Asus

Hoi Stijnstijn, welkom op PC-Helpforum.be. Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk. Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ... Download RSIT van de onderstaande locaties en sla deze op het bureaublad op. Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken. RSIT 32 bit (RSIT.exe) RSIT 64 bit (RSITx64.exe) Dubbelklik op RSIT.exe om de tool te starten. Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren. Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue" Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" . RSIT Logbestanden plaatsen Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit") Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt). Hoe u een bijlage kunt toevoegen aan het bericht leest u hier. De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Om het overzicht te bewaren zijn je topics samengevoegd, lees zeker ook nog eventjes de forumregels na als je wil.

Hebben we het hier over dezelfde printer als die waar het hier over gaat ? ...

Ik denk dan in de eerste plaats aan de "klassieke" zoekertjessites zoals 2ehands en Kapaza: zorg voor een paar duidelijke foto's en een compacte, vlot leesbare tekst met volledige beschrijving. Vernieuw het zoekertje regelmatig, veel mensen hebben de gewoonte om enkel de eerste pagina's te bekijken en dan is het belangrijk dat je zoekertje bovenaan staat.

Aangezien er (ook hier) geen reactie meer komt, besluit ik dat het probleem opgelost is en wordt het topic afgesloten ... mocht je het topic willen heropenen, stuur dan eventjes een privébericht naar mij of naar één van de andere teamleden.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ... Download RSIT van de onderstaande locaties en sla deze op het bureaublad op. Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken. RSIT 32 bit (RSIT.exe) RSIT 64 bit (RSITx64.exe) Dubbelklik op RSIT.exe om de tool te starten. Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren. Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue" Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" . RSIT Logbestanden plaatsen Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit") Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt). Hoe u een bijlage kunt toevoegen aan het bericht leest u hier. De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Je opende eerder hier een topic, hoe staat het daar mee ? ...

Correct gebruik dus, mooi zo. Benieuwd naar de reactie van de verkoper, succes !

Heb dit ook nog niet eerder gezien ... op welke ondergrond(en) wordt deze laptop zoal gebruikt ?

Je laptop is weliswaar nog in garantie, maar ik ben toch benieuwd naar de oorzaak van dit "fenomeen" ... Wat is het merk én de volledige type-aanduiding van jouw laptop ? ... (voorbeeldje: HP Pavilion g7-2030sb). Kan je een Speccy-linkje produceren en posten ? ... produceer deze link wanneer je de laptop reeds enige tijd gebruikt (zo'n half uurtje) én gebruik hem zoals je hem normaal gebruikt en op dezelfde ondergrond. Download en installeer Speccy. Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlandskan selecteren. Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is. Start nu het programma en er zal een overzicht gemaakt worden van je hardware. Als dit gereed is selecteer je bovenaan "Bestand - Publiceer Snapshot" en vervolgens bevestig je die keuze met " Ja ". In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware. Meer info over deze procedure lees je HIER.

Fijn zo ! De volgende stap is het posten van je RSIT-logje.

Ik vrees dat zo'n eventuele firmware update enkel wordt uitgevoerd door een Sharp servicepunt ... tegen betaling ?

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk. Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ... Download RSIT van de onderstaande locaties en sla deze op het bureaublad op. Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken. RSIT 32 bit (RSIT.exe) RSIT 64 bit (RSITx64.exe) Dubbelklik op RSIT.exe om de tool te starten. Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren. Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue" Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" . RSIT Logbestanden plaatsen Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit") Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt). Hoe u een bijlage kunt toevoegen aan het bericht leest u hier. De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Doen we ... Bedankt voor de snelle assistentie !

Die knop komt nog hoor: er is nog lijstje met wat sleutelwerk aan de website en die knop maakt deel van uit ... Ik sluit hem wel even voor je: case closed.

Graag gedaan hoor ... Mag ik dit topic afronden of laat je het liever nog eventjes open voor eventuele nieuwe vragen i.v.m. je aankoop ?

