HKCU\Software\AVG Security Toolbar
Sleutel Verwijderd : HKCU\Software\Cr_Installer
Sleutel Verwijderd : HKCU\Software\Crossrider
Sleutel Verwijderd : HKCU\Software\DealPly
Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijderd : HKCU\Software\Grand Virtual
Sleutel Verwijderd : HKCU\Software\I Want This
Sleutel Verwijderd : HKCU\Software\IGearSettings
Sleutel Verwijderd : HKCU\Software\InstallCore
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijderd : HKLM\Software\AVG Secure Search
Sleutel Verwijderd : HKLM\Software\AVG Security Toolbar
Sleutel Verwijderd : HKLM\Software\Babylon
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\S
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Sleutel Verwijderd : HKLM\Software\DealPly
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This
Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={43DCDAA8-4945-4E2F-9DB2-96D8B9B67EA0}&mid=57da1640d1f008f4edd67f53be01ca67-edfd3b3895cdf34ab74b1d4943aaec852307e2d2〈=nl&ds=AVG&pr=pr&d=2012-06-17 09:43:11&pid=avg&sg=0&v=15.3.0.11&sap=nt --> hxxp://www.google.com
-\\ Google Chrome v27.0.1453.116
File : C:\Documents and Settings\Wimmie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Verwijderd [l.32] : icon_url = "hxxp://www.ask.com/favicon.ico",
Verwijderd [l.35] : keyword = "ask.com",
Verwijderd [l.39] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=100000027&locale=nl[...]
Verwijderd [l.40] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
*************************
AdwCleaner[R1].txt - [14919 octets] - [30/06/2013 13:01:14]
AdwCleaner[s1].txt - [14346 octets] - [30/06/2013 13:18:44]
########## EOF - C:\AdwCleaner[s1].txt - [14407 octets] ##########
- - - Updated - - -
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:31:24, on 30-6-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOCUME~1\Wimmie\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\WINDOWS\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mediacontrole PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342034187390
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
--
End of file - 10701 bytes
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:52, on 30-6-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\DOCUME~1\Wimmie\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\WINDOWS\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mediacontrole PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342034187390
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
--
End of file - 12821 bytes
Openen met ...
in Archief Windows 7
Geplaatst:
Beste Kape,
Hartelijk dank voor je hulp! Het probleem is opgelost!
Groeten
Kemicky