Ga naar inhoud

ameulenkamp

Lid
  • Items

    13
  • Registratiedatum

  • Laatst bezocht

ameulenkamp's prestaties

  1. Bedankt voor je hulp, maar hoe moet ik dat dan aanpassen in exel?
  2. Ik heb een Exelbestand met hierin o.a. een begin datum en een einddatum. Nu zou ik graag een melding krijgen, een aantal maanden voor de einddatum. Hoe moet dit? ('Hierin o.a.' toegevoegd want van een einddatum van een bestand had ik nog nooit gehoord )
  3. Beste mensen. Geweldig bedankt voor uw medewerking, want het probleem is met ESET opgelost.
  4. Ik heb in de veilige modus geprobeerd maar hetzelfde resultaat.
  5. Beste forumlid Ik heb de AdwCleaner uitgevoerd op mij computer zoals u het hebt aangegeven, maar er komt geen eind aan de Scan. Ik heb hem al 3uur draaien maar hij stopt niet, wat kan hiervan de oorzaak zijn?
  6. Beste forum lid De foutmelding is nog steeds aanwezig. mt.vr.gr. Fons
  7. Beste forum medewerker. Hierbij het resultaat. Zoek.exe v5.0.0.0 Updated 07-February-2014 Tool run by Fons on vr 07-02-2014 at 20:50:04,21. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fons\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-07-151950.log 71972 bytes ==== Creating Sample_07-02-2014_2102.zip ====================== Process iexplore.exe killed Copied file C:\Users\Fons\AppData\Roaming\loadit.exe to sample\loadit.exe sample\loadit.exe renamed to 4996855F8A9B110D4D47211E9072F526 C:\Users\Public\Desktop\sample_07-02-2014_2102.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Run] “okuoud.exe"=- "awelnu.exe"=- "jaujla.exe"=- "udbuja.exe"=- "sjawe.exe"=- "epweok.exe"=- "nuewab.exe"=- "ujpuel.exe"=- "oknuud.exe"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Allin1Convert_8h Browser Plugin Loader"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "okuoud.exe"=- "awelnu.exe"=- "jaujla.exe"=- "udbuja.exe"=- "sjawe.exe"=- "epweok.exe"=- "nuewab.exe"=- "ujpuel.exe"=- "oknuud.exe"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert EPM Support] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Home Page Guard 32 bit] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Search Scope Monitor] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive] ==== Deleting Files \ Folders ====================== C:\Users\Fons\AppData\Roaming\ujawke deleted C:\Users\Fons\AppData\Roaming\ewbuas deleted C:\Users\Fons\AppData\Roaming\epelnu deleted C:\Users\Fons\AppData\Roaming\elnude deleted C:\Windows\tasks\Torntv V6.0-chromeinstaller.job deleted C:\Windows\system32\tasks\Torntv V6.0-chromeinstaller deleted C:\Users\Fons\AppData\Roaming\loadit.exe deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [07-02-2014 19:06] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Fons\AppData\Roaming\Mozilla\Firefox\Profiles\sv3giimt.default BA2D1C9CD426FEA1DAE5A133BF6F3075 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) B0BB120C94262686B7772CA71CEBD364 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin B939F44C81A6C6B722E2AB19568733DE - C:\Program Files\phonostar-Player\npphonostarDetectNP.dll - phonostar Detector 4ABE7FADC6E7D30418638FEC7DDC79CA - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll - DYMO Label Framework 21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\browser\nppdf32.dll - Adobe Acrobat E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bmiabdepfhhiieiipmeecdmeljggmfee - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx[17-12-2013 04:49] dflinnddekagfkncpgojoppgnppfkbkj - C:\Program Files\Trend Micro\AMSP\module\20004\ChromeExt\chromeextension\TmNSCChromeExt.crx[10-07-2013 11:58] efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23-09-2012 20:43] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 15:24] Google Translate - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb Torntv V6.0 - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim TrendMicro BEP Extension - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee The Piratebay Forwarder - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\cloklogdjmmcmimeccogjmnebmjeolhn