Mijn persoonlijke voorkeur gaat zonder twijfel uit naar een bekabelde muis wegens betrouwbaarheid / veel minder kans op problemen, maar je zal wel begrijpen dat die keuze een volledig subjectief gegeven is ...

Java Versie 7 Update 71 werd gisteren succesvol geïnstalleerd en dat is de recentste versie, zo blijkt na controle via deze link. AdwCleaner deze nacht gerund: # AdwCleaner v4.105 - Rapport aangemaakt 16/12/2014 op 01:55:46 # Laatste Update 08/12/2014 door Xplode # Database : 2014-12-08.2 [Local] # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruikersnaam : Sien - PC_VAN_SIEN # Gestart vanuit : C:\Users\Sien\Desktop\adwcleaner_4.105.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16599 -\\ Google Chrome v [C:\Users\Sien\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.avg.com/search?cid={69FB75F4-858F-4A76-A497-24AF2727DC0D}&mid=1929e980475047d6ad9ed1544f331438-96a5a3080fa1d9a8d898eaa940aea76e24d18daf〈=nl&ds=AVG&coid=avgtbavg&pr=fr&d=2013-10-04 17:56:52&v=17.0.0.12&pid=avg&sg=0&sap=dsp&q={searchTerms} ************************* AdwCleaner[R0].txt - [1132 octets] - [16/12/2014 01:53:31] AdwCleaner[s0].txt - [1059 octets] - [16/12/2014 01:55:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1119 octets] ##########

