Hensyr

het laden van de Zita pagina's is verbeterd maar het laden ervan moet nog altijd gebeuren met de vernieuwen knop F5 voorbeeld: [ATTACH=CONFIG]30517[/ATTACH] moet zijn: [ATTACH=CONFIG]30518[/ATTACH] - - - Updated - - - de pagina indeling is dus verkeerd geladen en de teksten ontbreken, pas na het indrukken van de F5 toets wordt de pagina wel juist weergegeven. Echter is dit niet meer met alle pagina's dus is er wel verbetering.

Dag Kape, Adw-Cleaner is uitgevoerd en hier is het log daarvan: # AdwCleaner v3.019 - Report created 22/02/2014 at 13:11:49 # Updated 17/02/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : User - USER-HP # Running from : C:\Users\User\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 ************************* AdwCleaner[R0].txt - [1470 octets] - [22/02/2014 13:11:12] AdwCleaner[s0].txt - [1286 octets] - [22/02/2014 13:11:49] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1346 octets] ##########

Vreugde alom in mijn computer kamertje, Mijn stokoude pc laat om het een of ander wonder het terug toe om mijn oude toetsenbord terug te ondersteunen. oef ben ik blij. Natuurlijk weet ik nog altijd niet wat er gebeurd is en waarom mijn toetsenbord werd uitgeschakeld na het aanmelden, waarschijnlijk een of ander opstart fenomeen die roet in het eten gooide. Eigenlijk is het ook niet te verwonderen dat er vroeg of laat rare dingen gebeuren, deze computer is al een oud beestje aan het worden en hier en daar begint het rare streken uit te halen Nog niet zo lang geleden ging mijn dvd-rom station niet meer, zo dood als een pier en een week of zo later schiet hij terug in gang en nu mijn toetsenbord. Ik zal het nooit te weten komen wat er de oorzaak van is en ik zal moeten beginnen sparen naar een andere deftige machiene Ik ga dit topic dan ook afsluiten en markeren als opgelost.

Blijkbaar is er toch wat rotzooi eraf gegooid maar het laden van de Zita pagina's loopt nog fout zita screenshot: [ATTACH=CONFIG]30502[/ATTACH] en na het indrukken van F5 (vernieuwen): [ATTACH=CONFIG]30503[/ATTACH]

Dag Kape, Het mvps-batch bestand is uitgevoerd als administrator. Hier is het log van zoek.exe: Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by User on vr 21/02/2014 at 13:46:15,75. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 21/02/2014 13:48:33 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\MediaPlayerV1 deleted successfully C:\PROGRA~2\VideoPlayerV3 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\User\AppData\Roaming\Media Player Classic deleted successfully C:\Users\User\AppData\Roaming\TP deleted successfully C:\Users\User\AppData\Local\genienext deleted successfully C:\Users\User\AppData\Local\PDFC deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D0A1D870-0138-45B7-B4F9-47E4A69DEDA2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\VideoPlayerV3 not found C:\Program Files (x86)\MediaPlayerV1 not found C:\Users\User\daemonprocess.txt deleted C:\Users\User\.android deleted C:\PROGRA~2\Mobogenie deleted C:\extensions.sqlite deleted C:\extensions.ini deleted C:\found.000 deleted C:\Users\User\AppData\Local\Mobogenie deleted C:\Users\User\AppData\Local\cache deleted C:\Users\User\AppData\Local\SwvUpdater deleted C:\Users\User\Documents\Mobogenie deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\User\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-02-19 10:37:37 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-19 10:37:35 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-19 10:37:35 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-19 10:37:35 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-14 13:39:34 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-14 13:38:58 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-14 13:38:58 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-14 13:38:57 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-02-14 13:38:56 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-14 13:38:56 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-14 13:38:56 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-14 13:38:55 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-02-14 13:38:55 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-14 13:38:55 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-14 13:38:55 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-02-14 13:38:55 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-14 13:38:54 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-14 13:38:54 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-14 13:38:54 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-02-14 13:38:54 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-14 13:38:53 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-14 13:38:52 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-14 13:38:52 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-14 13:04:33 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-02-14 13:04:33 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-14 13:04:32 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-02-14 13:04:29 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-14 13:04:29 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-14 13:04:28 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-14 13:04:28 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-14 13:04:27 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll 2014-02-14 13:04:27 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-14 13:04:27 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-14 13:04:27 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-14 13:04:27 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll 2014-02-14 13:04:23 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-14 13:04:22 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-14 13:39:34 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-14 13:38:58 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-14 13:38:58 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-14 13:38:57 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-02-14 13:38:56 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-14 13:38:56 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-02-14 13:38:56 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-14 13:38:56 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-14 13:38:56 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-14 13:38:55 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-02-14 13:38:55 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-02-14 13:38:55 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-14 13:38:55 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-14 13:38:55 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-02-14 13:38:55 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-02-14 13:38:54 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-02-14 13:38:54 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-14 13:38:54 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-14 13:38:54 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-14 13:38:53 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-14 13:38:53 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-02-14 13:38:52 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-14 13:04:33 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls 2014-02-14 13:04:33 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-14 13:04:32 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-02-14 13:04:29 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe 2014-02-14 13:04:29 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe 2014-02-14 13:04:28 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe 2014-02-14 13:04:28 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe 2014-02-14 13:04:27 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll 2014-02-14 13:04:27 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-14 13:04:27 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll 2014-02-14 13:04:27 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll 2014-02-14 13:04:27 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll 2014-02-14 13:04:23 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-14 13:04:22 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-20 09:22:47 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-19 12:40:13 -------- d-----w- C:\PROGRA~2\MyDrive Connect ======= C: ===== ====== C:\Users\User\AppData\Roaming ====== 2014-02-20 10:17:47 -------- d-----w- C:\Users\User\AppData\Local\Mozilla ====== C:\Users\User ====== 2014-02-20 10:17:40 -------- d-----w- C:\ProgramData\Mozilla 2014-02-20 09:21:36 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Desktop\RSITx64.exe 2014-02-19 12:38:55 6E4E13EF273875968A7BFC567CC2FD9B 6708928 ----a-w- C:\Users\User\Downloads\InstallMyDriveConnect_3_3_0_1342.exe 2014-02-19 10:37:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-30 12:26:23 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-02-20 10:16:20 10EA446EBB0F48D9D4BD1BD2631D7ADF 283064 ----a-w- C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I2DJE310\Firefox Setup Stub 27.0.1.exe 2014-02-20 09:22:47 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe 2014-02-20 09:21:36 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Desktop\RSITx64.exe 2014-02-19 12:38:55 6E4E13EF273875968A7BFC567CC2FD9B 6708928 ----a-w- C:\Users\User\Downloads\InstallMyDriveConnect_3_3_0_1342.exe 2014-02-19 10:37:37 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-19 10:37:35 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-19 10:37:35 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-19 10:36:15 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\User\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-14 13:38:56 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-14 13:38:56 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-14 13:38:56 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-14 13:38:56 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-14 13:38:55 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-14 13:38:55 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-14 13:38:54 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-14 13:38:54 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-14 13:04:29 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-14 13:04:29 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-14 13:04:29 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\System32\RMActivate.exe 2014-02-14 13:04:29 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2014-02-14 13:04:28 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2014-02-14 13:04:28 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-14 13:04:28 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-14 13:04:28 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe === C: other files == 2014-02-21 12:36:06 300C7E9F39C11421C0B1BB6933E17EF0 1611 ----a-w- C:\Users\User\Desktop\Hosts\mvps.bat 2014-02-21 12:35:26 ED82036E6DF36DCB46DF3847DF8B7F15 135768 ----a-w- C:\Users\User\Desktop\Hosts\hosts.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU C:\Windows\TEMP\E_S9942.tmp /EF HKCU" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" [HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3377116301-4190559263-1612895777-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "LaunchHPOSIAPP"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU C:\Windows\TEMP\E_S9942.tmp /EF HKCU" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"] "C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ext@VideoPlayerV3beta717.net"="C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aopmnhiibjcilmgpmdljeagaiabphbmj - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ch\VideoPlayerV3beta717.crx[] jhakaobjdfoikfdilooalmbfgjeggcma - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ch\WebexpEnhancedV1alpha8852.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Zita" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Zita" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="Zoekresultaten voor "{searchTerms" - Wikipedia}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="{searchTerms | eBay}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta717.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aopmnhiibjcilmgpmdljeagaiabphbmj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jhakaobjdfoikfdilooalmbfgjeggcma deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=136 folders=37 13317431 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\User\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 21/02/2014 at 13:59:46,07 ======================