Trend Micro NSC Chrome Extension - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dflinnddekagfkncpgojoppgnppfkbkj Silver Bird - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic Facebook for Chrome - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp RealDownloader - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Adblock for Pirate Bay - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd Pirate Bay Search - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkhblhgagmibjakfdplikmkmobiield ==== Chrome Fix ====================== C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search" {8FE7D950-23AA-4643-88E7-5BB38E24249E} GenealogieOnline Url="Zoekresultaten » Genealogie Online" ==== Empty IE Cache ====================== C:\Users\Fons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Fons\AppData\Local\Mozilla\Firefox\Profiles\sv3giimt.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2013 folders=242 490492295 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Fons\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== EOF on vr 07-02-2014 at 21:10:46,26 ======================
  8. Beste forum leden. Hierbij het zoek resultaat. Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Fons on vr 07-02-2014 at 15:52:52,25. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fons\Downloads\zoek.exe [scan all users] [Checkboxes used] ==== System Restore Info ====================== 7-2-2014 15:55:11 Zoek.exe System Restore Point Created Succesfully. ==== Creating Sample_07-02-2014_1607.zip ====================== Process iexplore.exe killed Copied file C:\Users\Fons\AppData\Roaming\loadit.exe to sample\loadit.exe sample\loadit.exe renamed to 7A0244B2B9F5A61C26B68D2C7EA51EAB C:\Users\Public\Desktop\sample_07-02-2014_1607.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B560EC3F-0150-4D57-B9B4-B5FC5E91013C} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Windows\system32\Dwm.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbarsvc.exe C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\WinZip System Utilities Suite\WINZIPSSSystemProtector.exe C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\PRTG Network Monitor\PRTG Server.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\vds.exe C:\Windows\system32\conhost.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Windows\system32\conhost.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\phonostar-Player\phonostarTimer.exe C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe C:\Program Files\ScanWizard 5\ScannerFinder.exe C:\Users\Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe C:\Program Files\PRTG Network Monitor\PRTG Enterprise Console.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\PRTG Network Monitor\PRTG Probe.exe C:\Users\Fons\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\ntvdm.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k regsvc C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Allin1Convert_8hService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Allin1Convert_8hService deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Fons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinZip System Utilities Suite.lnk deleted C:\Users\Public\Desktop\WinZip System Utilities Suite.lnk deleted C:\Users\Fons\appdata\locallow\Allin1Convert_8h deleted C:\Users\Fons\AppData\Local\genienext deleted C:\Users\Fons\daemonprocess.txt deleted C:\Users\Fons\.android deleted C:\Program Files\Conduit deleted C:\Program Files\MyFree Codec deleted C:\Program Files\MyPC Backup deleted C:\Users\Fons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url deleted C:\Users\Fons\AppData\Roaming\newnext.me deleted C:\Users\Fons\AppData\Roaming\ValueApps deleted C:\Users\Fons\AppData\Roaming\ParetoLogic deleted C:\Users\Fons\AppData\Roaming\DriverCure deleted C:\ProgramData\Conduit deleted C:\ProgramData\ParetoLogic deleted C:\Users\Fons\AppData\Local\Mobogenie deleted C:\Users\Fons\AppData\Local\cache deleted