Zoek.exe v5.0.0.0 Updated 14-December-2014 Tool run by Sien on di 16/12/2014 at 2:02:16,07. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sien\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 16/12/2014 2:08:42 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\7-Zip deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NOS deleted successfully C:\Program Files\Common Files\SWF Studio deleted successfully C:\PROGRA~2\CanonEPP deleted successfully C:\PROGRA~2\CanonIJEPPEX2 deleted successfully C:\PROGRA~2\NOS deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Origin deleted successfully C:\PROGRA~2\Roxio deleted successfully C:\Users\Sien\AppData\Roaming\Samsung deleted successfully C:\Users\Sien\AppData\Roaming\tmp deleted successfully C:\Users\Sien\AppData\Roaming\WhiteSmokeTranslator deleted successfully C:\Users\Sien\AppData\Local\calibre-cache deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Windows\System32\wpcumi.exe C:\Windows\OEM02Mon.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\aestsrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\dlcgcoms.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\STacSV.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Sien\Desktop\zoek.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cce665dd-f6dd-4808-968e-eaec971f70ef}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\Program Files\AVG Secure Search not found C:\Program Files\WhiteSmoke_US deleted C:\Users\Sien\appdata\locallow\WhiteSmoke_US deleted C:\Users\Gast\AppData\LocalLow\WhiteSmoke_US deleted C:\Program Files\Uninstall Information\ib_uninst_0 deleted C:\Program Files\Uninstall Information\ib_uninst_470 deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\WhiteSmokeTranslator deleted C:\found.000 deleted C:\found.001 deleted C:\PROGRA~2\Mobistar Internet Everywhere deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator deleted C:\Users\Gast\AppData\LocalLow\AVGTOOLBAR deleted C:\Users\Gast\AppData\LocalLow\pdfcreator toolbar deleted C:\Users\Sien\AppData\LocalLow\store-pp.jbs deleted C:\Users\Sien\AppData\LocalLow\AVGTOOLBAR deleted C:\Users\Sien\AppData\LocalLow\pdfcreator toolbar deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVGTOOLBAR deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\SETCB99.tmp deleted "C:\ProgramData\c637c1aeb13e2fbfec5c9a999d45d65e_c" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3070 MB CPU Info: Intel® Core2 Duo CPU T5750 @ 2.00GHz CPU Speed: 1993,4 MHz Sound Card: Luidsprekers / Koptelefoon (Sig | Digitaal uitgangapparaat (SPDIF | Display Adapters: NVIDIA GeForce 8600M GT | NVIDIA GeForce 8600M GT | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Dell draadloze 1395 WLAN Mini-kaart | Broadcom 440x 10/100 Integrated Controller CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpDVD+-RW TS-L632H | F: EVWPQJ KTYJ41278LIN Ports: COM3 LPT Port NOT Present. Mouse: 2 Button Wheel Mouse Present Hard Disks: C: 136,4GB | D: 10,0GB Hard Disks - Free: C: 75,1GB | D: 5,4GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 04/21/08 | DELL - 27d80415 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0UK437 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 39.0.2171.95 Adobe Reader version: 10.1.13.16 Sun Java version: 1.7.0_71 (32-bit) Flash Player version: 15.0.0.246 Shockwave Player version: 11.0r465 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-15 22:19:32 5E6A3F72BC79EE22A14760CFA50057CA 380845695 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Sien\AppData\Local\Temp ==== 2014-12-15 21:45:49 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Sien\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_gqjfx.dll 2014-12-15 20:40:28 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\libiconv2.dll 2014-12-15 20:40:28 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\libintl3.dll 2014-12-15 20:40:28 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\pcre3.dll 2014-12-15 20:40:28 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\regex2.dll 2014-12-15 20:40:28 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-15 18:40:09 D7AD0AD3162BCD50E1D2E462E8C748EA 264488 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2014-12-15 18:40:09 7A5A07D9A323DFD9097C9CF39E6802E6 153760 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2014-12-15 18:40:08 26FD227409FB73C4D958602B8A3EFFA0 577632 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll 2014-12-15 18:40:07 9BD51360CB8F1A2206642599D40FD258 419048 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2014-12-15 18:40:07 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-12-15 19:22:26 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll 2014-12-15 19:22:26 842DE20A6487D830A458DDB5E0363F13 156824 ----a-w- C:\Windows\System32\mscorier.dll 2014-12-15 19:22:26 653DFC2662680AB61232E1531147558A 81560 ----a-w- C:\Windows\System32\mscories.dll 2014-12-15 19:21:03 51992CC4DF2DB150950C6CB505556B9A 146432 ----a-w- C:\Windows\System32\msaudite.dll 2014-12-15 19:21:01 15F315B53C69930BF907D9A0FFCB6206 619520 ----a-w- C:\Windows\System32\adtschema.dll 2014-12-15 19:20:59 DBD84E59D631569EC3E756EF144E8431 449536 ----a-w- C:\Windows\System32\termsrv.dll 