iemand een idee waarom het toetsenbord (met paars stekkertje) wordt uitgeschakeld na het aanmelden?

correctie Omdat de vorige RSIT uitgevoerd werd zonder externe schijf heb ik het opnieuw gedaan met deze keer de externe schijf aangesloten dit is de nieuwe RSIT log: Logfile of random's system information tool 1.09 (written by random/random) Run by User at 2014-02-20 10:45:25 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1352 GB (95%) free of 1416 GB Total RAM: 6127 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:45:27, on 20/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\trend micro\User.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S9942.tmp" /EF "HKCU" O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3377116301-4190559263-1612895777-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3377116301-4190559263-1612895777-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12057 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Windows\system32\Dwm.exe" C:\Windows\System32\spoolsv.exe C:\Windows\Explorer.EXE "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" taskeng.exe {8AFFB415-DC62-4DF2-8C9C-8A5F9F84C3FE} "C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files\IDT\WDM\sttray64.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3280 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-274e43f6-f9ea-4107-bd57-054a95df4ba6 -SystemEventPortName:HostProcess-89342787-aa1d-4844-b3e2-3bd536b2b384 -IoCancelEventPortName:HostProcess-e639e1fa-2d25-4ef5-a202-04580023c70e -NonStateChangingEventPortName:HostProcess-d30dedd3-3033-46e6-92c2-945c44c2fd0a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fecc4ecc-86bf-49af-a520-5db26a50917a -DeviceGroupId:WpdFsGroup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\User\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE [2007-04-12 213504] "MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "LaunchHPOSIAPP"=C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [2009-04-04 385024] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-02-10 61112] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-10-09 421736] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-08-17 52920] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-20 10:22:47 ----D---- C:\rsit 2014-02-20 10:22:47 ----D---- C:\Program Files\trend micro 2014-02-19 13:40:13 ----D---- C:\Program Files (x86)\MyDrive Connect 2014-02-19 11:37:37 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\java.exe 2014-02-14 14:39:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-14 14:39:34 ----A---- C:\Windows\system32\vbscript.dll 2014-02-14 14:38:58 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-14 14:38:58 ----A---- C:\Windows\system32\msrating.dll 2014-02-14 14:38:57 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-14 14:38:57 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-14 14:38:56 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\iernonce.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\mshtml.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 14:38:55 ----A---- C:\Windows\system32\iesetup.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-14 14:38:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-14 14:38:53 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 14:38:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-14 14:38:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-14 14:38:52 ----A---- C:\Windows\system32\jscript9.dll 2014-02-14 14:04:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-14 14:04:33 ----A---- C:\Windows\system32\msxml3.dll 2014-02-14 14:04:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-14 14:04:32 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-14 14:04:29 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-14 14:04:29 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-14 14:04:29 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-14 14:04:29 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-14 14:04:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-14 14:04:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-14 14:04:28 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-14 14:04:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\msdrm.dll 2014-02-14 14:04:23 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-14 14:04:23 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-14 14:04:22 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-14 14:04:22 ----A---- C:\Windows\system32\d2d1.dll 2014-01-30 13:26:21 ----D---- C:\Program Files (x86)\MediaPlayerV1 ======List of files/folders modified in the last 1 month====== 2014-02-20 10:22:47 ----RD---- C:\Program Files 2014-02-20 10:21:40 ----D---- C:\Windows\Temp 2014-02-20 10:11:03 ----D---- C:\Windows\system32\config 2014-02-20 10:01:13 ----D---- C:\Windows\System32 2014-02-20 10:01:13 ----D---- C:\Windows\inf 2014-02-20 10:01:13 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-20 09:59:19 ----A---- C:\Windows\SYSWOW64\log.txt 2014-02-20 09:57:15 ----D---- C:\ProgramData\PDFC 2014-02-19 14:05:06 ----D---- C:\Windows\system32\catroot 2014-02-19 13:40:19 ----SHD---- C:\Windows\Installer 2014-02-19 13:40:13 ----RD---- C:\Program Files (x86) 2014-02-19 13:29:13 ----AD---- C:\Windows 2014-02-19 13:25:30 ----D---- C:\Windows\system32\Tasks 2014-02-19 13:25:30 ----D---- C:\Program Files (x86)\VideoPlayerV3 2014-02-19 13:25:29 ----D---- C:\Windows\Tasks 2014-02-19 13:15:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-19 13:15:22 ----D---- C:\Windows\system32\drivers 2014-02-19 12:30:39 ----D---- C:\Windows\debug 2014-02-19 12:28:26 ----D---- C:\Program Files\CCleaner 2014-02-19 11:54:36 ----SD---- C:\Users\User\AppData\Roaming\Microsoft 2014-02-19 11:45:16 ----AD---- C:\Windows\SysWOW64 2014-02-19 11:37:50 ----D---- C:\ProgramData\Oracle 2014-02-19 11:37:34 ----D---- C:\Program Files (x86)\Java 2014-02-19 11:36:45 ----SHD---- C:\System Volume Information 2014-02-16 12:11:25 ----D---- C:\Windows\system32\MRT 2014-02-16 12:09:44 ----A---- C:\Windows\system32\MRT.exe 2014-02-15 11:20:25 ----D---- C:\Windows\system32\wdi 2014-02-15 11:04:48 ----RSD---- C:\Windows\assembly 2014-02-15 11:04:48 ----D---- C:\Windows\Microsoft.NET 2014-02-15 10:41:38 ----D---- C:\Windows\system32\catroot2 2014-02-14 14:51:35 ----D---- C:\Windows\winsxs 2014-02-14 14:49:48 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-14 14:49:47 ----D---- C:\Windows\system32\nl-NL 2014-02-14 14:49:46 ----D---- C:\Program Files\Internet Explorer 2014-02-14 14:49:46 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-14 14:48:26 ----D---- C:\ProgramData\Microsoft Help 2014-02-14 14:48:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-11 16:04:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-30 13:26:34 ----A---- C:\extensions.ini 2014-01-30 13:26:23 ----HD---- C:\ProgramData 2014-01-30 13:26:22 ----HD---- C:\Windows\system32\GroupPolicy 2014-01-30 13:26:22 ----D---- C:\Windows\SYSWOW64\GroupPolicy ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-15 889664] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 934760] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11 257928] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-01-26 791608] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-15 1255736] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