C:\Users\Fons\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\Users\Fons\Downloads\tb_free_installer (1).exe deleted C:\Users\Fons\Downloads\SoftonicDownloader_voor_7-zip.exe deleted C:\Users\Fons\Downloads\SoftonicDownloader_voor_phonostar-player.exe deleted C:\Users\Fons\Downloads\SoftonicDownloader_voor_screenshot-captor.exe deleted C:\Users\Fons\AppData\LocalLow\PriceGong deleted C:\Users\Fons\AppData\LocalLow\Conduit deleted C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar deleted C:\Windows\system32\tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days deleted C:\Windows\tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job deleted C:\Windows\system32\tasks\WINZIPSS-WINZIPSSOneClickCare deleted C:\Windows\tasks\WINZIPSS-WINZIPSSOneClickCare.job deleted C:\Windows\system32\sasnative32.exe deleted C:\Windows\system32\roboot.exe deleted C:\Users\Fons\Documents\Mobogenie deleted C:\Users\Fons\AppData\Roaming\loadit.exe deleted "C:\Windows\System32\WPRO_41_2001woem.tmp" deleted "C:\Program Files\WinZip System Utilities Suite\asohtm.dll" deleted "C:\Program Files\WinZip System Utilities Suite\asores.dll" deleted "C:\Program Files\WinZip System Utilities Suite\aspcomm.dll" deleted "C:\Program Files\WinZip System Utilities Suite\mfc90u.dll" deleted "C:\Program Files\WinZip System Utilities Suite\Microsoft.Win32.TaskScheduler.dll" deleted "C:\Program Files\WinZip System Utilities Suite\msvcp90.dll" deleted "C:\Program Files\WinZip System Utilities Suite\msvcr90.dll" deleted "C:\Program Files\WinZip System Utilities Suite\System.Data.SQLite.dll" deleted "C:\Program Files\WinZip System Utilities Suite\unrar.dll" deleted "C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe" deleted "C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe" deleted "C:\Program Files\WinZip System Utilities Suite\WINZIPSSHelper.dll" deleted "C:\Program Files\WinZip System Utilities Suite\WINZIPSSSecureShell.dll" deleted "C:\Program Files\WinZip System Utilities Suite\WINZIPSSSystemProtector.exe" deleted "C:\Program Files\WinZip System Utilities Suite\wzpsssys.dll" deleted "C:\Program Files\WinZip System Utilities Suite\Xceed.Compression.dll" deleted "C:\Program Files\WinZip System Utilities Suite\Xceed.FileSystem.dll" deleted "C:\Program Files\WinZip System Utilities Suite\Xceed.Zip.dll" deleted "C:\Program Files\WinZip System Utilities Suite\xmllite.dll" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\T8RES.DLL" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin\T8RES.DLL" deleted "C:\Program Files\Allin1Convert_8h" deleted "C:\Program Files\WinZip System Utilities Suite" not deleted "C:\Program Files\Allin1Convert_8h" deleted "C:\Program Files\Allin1Convert_8h\bar" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin" deleted "C:\Program Files\Allin1Convert_8h\bar" deleted "C:\Program Files\Allin1Convert_8h\bar\1.bin" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601) Memory (RAM): 3550 MB CPU Info: Intel® Core2 Duo CPU E7500 @ 2.93GHz CPU Speed: 2985,6 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Display Adapters: Intel® G45/G43 Express Chipset (Microsoft Corporation - WDDM 1.1) | Intel® G45/G43 Express Chipset (Microsoft Corporation - WDDM 1.1) | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-5240S Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 232,3GB | D: 233,3GB Hard Disks - Free: C: 178,5GB | D: 139,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/24/09 | A_M_I_ - 8000924 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5QL-CM Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Trend Micro Titanium Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Trend Micro Titanium Internet Security disabled (Outdated) Default Browser: Google Chrome 32.0.1700.107 Internet Explorer Version: 11.0.9600.16476 Mozilla Firefox version: 26.0 (x86 nl) Google Chrome version: 32.0.1700.107 Flash Player version: 11.7.700.224 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-01-20 09:07:03 E40041E0CA436C712332EDAA9DB7DF08 286720 ------w- C:\Windows\Setup1.exe 2014-01-20 