2014-12-15 19:19:50 D7E28676D83AE6568CCF99BD01700734 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-12-15 19:18:56 F074BF1F79D749FCB8C2B739651CD816 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-12-15 19:10:00 37A4DF3BCA563FB7537B881AE91BA9C4 1249280 ----a-w- C:\Windows\System32\msxml3.dll 2014-12-15 19:10:00 06A9049BA8B9F20D755CF03FD12E8AFD 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2014-12-15 19:09:23 1DE1C07B256961012DCE0674EA488DE7 499200 ----a-w- C:\Windows\System32\kerberos.dll 2014-12-15 19:08:50 BC4C024BDC8B676CC58BCE1D5BA7BC04 67072 ----a-w- C:\Windows\System32\packager.dll 2014-12-15 19:06:00 FD7A26BF790751B527E632BD9346DDFD 729600 ----a-w- C:\Windows\System32\IMJP10K.DLL 2014-12-15 19:02:58 BE377621E2D2B483F8EF447079E55585 396800 ----a-w- C:\Windows\System32\AudioEng.dll 2014-12-15 19:02:58 A0344CD5E3F552340AB226E864E1710B 170496 ----a-w- C:\Windows\System32\EncDump.dll 2014-12-15 19:02:58 8E98A99187FF17FC1D48E6FAFFD870BE 316928 ----a-w- C:\Windows\System32\audiosrv.dll 2014-12-15 19:02:58 56B73070DB745E192307EB7AB6C55CD5 274432 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2014-12-15 18:50:26 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe 2014-12-15 18:47:19 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-12-15 18:47:19 279C281689A48D1CAF37338CAB312C06 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-12-15 18:47:19 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe 2014-12-15 18:45:53 2908C2D90B78FDC24326B7854079E44E 564224 ----a-w- C:\Windows\System32\oleaut32.dll 2014-12-15 18:33:02 A2083D925A6677229CDE79E9F14A1FBC 278528 ----a-w- C:\Windows\System32\schannel.dll 2014-12-15 18:33:02 0C96812AAEDA38C89DC6C3F0AE7B6930 1259008 ----a-w- C:\Windows\System32\lsasrv.dll 2014-12-15 18:29:56 2833F623494FC1EFC0EAC4401CBBF2F2 2054656 ----a-w- C:\Windows\System32\win32k.sys 2014-12-14 16:23:10 D3FE7135827884946E5ED4E4DD96B472 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-12-14 16:23:10 5281C1E96FDE868A822260478694BA54 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-12-14 16:23:10 117980ADC4A9E349571810D20B14BFB8 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-12-14 16:23:09 E633199D0EE2682618FA5B762D892F04 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-12-14 16:23:09 823B559B2EF3D86DB920EA16102858E1 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-12-14 16:23:09 70DD19C20344660B1D32057603A9820D 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-12-14 16:23:09 5C3D2065153E4A4273DEDD87A8BC1805 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2014-12-14 16:23:09 407FD4AAE5E119A441CCEAA4C3276DDF 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-12-14 16:23:09 3F0A7F435BAB0ED4070BBCE73F1918F3 1139712 ----a-w- C:\Windows\System32\urlmon.dll 2014-12-14 16:23:08 F18D4C903AE56BD9852D1D9E02CF1730 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-12-14 16:23:08 D32B633111A9F99F8DCE36F1A6278FC7 231936 ----a-w- C:\Windows\System32\url.dll 2014-12-14 16:23:08 898479188B3DBCB7F2BAC888D6456636 1802752 ----a-w- C:\Windows\System32\iertutil.dll 2014-12-14 16:23:05 AA680F0065A505118BDD9181BCE7C83D 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-12-14 16:23:04 ED7DBB46D75BD5DE33E9E06C7CCDC4E8 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-12-14 16:23:04 C23F63949092BC7086BD23743A28C46B 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-12-14 16:23:04 5E251125799567959443D8F466DBEA28 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-12-14 16:23:04 5310BF0FF12033B7F79F163805BE721A 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-14 16:23:04 4D6B5B1CE39F6A2477FDE3117D84BDAB 367104 ----a-w- C:\Windows\System32\html.iec 2014-12-14 16:23:03 7247B8F630630FCF495B809962D52970 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-12-14 16:23:03 4C0FA381EC7348F05432B2976924A031 1810944 ----a-w- C:\Windows\System32\jscript9.dll 2014-12-14 16:23:00 829532FD1584422EB7F4C49F767D1E4B 9740800 ----a-w- C:\Windows\System32\ieframe.dll 2014-12-14 16:22:58 91F488C0ED1D8B1FDC112F95A4965CC6 12369920 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2014-12-15 20:47:42 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-12-15 20:47:25 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-12-15 20:47:25 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-12-15 20:47:25 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-15 18:19:36 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Sien\AppData\Roaming ====== ====== C:\Users\Sien ====== 2014-12-16 00:52:20 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\Sien\Desktop\adwcleaner_4.105.exe 2014-12-15 19:44:16 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Sien\Desktop\JRT.exe 2014-12-15 18:42:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-15 18:18:05 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Sien\Desktop\RSIT.exe ====== C: exe-files == 2014-12-16 00:52:20 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\Sien\Desktop\adwcleaner_4.105.exe 2014-12-15 22:15:37 FE916605D4C700C524CA16EBC78F7D75 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3928690041-488287106-1210039002-1000\$I2P2RZ8.exe 2014-12-15 20:40:28 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-15 