Beste collega's, Hier is het RSIT log van mijn vriend zijn computer: Logfile of random's system information tool 1.09 (written by random/random) Run by User at 2014-02-20 10:22:47 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1352 GB (95%) free of 1416 GB Total RAM: 6127 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:22:51, on 20/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\trend micro\User.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S9942.tmp" /EF "HKCU" O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3377116301-4190559263-1612895777-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3377116301-4190559263-1612895777-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12057 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Windows\system32\Dwm.exe" C:\Windows\System32\spoolsv.exe C:\Windows\Explorer.EXE "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" taskeng.exe {8AFFB415-DC62-4DF2-8C9C-8A5F9F84C3FE} "C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files\IDT\WDM\sttray64.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3280 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-274e43f6-f9ea-4107-bd57-054a95df4ba6 -SystemEventPortName:HostProcess-89342787-aa1d-4844-b3e2-3bd536b2b384 -IoCancelEventPortName:HostProcess-e639e1fa-2d25-4ef5-a202-04580023c70e -NonStateChangingEventPortName:HostProcess-d30dedd3-3033-46e6-92c2-945c44c2fd0a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fecc4ecc-86bf-49af-a520-5db26a50917a -DeviceGroupId:WpdFsGroup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3377116301-4190559263-1612895777-100012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3377116301-4190559263-1612895777-100012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Users\User\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE [2007-04-12 213504] "MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "LaunchHPOSIAPP"=C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [2009-04-04 385024] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-02-10 61112] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-10-09 421736] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-08-17 52920] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-20 10:22:47 ----D---- C:\rsit 2014-02-20 10:22:47 ----D---- C:\Program Files\trend micro 2014-02-19 13:40:13 ----D---- C:\Program Files (x86)\MyDrive Connect 2014-02-19 11:37:37 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-02-19 11:37:35 ----A---- C:\Windows\SYSWOW64\java.exe 2014-02-14 14:39:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-14 14:39:34 ----A---- C:\Windows\system32\vbscript.dll 2014-02-14 14:38:58 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-14 14:38:58 ----A---- C:\Windows\system32\msrating.dll 2014-02-14 14:38:57 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-14 14:38:57 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-14 14:38:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-14 14:38:56 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\iernonce.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-14 14:38:56 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-14 14:38:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\mshtml.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 14:38:55 ----A---- C:\Windows\system32\iesetup.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-14 14:38:55 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-14 14:38:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 14:38:54 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-14 14:38:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-14 14:38:53 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 14:38:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-14 14:38:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-14 14:38:52 ----A---- C:\Windows\system32\jscript9.dll 2014-02-14 14:04:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-14 14:04:33 ----A---- C:\Windows\system32\msxml3.dll 2014-02-14 14:04:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-14 14:04:32 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-14 14:04:29 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-14 14:04:29 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-14 14:04:29 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-14 14:04:29 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-14 14:04:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-14 14:04:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-14 14:04:28 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-14 14:04:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-14 14:04:27 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\secproc.dll 2014-02-14 14:04:27 ----A---- C:\Windows\system32\msdrm.dll 2014-02-14 14:04:23 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-14 14:04:23 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-14 14:04:22 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-14 14:04:22 ----A---- C:\Windows\system32\d2d1.dll 2014-01-30 13:26:21 ----D---- C:\Program Files (x86)\MediaPlayerV1 ======List of files/folders modified in the last 1 month====== 2014-02-20 10:22:47 ----RD---- C:\Program Files 2014-02-20 10:21:40 ----D---- C:\Windows\Temp 2014-02-20 10:11:03 ----D---- C:\Windows\system32\config 2014-02-20 10:01:13 ----D---- C:\Windows\System32 2014-02-20 10:01:13 ----D---- C:\Windows\inf 2014-02-20 10:01:13 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-20 09:59:19 ----A---- C:\Windows\SYSWOW64\log.txt 2014-02-20 09:57:15 ----D---- C:\ProgramData\PDFC 2014-02-19 14:05:06 ----D---- C:\Windows\system32\catroot 2014-02-19 13:40:19 ----SHD---- C:\Windows\Installer 2014-02-19 13:40:13 ----RD---- C:\Program Files (x86) 2014-02-19 13:29:13 ----AD---- C:\Windows 2014-02-19 13:25:30 ----D---- C:\Windows\system32\Tasks 2014-02-19 13:25:30 ----D---- C:\Program Files (x86)\VideoPlayerV3 2014-02-19 13:25:29 ----D---- C:\Windows\Tasks 2014-02-19 13:15:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-19 13:15:22 ----D---- C:\Windows\system32\drivers 2014-02-19 12:30:39 ----D---- C:\Windows\debug 2014-02-19 12:28:26 ----D---- C:\Program Files\CCleaner 2014-02-19 11:54:36 ----SD---- C:\Users\User\AppData\Roaming\Microsoft 2014-02-19 11:45:16 ----AD---- C:\Windows\SysWOW64 2014-02-19 11:37:50 ----D---- C:\ProgramData\Oracle 2014-02-19 11:37:34 ----D---- C:\Program Files (x86)\Java 2014-02-19 11:36:45 ----SHD---- C:\System Volume Information 2014-02-16 12:09:50 ----D---- C:\Windows\system32\MRT 2014-02-16 12:09:44 ----A---- C:\Windows\system32\MRT.exe 2014-02-15 11:20:25 ----D---- C:\Windows\system32\wdi 2014-02-15 11:04:48 ----RSD---- C:\Windows\assembly 2014-02-15 11:04:48 ----D---- C:\Windows\Microsoft.NET 2014-02-15 10:41:38 ----D---- C:\Windows\system32\catroot2 2014-02-14 14:51:35 ----D---- C:\Windows\winsxs 2014-02-14 14:49:48 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-14 14:49:47 ----D---- C:\Windows\system32\nl-NL 2014-02-14 14:49:46 ----D---- C:\Program Files\Internet Explorer 2014-02-14 14:49:46 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-14 14:48:26 ----D---- C:\ProgramData\Microsoft Help 2014-02-14 14:48:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-11 16:04:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-30 13:26:34 ----A---- C:\extensions.ini 2014-01-30 13:26:23 ----HD---- C:\ProgramData 2014-01-30 13:26:22 ----HD---- C:\Windows\system32\GroupPolicy 2014-01-30 13:26:22 ----D---- C:\Windows\SYSWOW64\GroupPolicy ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-15 889664] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 934760] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11 257928] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-01-26 791608] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-15 1255736] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

update: het usb toetsenbord werkt

Beste, Om dit bericht te maken heb ik even een andere computer moeten gebruiken Het zit namelijk zo dat het toetsenbord na het aanmelden op de computer met wachtwoord het toetsenbord wordt uitgeschakeld Ik heb het betreffende toetsenbord al op een andere computer uitgeprobeerd en daar werkt het perfect. Ook heb ik nu een usb toetsenbord op de betreffende computer aangesloten en ook dit toetsenbord wordt na het aanmelden op de computer uitgeschakeld help a.u.b.

update: na het scannen met malwarebytes is er toch wel het een en ander gevonden dit is het log: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.19.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 User :: USER-HP [administrator] Bescherming: Ingeschakeld 19/02/2014 13:15:56 mbam-log-2014-02-19 (13-15-56).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 233283 Verstreken tijd: 3 minuut/minuten, 29 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 1 C:\Users\User\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 10 HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\MediaPlayerV1alpha257 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerV1alpha257 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\User\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@WebexpEnhancedV1alpha8852.net (PUP.Optional.WebExpEnhanced.A) -> Data: C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@MediaPlayerV1alpha257.net (PUP.Optional.MediaPlayerAlpha.A) -> Data: C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 28 C:\Users\User\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten. C:\Users\User\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852 (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ch (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\icons (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ie (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717 (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ch (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\icons (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\icons\default (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ie (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ch (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\icons (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\icons\default (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ie (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 34 C:\Users\User\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten. C:\Users\User\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\User\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\User\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\User\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\uninstall.exe (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome.manifest (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\install.rdf (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\ffWebexpEnhancedV1alpha8852.js (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha8852\ff\chrome\content\icons\default\WebexpEnhancedV1alpha8852_32.png (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\uninstall.exe (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome.manifest (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\install.rdf (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\ffVideoPlayerV3beta717.js (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta717\ff\chrome\content\icons\default\VideoPlayerV3beta717_32.png (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\uninstall.exe (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome.manifest (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\install.rdf (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\ffMediaPlayerV1alpha257.js (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\overlay.xul (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha257\ff\chrome\content\icons\default\MediaPlayerV1alpha257_32.png (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\136.crx (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\136.dll (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\136.xpi (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\crx.db (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\sqlite3.dll (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Re-markit\xpi.db (PUP.Optional.ReMarkIt.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) - - - Updated - - - het probleem met het laden van de Zita pagina's is echter niet opgelost hiermee.

dag collega's, vandaag zit ik hier bij een vriend thuis om een merkwaardig probleem op zijn computer op te lossen maar ik geraak niet verder dan het updaten van Adobe Flashplayer, Java en het resetten van Internet Explorer en het probleem blijft zich stellen. Het doet zich alleen bij de webpagina's van Zita voor. De pagina wordt niet goed geladen en na het indrukken van de F5 toets is het wel in orde. voorbeeld: [ATTACH=CONFIG]30449[/ATTACH] zo als je kan zien is de pagina niet goed weergegeven. [ATTACH=CONFIG]30448[/ATTACH] Wat kan hier verder de oorzaak van zijn? Wat kan ik doen om dit euvel op te lossen? Dit probleem doet zich alleen voor bij Zita die hier de startpagina is van mijn vriend. Andere pagina's zoals hier op het forum of op Google worden allemaal goed geladen.

Als je verder geen vragen meer hebt mag je deze discussie sluiten en markeren als opgelost.

Opletten hier! Het vervangen van de ventilator die op het moederbord is aangesloten door middel van een kleine plug is redelijk simpel, doch dien je er goed op te letten dat het los maken van de vier schroeven ook de gehele headsink (koelblok met koelvinnen) kan los komen van de cpu (kloppend hart van je computer op het moederbord) afhankelijk van het systeem /merk. Als de headsink ook nog eens vast geklemd zit op de cpu en de ventilator met vier schroefjes apart is vast gemaakt zit je safe. Als de ventilator en de headsink samen zijn vast geschroefd met lange vijzen en een metalen onderplaat onder het moederbord zit je met een probleem, want dan komt de hele zwik los en zakt de metalen onderplaat en moet je het gehele moederbord los maken om het terug goed te krijgen. Ook dien je in dit geval de headsink opnieuw te voorzien van koelpasta als je alles terug assembleert. Wat betreft de ventilator in de voeding: die kan je meestal niet vervangen zonder de noodzaak te gaan solderen. Het kan zijn dat de ventilator draadjes met een kleine plug op het voeding printplaatje is gemonteerd maar dat komt vrij weinig voor, meestal zitten die in de printplaat gesoldeerd. Je kan beter de voeding vervangen dan de ventilator van de voeding. Zeer goed opletten bij het open maken van een voeding, de elco's (elektrolitische condensators) die op de printplaat staan zitten nog vol spanning, je kan dus nog steeds een stroomstoot door je lichaam krijgen bij het onhandig manipuleren, ook al is deze compleet van de computer verwijderd!

neen je kan de account van je provider in Windows Live Mail opnemen. - - - Updated - - - hmm... iets te laat gereageerd. - - - Updated - - - gewoon negeren.

Dag Kape, Hartelijke dank voor jouw hulp hierin, de vervelende pop-ups en de invoegtoepassing FindRight is weg in Internet Explorer. Een hele opluchting! Dank u nogmaals! Ik ga deze discussie als opgelost markeren.