19:44:16 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Sien\Desktop\JRT.exe 2014-12-15 19:19:49 8EC60805F1217633C5EC84602F4D8402 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2014-12-15 19:06:02 A5300B1610FF61B8C28D1C379CFA7A52 105984 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe 2014-12-15 18:50:26 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe 2014-12-15 18:47:19 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-12-15 18:47:19 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe 2014-12-15 18:40:07 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-12-15 18:39:40 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Sien\AppData\LocalLow\Sun\Java\jre1.7.0_71\lzma.exe 2014-12-15 18:19:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sien.exe 2014-12-15 18:18:05 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Sien\Desktop\RSIT.exe 2014-12-14 16:23:10 D3FE7135827884946E5ED4E4DD96B472 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-12-14 16:23:09 70DD19C20344660B1D32057603A9820D 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-12-14 16:23:09 56E1BFE10166F2CF6EC03E2D8BB31C1B 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-12-14 16:23:08 D7AD6A7CEF0710BB7A8831B1792D5A0A 470016 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-12-14 16:23:06 63BE371C16B163583A5EA9D3DF4AC16B 757968 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-12-14 16:23:05 4867136A725C08C729785CF1E0126E58 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2014-12-14 16:23:04 5310BF0FF12033B7F79F163805BE721A 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-14 15:53:19 205E775B4B2C165922203A390B115523 40747600 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_chrome_installer.exe 2014-12-14 15:47:01 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-12-14 15:47:01 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-12-14 15:46:54 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-12-14 15:46:53 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-12-14 15:46:53 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-12-14 15:46:47 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-12-14 15:42:07 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-12-14 15:41:40 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-12-14 15:41:19 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-12-14 15:39:57 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-12-14 15:39:27 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-12-14 15:39:06 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-12-14 15:37:55 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-12-14 15:36:03 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-12-14 15:35:29 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-12-14 15:35:11 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-12-09 03:49:18 5BDF8CE82C3E4900677CD5A6E2146A3C 262160 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 2014-12-09 03:45:30 2F2E573625D314AA7BFBFC57E3EEBA90 225240 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe 2014-12-09 03:45:28 6226810F26227F083929AC5584122951 39207112 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe === C: other files == 2014-12-15 20:47:42 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-12-15 20:47:25 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-12-15 20:47:25 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-12-15 20:47:25 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-12-15 20:40:28 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\prelim.bat 2014-12-15 20:40:28 EBAA7BD799FC68980A6A8594BB14A950 190569 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\misc.bat 2014-12-15 20:40:28 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\TDL4.bat 2014-12-15 20:40:28 BC28D90D34DB7AC6BB5789BF3C9E8FDB 14957 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\get.bat 2014-12-15 20:40:28 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\medfos.bat 2014-12-15 20:40:28 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\surfvox.bat 2014-12-15 20:40:28 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\searchlnk.bat 2014-12-15 20:40:28 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\firefox.bat 2014-12-15 20:40:28 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\ev_clear.bat 2014-12-15 20:40:28 813FA9E2180EE3BB5EFCE744009B5611 10880 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\runvalues.bat 2014-12-15 20:40:28 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\ask.bat 2014-12-15 20:40:28 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\iexplore.bat 2014-12-15 20:40:28 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\delfolders.bat 2014-12-15 20:40:28 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\mws.bat 2014-12-15 20:40:28 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\chrome.bat 2014-12-15 18:29:56 2833F623494FC1EFC0EAC4401CBBF2F2 2054656 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter" "Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Sidebar"="C:\Program Files\windows sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16 -http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe /s" "Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "WPCUMI"="C:\Windows\system32\WpcUmi.