Dag Kape, Hier is het AdwCleaner log: # AdwCleaner v3.018 - Report created 16/02/2014 at 18:45:17 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Enterprise N Service Pack 1 (64 bits) # Username : Hendrik - HENDRIK-W7-ENTE # Running from : D:\My Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\InstallCore Key Deleted : HKLM\Software\Toolbar Cleaner Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 ************************* AdwCleaner[R0].txt - [2859 octets] - [16/02/2014 18:44:08] AdwCleaner[s0].txt - [2726 octets] - [16/02/2014 18:45:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2786 octets] ##########

Dag Kape, Hierbij het zoek-result.log: Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Hendrik on zo 16/02/2014 at 14:59:32,09. Microsoft Windows 7 Enterprise N 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\My Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 16/02/2014 15:03:53 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1364749199-3237543244-4035560231-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2c774641-5504-46a8-b63f-6715ae3fe376} deleted successfully HKEY_USERS\S-1-5-21-1364749199-3237543244-4035560231-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2c774641-5504-46a8-b63f-6715ae3fe376} deleted successfully HKEY_USERS\S-1-5-21-1364749199-3237543244-4035560231-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2c774641-5504-46a8-b63f-6715ae3fe376} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c774641-5504-46a8-b63f-6715ae3fe376} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util FindRight deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c774641-5504-46a8-b63f-6715ae3fe376}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Toolbar Cleaner deleted C:\Users\Hendrik\AppData\Roaming\burnaware.ini deleted C:\Users\Hendrik\AppData\Local\SwvUpdater deleted C:\Windows\tasks\AmiUpdXp.job deleted C:\windows\SysNative\tasks\AmiUpdXp deleted C:\END deleted "C:\Program Files (x86)\FindRight\updateFindRight.exe" deleted "C:\PROGRA~2\FindRight\updateFindRight.exe" deleted "C:\Program Files (x86)\FindRight\bin\utilFindRight.exe" deleted "C:\PROGRA~2\FindRight\bin\utilFindRight.exe" deleted "C:\Program Files (x86)\FindRight" not deleted "C:\PROGRA~2\FindRight" not deleted "C:\Program Files (x86)\FindRight\bin" not deleted "C:\PROGRA~2\FindRight\bin" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [29/08/2013 14:58] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Profiles\2nh8u0b4.Hendrik - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Quick Translator - %ProfilePath%\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Test account 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Temporary Internet Files\Content.IE5\75EVWQM4 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Temporary Internet Files\Content.IE5\Q1YC0EF2 will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=311 folders=42 12473830 bytes) ==== Empty Temp Folders ====================== C:\Users\AppData\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\Test account 1\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Hendrik\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot - - - Updated - - - De invoegtoepassing FindRight is verwijderd van het systeem. Waarvoor mijn hartelijke dank.

Dag Kape, hier het RSIT log: Logfile of random's system information tool 1.09 (written by random/random) Run by Hendrik at 2014-02-16 10:12:04 Microsoft Windows 7 Enterprise N Service Pack 1 System drive C: has 79 GB (35%) free of 227 GB Total RAM: 4094 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:12:23, on 16/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\Hendrik\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Hendrik.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [D-Link D-Link Wireless N Dual Band DWA-160 ] C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Startup: CurseClientStartup.ccip O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Secunia PSI Tray.lnk = ? O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\LaunchEspresso.exe O9 - Extra 'Tools' menuitem: HP Smart Print 2.0 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\LaunchEspresso.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - Automatically Find HP Updates | HP Support O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: D-Link Wireless N Dual Band DWA-160 _WPS Service (D-Link Wireless N Dual Band DWA-160 _WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Media Jukebox 14 Service - J. River, Inc. - C:\Program Files (x86)\J River\Media Jukebox 14\JRService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe O23 - Service: Update FindRight - Unknown owner - C:\Program Files (x86)\FindRight\updateFindRight.exe O23 - Service: Util FindRight - Unknown owner - C:\Program Files (x86)\FindRight\bin\utilFindRight.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14330 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\UnsignedThemesSvc.exe C:\Windows\system32\svchost.exe -k GPSvcGroup "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\Windows\system32\CISVC.EXE "C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding WLIDSvcM.exe 3236 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0315ae4f-54dd-41dc-90d8-09ae6605b6aa -SystemEventPortName:HostProcess-083b5435-d414-407e-b18d-b74b7e6a6634 -IoCancelEventPortName:HostProcess-ecdad5d0-ea41-4484-b516-1aed5b8c9f56 -NonStateChangingEventPortName:HostProcess-cebd82d4-49c6-40fd-96d9-7f39c9ec10a6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:62752dba-87b4-49b4-80c9-08ddc9ffe729 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "158809619-6647990-130114326715506386391587201891244754937-8416343521113413682 "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Secunia\PSI\psi_tray.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Users\Hendrik\AppData\Local\Apps\2.0\MN359O47.HTL\TDVPT8E9.53B\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe" KHALMNPR.EXE /API "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Officejet J4500 Series#1352682878" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files (x86)\FindRight\updateFindRight.exe" "C:\Users\Hendrik\AppData\Roaming\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:542b76c0ea114ec8484a3b3947251341b8f7d4e5&dn=Carrie+%282013%29+BRRip+NL+Subs+DutchReleaseTeam&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Fopen.demonii.com%3A1337" "C:\Program Files (x86)\FindRight\bin\utilFindRight.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5716 CREDAT:275457 /prefetch:2 "C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" Windows 7 FindRight invoegtoepassing op Internet Explorer "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:267521 /prefetch:2 "C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe -Embedding "C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:4134164 /prefetch:2 "D:\My Desktop\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AmiUpdXp.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Malwarebytes Anti-Exploit.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20 6270336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c774641-5504-46a8-b63f-6715ae3fe376}] FindRight - C:\Program Files (x86)\FindRight\FindRightbho.dll [2014-02-14 249632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-04 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1143168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-04 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1390368] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1143168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-10-18 1063200] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-08-19 39408] "FileHippo.com"=C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23 307712] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-17 64000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe] C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-08-19 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] C:\PROGRA~2\Secunia\PSI\psi_tray.exe [2013-07-03 563416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk] C:\PROGRA~2\SIMPLI~1\SIMPLI~1\SIMPLI~1.EXE -timer [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse Client.lnk] C:\Users\Hendrik\AppData\Local\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip] C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3767096] "D-Link D-Link Wireless N Dual Band DWA-160 "=C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe [2011-11-02 1078592] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\TkBellExe] [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup CurseClientStartup.ccip [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"=Windows 7 Enterprise Ultimate 64-bit ServicePack1 "legalnoticetext"=Dit is de homecomputer van Hendrik Van Marcke Windows 7 Enterprise 64-bit SP1 Processor: Intel Core 2 Duo E7400 @ 2,80GHz Wolfdale 45nm Technologie Ram: 4,00 GB Dual-Kanaal DDR2 @ 332MHz (5-5-5-15) Moederbord: Micro-Star International co., LTD MS-7502 (Socket 775) Graphics: MD 20122 (1680x1050@59Hz) 32W_LCD_TV (1920x1080@60Hz) 512MBGeforce GT 230 (MSI) Harde schijven: 625GB Western Digital WDC WD6400AACS-00G8B1 ATA Device (SATA) 1954GB Seagate ST32000542AS ATA Device (SATA) Optische schijven: HL-DT-ST DVDRAM GH22NS40 ATA Device Audio: Realtek High Definition Audio U dient een wachtwoord in te voeren na op OK te klikken! Welkom en succes! Hendrik Van Marcke "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=177 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-02-16 10:12:04 ----D---- C:\rsit 2014-02-16 01:33:46 ----D---- C:\Program Files (x86)\FindRight 2014-02-13 19:05:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-13 19:05:21 ----A---- C:\Windows\system32\vbscript.dll 2014-02-13 19:02:58 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-13 19:02:58 ----A---- C:\Windows\system32\msrating.dll 2014-02-13 19:02:56 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-13 19:02:55 ----A---- C:\Windows\system32\ieui.dll 2014-02-13 19:02:53 ----A---- C:\Windows\system32\iernonce.dll 2014-02-13 19:02:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-13 19:02:53 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-13 19:02:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-13 19:02:52 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-13 19:02:52 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-13 19:02:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-13 19:02:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-13 19:02:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-13 19:02:51 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-13 19:02:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-13 19:02:50 ----A---- C:\Windows\system32\iesetup.dll 2014-02-13 19:02:49 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-13 19:02:49 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-13 19:02:49 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-13 19:02:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-13 19:02:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-13 19:02:48 ----A---- C:\Windows\system32\mshtml.dll 2014-02-13 19:02:48 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-13 19:02:48 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-13 19:02:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-13 19:02:47 ----A---- C:\Windows\system32\iertutil.dll 2014-02-13 19:02:46 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-13 19:02:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-13 19:02:46 ----A---- C:\Windows\system32\wininet.dll 2014-02-13 19:02:46 ----A---- C:\Windows\system32\urlmon.dll 2014-02-13 19:02:43 ----A---- C:\Windows\system32\ieframe.dll 2014-02-13 19:02:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-13 19:02:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-13 19:02:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-13 19:02:40 ----A---- C:\Windows\system32\jscript9.dll 2014-02-13 01:26:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-13 01:26:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-13 01:26:39 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 01:26:39 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 01:26:29 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 01:26:29 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 01:26:28 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-13 01:26:28 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-13 01:26:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-13 01:26:22 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 01:26:22 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 01:26:21 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-13 01:26:21 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 01:26:20 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-13 01:26:20 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-13 01:26:20 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-13 01:26:20 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 01:26:20 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 01:26:20 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 01:26:20 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 01:26:19 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-13 01:26:19 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-13 01:25:52 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-13 01:25:52 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 01:25:51 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-13 01:25:51 ----A---- C:\Windows\system32\d2d1.dll 2014-02-11 06:33:23 ----D---- C:\Program Files\VideoLAN 2014-02-07 13:17:49 ----D---- C:\Program Files (x86)\Toolbar Cleaner 2014-02-05 14:59:07 ----A---- C:\Users\Hendrik\AppData\Roaming\burnaware.ini 2014-02-04 14:24:29 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-02-04 14:24:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-02-04 14:24:21 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-02-04 14:24:21 ----A---- C:\Windows\SYSWOW64\java.exe 2014-02-04 14:24:00 ----D---- C:\Program Files (x86)\Java 2014-01-31 21:55:15 ----D---- C:\ProgramData\WarThunder 2014-01-31 21:55:02 ----D---- C:\Program Files (x86)\WarThunder 2014-01-26 03:02:27 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2014-01-26 02:48:21 ----D---- C:\Program Files (x86)\MSECache 2014-01-26 02:15:59 ----D---- C:\Users\Hendrik\AppData\Roaming\AutoCAD DWG to Image Converter 2014-01-23 02:13:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-01-20 22:01:18 ----D---- C:\Program Files (x86)\Edraw Max 6 2014-01-20 16:45:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-19 20:26:48 ----D---- C:\Program Files\Recuva ======List of files/folders modified in the last 1 month====== 2014-02-16 10:12:12 ----D---- C:\Windows\Temp 2014-02-16 10:12:10 ----D---- C:\Program Files\trend micro 2014-02-16 10:11:07 ----D---- C:\Users\Hendrik\AppData\Roaming\uTorrent 2014-02-16 06:17:30 ----D---- C:\Windows\system32\config 2014-02-16 01:48:15 ----D---- C:\Program Files (x86)\SciLor's grooveshark.com Downloader 2014-02-16 01:47:42 ----D---- C:\Windows\Tasks 2014-02-16 01:47:42 ----D---- C:\Windows\system32\Tasks 2014-02-16 01:33:46 ----RD---- C:\Program Files (x86) 2014-02-14 16:29:07 ----D---- C:\Windows\Prefetch 2014-02-13 21:04:10 ----D---- C:\ProgramData\NVIDIA 2014-02-13 20:59:14 ----D---- C:\Windows\system32\MRT 2014-02-13 20:54:59 ----A---- C:\Windows\system32\MRT.exe 2014-02-13 20:54:41 ----SHD---- C:\System Volume Information 2014-02-13 20:07:51 ----D---- C:\Windows\Microsoft.NET 2014-02-13 19:59:08 ----RSD---- C:\Windows\assembly 2014-02-13 19:33:21 ----D---- C:\Windows\winsxs 2014-02-13 19:21:09 ----D---- C:\Windows\SysWOW64 2014-02-13 19:21:09 ----D---- C:\Windows\System32 2014-02-13 19:20:57 ----D---- C:\Windows\SYSWOW64\pt-BR 2014-02-13 19:20:57 ----D---- C:\Windows\SYSWOW64\bg-BG 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\uk-UA 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\pt-PT 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\pl-PL 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\ko-KR 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\it-IT 2014-02-13 19:20:56 ----D---- C:\Windows\SYSWOW64\he-IL 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\sl-SI 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\hu-HU 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\hr-HR 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\fr-FR 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\fi-FI 2014-02-13 19:20:55 ----D---- C:\Windows\SYSWOW64\el-GR 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\tr-TR 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\th-TH 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\sv-SE 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\lv-LV 2014-02-13 19:20:54 ----D---- C:\Windows\SYSWOW64\es-ES 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\zh-TW 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\zh-CN 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\sk-SK 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\lt-LT 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\ja-JP 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\et-EE 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\de-DE 2014-02-13 19:20:53 ----D---- C:\Windows\SYSWOW64\cs-CZ 2014-02-13 19:20:52 ----D---- C:\Windows\SYSWOW64\ru-RU 2014-02-13 19:20:52 ----D---- C:\Windows\SYSWOW64\ro-RO 2014-02-13 19:20:52 ----D---- C:\Windows\SYSWOW64\ar-SA 2014-02-13 19:20:51 ----D---- C:\Windows\SYSWOW64\nb-NO 2014-02-13 19:20:51 ----D---- C:\Windows\SYSWOW64\da-DK 2014-02-13 19:20:50 ----D---- C:\Windows\SYSWOW64\en-US 2014-02-13 19:20:46 ----D---- C:\Windows\system32\pt-BR 2014-02-13 19:20:46 ----D---- C:\Windows\system32\it-IT 2014-02-13 19:20:46 ----D---- C:\Windows\system32\bg-BG 2014-02-13 19:20:45 ----D---- C:\Windows\system32\uk-UA 2014-02-13 19:20:45 ----D---- C:\Windows\system32\pt-PT 2014-02-13 19:20:45 ----D---- C:\Windows\system32\pl-PL 2014-02-13 19:20:45 ----D---- C:\Windows\system32\he-IL 2014-02-13 19:20:44 ----D---- C:\Windows\system32\ko-KR 2014-02-13 19:20:43 ----D---- C:\Windows\system32\sl-SI 2014-02-13 19:20:43 ----D---- C:\Windows\system32\nl-NL 2014-02-13 19:20:43 ----D---- C:\Windows\system32\hu-HU 2014-02-13 19:20:43 ----D---- C:\Windows\system32\hr-HR 2014-02-13 19:20:43 ----D---- C:\Windows\system32\fr-FR 2014-02-13 19:20:43 ----D---- C:\Windows\system32\el-GR 2014-02-13 19:20:42 ----D---- C:\Windows\system32\tr-TR 2014-02-13 19:20:42 ----D---- C:\Windows\system32\th-TH 2014-02-13 19:20:42 ----D---- C:\Windows\system32\sv-SE 2014-02-13 19:20:42 ----D---- C:\Windows\system32\sr-Latn-CS 2014-02-13 19:20:42 ----D---- C:\Windows\system32\fi-FI 2014-02-13 19:20:41 ----D---- C:\Windows\system32\zh-TW 2014-02-13 19:20:41 ----D---- C:\Windows\system32\sk-SK 2014-02-13 19:20:41 ----D---- C:\Windows\system32\lv-LV 2014-02-13 19:20:41 ----D---- C:\Windows\system32\lt-LT 2014-02-13 19:20:41 ----D---- C:\Windows\system32\es-ES 2014-02-13 19:20:40 ----D---- C:\Windows\system32\et-EE 2014-02-13 19:20:40 ----D---- C:\Windows\system32\de-DE 2014-02-13 19:20:40 ----D---- C:\Windows\system32\cs-CZ 2014-02-13 19:20:39 ----D---- C:\Windows\system32\zh-CN 2014-02-13 19:20:39 ----D---- C:\Windows\system32\ja-JP 2014-02-13 19:20:39 ----D---- C:\Windows\system32\ar-SA 2014-02-13 19:20:38 ----D---- C:\Windows\system32\ru-RU 2014-02-13 19:20:38 ----D---- C:\Windows\system32\ro-RO 2014-02-13 19:20:37 ----D---- C:\Windows\system32\nb-NO 2014-02-13 19:20:37 ----D---- C:\Windows\system32\da-DK 2014-02-13 19:20:36 ----D---- C:\Windows\system32\en-US 2014-02-13 19:20:09 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-13 19:20:08 ----D---- C:\Program Files\Internet Explorer 2014-02-13 19:17:22 ----SHD---- C:\Windows\Installer 2014-02-13 19:17:21 ----D---- C:\Config.Msi 2014-02-13 19:09:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-13 19:09:00 ----D---- C:\Windows\inf 2014-02-13 19:08:48 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-13 19:06:59 ----D---- C:\Windows\system32\catroot 2014-02-13 19:04:31 ----D---- C:\Windows\system32\catroot2 2014-02-13 15:40:35 ----RD---- C:\Program Files (x86)\Skype 2014-02-13 15:40:21 ----D---- C:\ProgramData\Skype 2014-02-13 15:40:21 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-02-12 15:54:46 ----D---- C:\Program Files\WinRAR 2014-02-11 15:08:35 ----D---- C:\Program Files (x86)\Edraw Max 5 2014-02-11 07:15:25 ----D---- C:\Program Files (x86)\VideoLAN 2014-02-11 06:38:16 ----RD---- C:\Program Files 2014-02-11 06:38:07 ----D---- C:\Windows\system32\drivers 2014-02-11 06:23:29 ----D---- C:\Windows\system32\wbem 2014-02-09 23:08:50 ----D---- C:\Windows\SYSWOW64\directx 2014-02-07 17:22:55 ----D---- C:\Program Files\Defraggler 2014-02-07 17:20:32 ----D---- C:\Program Files (x86)\OpenOffice 4 2014-02-07 17:18:18 ----RSD---- C:\Windows\Fonts 2014-02-05 14:59:09 ----D---- C:\Program Files (x86)\BurnAware Free 2014-02-04 14:26:35 ----D---- C:\ProgramData\Oracle 2014-02-04 14:25:46 ----D---- C:\Program Files (x86)\Common Files 2014-02-04 13:52:17 ----D---- C:\Program Files\Java 2014-02-03 17:35:51 ----D---- C:\Users\Hendrik\AppData\Roaming\Nitro PDF 2014-02-03 17:35:12 ----D---- C:\Program Files\Speccy 2014-01-31 21:55:15 ----D---- C:\ProgramData 2014-01-31 20:39:52 ----D---- C:\Program Files (x86)\Steam 2014-01-26 14:42:40 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-01-26 03:02:27 ----D---- C:\Program Files (x86)\Microsoft Office 2014-01-26 03:02:26 ----D---- C:\Program Files\Microsoft Office 2014-01-26 02:57:05 ----D---- C:\Windows\Minidump 2014-01-26 02:57:05 ----D---- C:\Windows 2014-01-24 19:10:46 ----A---- C:\Windows\system32\aswBoot.exe 2014-01-24 19:04:54 ----D---- C:\Program Files\CCleaner 2014-01-24 19:04:01 ----D---- C:\Users\Hendrik\AppData\Roaming\Skype 2014-01-24 18:57:29 ----D---- C:\Windows\rescache 2014-01-23 15:32:43 ----D---- C:\Windows\debug 2014-01-23 02:15:26 ----D---- C:\Users\Hendrik\AppData\Roaming\Mozilla 2014-01-20 10:59:19 ----D---- C:\Program Files (x86)\EASEUS 2014-01-18 14:44:56 ----D---- C:\Windows\SYSWOW64\Macromed 2014-01-18 12:11:02 ----D---- C:\Program Files (x86)\Battle.net 2014-01-18 12:10:26 ----D---- C:\Program Files\Malwarebytes Anti-Exploit 2014-01-17 00:57:09 ----A---- C:\Users\Hendrik\AppData\Roaming\CamShapes.ini 2014-01-17 00:57:09 ----A---- C:\Users\Hendrik\AppData\Roaming\CamLayout.ini 2014-01-17 00:57:09 ----A---- C:\Users\Hendrik\AppData\Roaming\Camdata.ini 2014-01-17 00:00:21 ----D---- C:\Users\Hendrik\AppData\Roaming\Opera ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-21 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-25 207904] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 anodlwf;ANOD Network Security Filter driver; C:\Windows\system32\DRIVERS\anodlwfx.sys [2010-05-29 15872] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-21 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 421704] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344] R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [2013-12-17 62168] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-06-21 238352] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-06-21 120080] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648] R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992] R2 uxpatch;uxpatch; \??\C:\Windows\system32\drivers\uxpatch.sys [2009-07-13 30568] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 80184] R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176] R3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2011-09-02 32536] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696] R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [2011-09-09 1660480] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-09-28 39200] R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-07-03 18456] R3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-06-21 146704] R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-03-11 36352] S2 supersafer64;supersafer64; \??\C:\Windows\SysWOW64\drivers\supersafer64.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840] S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2013-08-15 32000] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552] S3 OV550I;OVT Scanner; C:\Windows\System32\Drivers\ov550ivx.sys [2008-02-21 196992] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RTL8192cu;Belkin Wireless Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2012-02-01 1041000] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-09-29 695400] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-06-21 131856] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [] S4 A2DDA;A2 Direct Disk Access Support Driver; \??\D:\My Desktop\Bleeping computer\EmisoftEmergencyKit\Run\a2ddax64.sys [] S4 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S4 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [] S4 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144] S4 rt61x64;Linksys Wireless-G PCI Adapter Driver; C:\Windows\system32\DRIVERS\WMP54Gv41x64.sys [] S4 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S4 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S4 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120] R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-01-03 1363616] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-01-03 1748640] R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 D-Link Wireless N Dual Band DWA-160 _WPS;D-Link Wireless N Dual Band DWA-160 _WPS Service; C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe [2010-07-12 53248] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128] R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-02-23 183048] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-06-18 230416] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-08 15125280] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-07-03 1228504] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496] R2 UnsignedThemes;Unsigned Themes; C:\Windows\UnsignedThemesSvc.exe [2009-07-13 24168] R2 Update FindRight;Update FindRight; C:\Program Files (x86)\FindRight\updateFindRight.exe [2014-02-14 80672] R2 Util FindRight;Util FindRight; C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [2014-02-16 80672] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 136176] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-08 1914656] S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-07-03 660184] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192] S3 Media Jukebox 14 Service;Media Jukebox 14 Service; C:\Program Files (x86)\J River\Media Jukebox 14\JRService.exe [2010-07-15 379400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S4 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-06-29 67584] S4 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464] S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808] -----------------EOF-----------------