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Apoint"="C:\Program Files\DellTPad\Apoint.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter" "ECenter"="C:\Dell\E-Center\EULALauncher.exe" "fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe -autorun" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart" "OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe " "SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe" "SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe" "SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter" "Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Sidebar"="C:\Program Files\windows sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16 -http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dellsupportcenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dellsupportcenter" "hkey"="HKLM" "command"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P dellsupportcenter" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Sien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] "path"="C:\\Users\\Sien\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk" "backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office12\\ONENOTEM.EXE /tsr" "item"="OneNote 2007 Schermopname en Snel starten" ==== Startup Folders ====================== 2008-07-29 09:33:11 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2008-07-29 09:33:11 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2008-08-03 11:33:10 1815 ----a-w- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk 2008-08-01 11:27:39 1815 ----a-w- C:\Users\Sien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk 2011-03-23 19:17:13 1815 ----a-w- C:\Users\Tibe Janssens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2014 18:23] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job --a------ C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [05/08/2012 08:21] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job --a------ C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [05/08/2012 08:21] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2014 16:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2014 16:18] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job --a------ C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe [28/10/2014 16:21] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core" [C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA" [C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core" [C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA" [C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\Windows\system32\tasks\User_Feed_Synchronization-{F7C757B5-7519-42D0-AA67-0DF6232A59A9}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{62D6DA57-D0EC-44F4-A503-8A0C62F42C84}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [11/08/2009 09:24] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "wcapturex@deskperience.com"="C:\Program Files\WhiteSmokeTranslator\WCaptureMoz" [] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mjdepfkicdcciagbigfcmdhknnoaaegf - C:\Program Files\WhiteSmokeTranslator[] YouTube - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 20-20 3D Viewer for IKEA - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp Gmail - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Default_Page_URL"="http://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=5080729" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://www.mirarsearch.com/?useie5=1&q=" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl" {AC854C16-CA1E-43f1-8513-0D2F36C726ED} Google Url="http://www.sicto.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls=acnJyEQt" {FDEEDA2D-62C1-4E43-84D7-A925A5168F78} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FDEEDA2D-62C1-4E43-84D7-A925A5168F78} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Mozilla\Firefox\Extensions\wcapturex@deskperience.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmokeTranslator deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16" -"http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr" O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418691514 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: AutorunsDisabled O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Global Startup: AutorunsDisabled O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlcg_device - - C:\Windows\system32\dlcgcoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tibe Janssens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tibe Janssens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANMW0NGG will be deleted at reboot C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Sien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1607 folders=231 123624447 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Sien\AppData\Local\Temp will be emptied at reboot C:\Users\Tibe Janssens\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sien\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANMW0NGG" not found ==== EOF on di 16/12/2014 at 2:38:18,87 ======================

Die code is perfect leesbaar in de afbeelding: 0xc0000142.

Laptopje van een collega zijn eega meegekregen voor een opschoning ... Hieronder het RSIT-logje, alvast bedankt collega's ! Logfile of random's system information tool 1.10 (written by random/random) Run by Sien at 2014-12-15 19:19:35 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 77 GB (55%) free of 140 GB Total RAM: 3069 MB (48% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:20:06, on 15/12/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16575) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Windows\System32\wpcumi.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\OEM02Mon.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Sien\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sien\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Sien\Desktop\RSIT.exe C:\Program Files\trend micro\Sien.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=5080729 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3198785&CUI=UN61660094665317434 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: WhiteSmoke US Toolbar - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: WhiteSmoke US - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: WhiteSmoke US Toolbar - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16" -"http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: AutorunsDisabled O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Startup: Dropbox.lnk = C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AutorunsDisabled O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: BasicScan Service - Unknown owner - C:\Program Files\BasicScan\basicscan.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlcg_device - - C:\Windows\system32\dlcgcoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13872 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{60371FBB-3B33-43F7-B237-F27CC0A17291}.exe --uninstall=1 C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job - C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job - C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job - C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job - C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-05 462752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-09-28 3627032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-11-01 806912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cce665dd-f6dd-4808-968e-eaec971f70ef}] WhiteSmoke US Toolbar - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-05 171424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-11-01 806912] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352] {cce665dd-f6dd-4808-968e-eaec971f70ef} - WhiteSmoke US Toolbar - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll [2011-05-09 176936] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-09-28 3627032] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784] "Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-05-16 3444736] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552] "dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P dellsupportcenter [] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296] "CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] "WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848] "OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-12-03 36864] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-03-19 4971024] "vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2014-09-28 2640408] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2008-01-02 405504] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-02-21 152392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912] "Facebook Update"=C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-05 138096] "MobileDocuments"=C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-05-08 18680424] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-08-06 447928] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup AutorunsDisabled McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Sien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup AutorunsDisabled Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe Dropbox.lnk - C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-29 10536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "vidc.DIVX"=DivX.dll "vidc.yv12"=yv12vfw.dll "VIDC.XVID"=xvidvfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-12-15 19:19:36 ----D---- C:\Program Files\trend micro 2014-12-15 19:19:35 ----D---- C:\rsit ======List of files/folders modified in the last 1 month====== 2014-12-15 19:19:36 ----D---- C:\Program Files 2014-12-15 19:19:31 ----D---- C:\Windows\Temp 2014-12-15 19:19:11 ----D---- C:\Windows\System32 2014-12-15 19:19:11 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-15 19:18:47 ----D---- C:\ProgramData\MFAData 2014-12-15 19:18:16 ----D---- C:\Users\Sien\AppData\Roaming\Dropbox 2014-12-15 19:14:07 ----D---- C:\Windows\inf 2014-12-14 18:50:24 ----D---- C:\ProgramData\CanonIJPLM 2014-12-14 18:47:49 ----D---- C:\Windows\Debug 2014-12-14 18:47:49 ----D---- C:\Windows 2014-12-14 18:35:05 ----HD---- C:\Windows\system32\GroupPolicyUsers 2014-12-14 18:31:58 ----SHD---- C:\$Recycle.Bin 2014-12-14 18:23:22 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-12-14 17:17:02 ----D---- C:\ProgramData\PCDr 2014-12-14 17:17:01 ----D---- C:\Program Files\My Dell 2014-12-14 17:16:38 ----D---- C:\Windows\system32\catroot 2014-12-14 17:16:27 ----D---- C:\Windows\system32\catroot2 2014-12-14 17:16:09 ----D---- C:\Windows\winsxs 2014-12-14 17:12:34 ----D---- C:\Windows\Prefetch 2014-12-14 16:51:02 ----SHD---- C:\Windows\Installer 2014-12-14 16:47:03 ----D---- C:\Windows\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-11-25 149272] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-02-12 277784] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-01 691696] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-25 120600] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-25 210712] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-01-19 22808] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-09-28 42784] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-27 32256] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-27 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-27 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192] R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-09-24 155136] R3 BCM43XX;Stuurprogramma voor de Dell draadloze WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-05-16 1044984] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-06-25 7110880] R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-12-03 235648] R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-12-03 7424] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2008-01-02 330240] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [] S3 amohfcxb;amohfcxb; C:\Windows\system32\drivers\amohfcxb.sys [] S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [] S3 dfg;dfg; C:\Windows\System32\DRIVERS\dfg.sys [2008-12-12 23552] S3 dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584] S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384] S3 Dot4Scan;Stuurprogramma voor scannerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-19 10752] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [] S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [] S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696] S3 WinUSB;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2008-01-02 73728] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-02-23 3782672] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 dlcg_device;dlcg_device; C:\Windows\system32\dlcgcoms.exe [2006-12-08 537480] R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-04-28 161048] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880] R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2008-01-02 102400] R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-09-28 1820184] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-05-16 24064] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288] S2 BasicScan Service;BasicScan Service; C:\Program Files\BasicScan\basicscan.exe C:\Program Files\BasicScan\basicscan.dll ihipudoye zovigori [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384] S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-07-29 16680] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------

Prima, dan lezen we het hier wel ...

In afwachting van de analyse van je logje mag je uiteraard als eens testen met een (ander) bedraad USB-toetsenbord.

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk. Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ... Download RSIT van de onderstaande locaties en sla deze op het bureaublad op. Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken. RSIT 32 bit (RSIT.exe) RSIT 64 bit (RSITx64.exe) Dubbelklik op RSIT.exe om de tool te starten. Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren. Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue" Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" . RSIT Logbestanden plaatsen Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit") Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt). Hoe u een bijlage kunt toevoegen aan het bericht leest u hier. De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk en word je sneller geholpen.