Beste collega's, Bij het installeren van software heb ik domweg op accept geklikt voor het mee installeren van een ongewilde invoegtoepassing: FindRicht Deze invoegtoepassing zou ik graag verwijderd willen zien van mijn computer. kan iemand mij hierin helpen a.u.b.

Als er te vaak een verkeerd wachtwoord is ingevoerd en je hebt een aanvraag voor een nieuw wachtwoord volbracht moet je 24 uur wachten voor je weer kan inloggen.

Dan leg ik het even voor aan de specialisten hier. Van zodra deze online komen zal er op dit topic gereageerd worden, nog even geduld. Ondertussen kan je antwoorden op de volgende vragen: [*=1]Wie is je provider [*=1]Zit er buiten de modem die je van de provider hebt gekregen nog andere hardware tussen je laptop en de modem, bijvoorbeeld extra router, switch, extender enz... [*=1]Welke melding heb je gekregen bij de stappen die je uitgevoerd hebt wanneer je voorgaande stappenplan hebt uitgevoerd [*=1]download Speccy en post hier een log Download en installeer Speccy. Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren. Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is. Start nu het programma en er zal een overzicht gemaakt worden van je hardware. Als dit gereed is selecteer je bovenaan "Bestand - Publiceer Snapshot" en vervolgens bevestig je die keuze met " Ja ". In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware. Meer info over deze procedure lees je HIER. Ik verwittig ondertussen het team.

Goed, dat is uitstekend! Nu volg je stap voor stap uit wat ik in bericht #24 uit de doeken heb gedaan voor jou. klik hier om naar dit bericht terug te gaan: http://www.pc-helpforum.be/f167/bijlagen-openen-windows-live-mail-67824/index3.html#post446096

Ga op je laptop naar: [*=1]Start [*=1]Configuratiescherm [*=1]Netwerkcentrum - in het Netwerkcentrum klik je op: [*=1]Verbinding met een netwerk maken - rechts onderaan je scherm komt er een nieuw venstertje te voorschijn [ATTACH=CONFIG]30273[/ATTACH] - Als er netwerkverbindingen beschikbaar zijn komen ze daarin zichtbaar te staan (ook de netwerkverbinding die je van jouw provider hebt gekregen). [*=1]Als er geen netwerkverbindingen zichtbaar zijn klik je op de knop vernieuwen [ATTACH=CONFIG]30274[/ATTACH] - Als jouw netwerkverbinding niet voorkomt in de lijst kan het zijn dat je ofwel: [*=1]te ver af zit van de router (dichterbij komen is dan de boodschap). [*=1]of je router zend niet uit (kijk de controle lampjes na van de router, desnoods reset je de router) [*=1]of de wireless netwerkkaart van je laptop staat uit (zet de wireless netwerkkaart aan, meestal een toetsencombinatie met de FN toets, zie de documentatie van je laptop). - Als jouw netwerk wel in de lijst voorkomt: [*=1]selecteer dan jouw netwerk (klik er op) [*=1]klik op de knop verbinding maken [*=1]als er gevraagd word naar de netwerksleutel vul je de code in die je van je netwerkbeheerder (provider) hebt gekregen [ATTACH=CONFIG]30275[/ATTACH] - Vervolgens ga je terug naar het Netwerkcentrum (via Start / Configuratiescherm / Netwerkcentrum) - Klik op "Draadloze netwerken beheren [ATTACH=CONFIG]30276[/ATTACH] - Daar staat het netwerk waar je verbinding hebt mee gemaakt [ATTACH=CONFIG]30277[/ATTACH] - Klik rechts op je draadloze netwerk (waarmee je momenteel verbonden bent) [*=1]klik vervolgens in het menuvenster op "eigenschappen". [ATTACH=CONFIG]30278[/ATTACH] - Op het tabblad "Verbinding" zet je een vinkje bij "Automatisch verbinding maken wanneer dit netwerk binnen bereik is" en klik op "OK". [ATTACH=CONFIG]30279[/ATTACH] - Vervolgens ga je terug naar het configuratiescherm [*=1]ga naar "Systeem" in het configuratiescherm [*=1]ga naar "Apparaatbeheer" [ATTACH=CONFIG]30280[/ATTACH] - In apparaatbeheer klik je op het kleine pijltje bij "Netwerkadapters" [ATTACH=CONFIG]30281[/ATTACH] - daar zie je uw wireless netwerkadapter en je Lan netwerkadapter [*=1]klik met de rechtermuis knop op je wireless netwerkadapter en klik op "Eigenschappen". [ATTACH=CONFIG]30282[/ATTACH] - Een nieuw venster wordt geopend (Eigenschappen van ...[uw wireless] adapter). [*=1]klik op het tabblad "Energiebeheer" [ATTACH=CONFIG]30283[/ATTACH] [*=1]doe het vinkje weg bij: "De computer mag dit apparaat uitschakelen om energie te bessparen". [*=1]klik vervolgens op "OK" [ATTACH=CONFIG]30284[/ATTACH] Hopelijk werkt dit voor jou.

Die Microsoft Office PowerPoint 2007 die op je computer staat is dat van een compleet Microsoft Office 2007 pakket? (Word, Excel, Outlook, PowerPoint, Acces, enz...).