09:07:02 996F83E516552CA3B51445BB994A6D38 73216 ----a-w- C:\Windows\ST6UNST.EXE ====== C:\Users\Fons\AppData\Local\Temp ==== 2014-01-28 18:07:34 ECA0A1B9869AF0EE9D28BEC3A13F270B 7877632 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtWebKit4.dll 2014-01-28 18:07:33 FCF71EB3367B39EDE69F60C6297BA6D3 1392312 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\Leap.dll 2014-01-28 18:07:33 FCF71EB3367B39EDE69F60C6297BA6D3 1392312 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\Leap.dll 2014-01-28 18:07:33 ECA0A1B9869AF0EE9D28BEC3A13F270B 7877632 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtWebKit4.dll 2014-01-28 18:07:33 E3C817F7FE44CC870ECDBCBC3EA36132 421200 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll 2014-01-28 18:07:33 E3C817F7FE44CC870ECDBCBC3EA36132 421200 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll 2014-01-28 18:07:33 C469CE60EE54CF6604E9859C6DC31BC8 59392 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll 2014-01-28 18:07:33 C469CE60EE54CF6604E9859C6DC31BC8 59392 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libEGL.dll 2014-01-28 18:07:33 BF38660A9125935658CFA3E53FDC7D65 773968 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll 2014-01-28 18:07:33 BF38660A9125935658CFA3E53FDC7D65 773968 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll 2014-01-28 18:07:33 B754524BC1770F2DC2C634DD56A794DA 18944 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll 2014-01-28 18:07:33 B754524BC1770F2DC2C634DD56A794DA 18944 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\imageformats\qgif4.dll 2014-01-28 18:07:33 AB46B5ED48D5D6CFB8108F9A9668F72C 6174208 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtGui4.dll 2014-01-28 18:07:33 AB46B5ED48D5D6CFB8108F9A9668F72C 6174208 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtGui4.dll 2014-01-28 18:07:33 A725A2C0DD788A02A32BDE1DD9C72880 1777664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtCore4.dll 2014-01-28 18:07:33 A725A2C0DD788A02A32BDE1DD9C72880 1777664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtCore4.dll 2014-01-28 18:07:33 A4C63C679F9726858DDCFC48B70B2FC5 519168 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll 2014-01-28 18:07:33 A4C63C679F9726858DDCFC48B70B2FC5 519168 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libGLESv2.dll 2014-01-28 18:07:33 7301C1E86530ABAC37A34185B7B28CBF 290816 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGUtils.dll 2014-01-28 18:07:33 7301C1E86530ABAC37A34185B7B28CBF 290816 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGUtils.dll 2014-01-28 18:07:33 6FD84FAA5E911290B691C202B4E3642D 1405952 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll 2014-01-28 18:07:33 63FC0E0BB048DA44C35CDA51598C74BB 885248 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll 2014-01-28 18:07:33 5B92CB0A3EEE50F6B9AE036B4F9B0F0C 923648 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll 2014-01-28 18:07:33 4E4629F35DF9274D40A32375537EF327 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll 2014-01-28 18:07:33 20AB4A282C807E95374E36CC52E520BD 518656 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtNetwork4.dll 2014-01-28 18:07:33 20AB4A282C807E95374E36CC52E520BD 518656 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtNetwork4.dll 2014-01-28 18:07:33 0F739BF9F4ACF621CB0348EEDE3B1061 158208 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll 2014-01-28 18:07:33 0F739BF9F4ACF621CB0348EEDE3B1061 158208 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\imageformats\qjpeg4.dll 2014-01-28 18:07:32 61572891377238DE88D219ECFC648225 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGSg.dll 2014-01-28 18:07:32 61572891377238DE88D219ECFC648225 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll 2014-01-28 18:07:32 61572891377238DE88D219ECFC648225 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGSg.dll 2014-01-28 18:07:32 61572891377238DE88D219ECFC648225 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGSg.dll 2014-01-28 18:07:32 5562D0C6D78A5EB832F34DB71D77A210 1050624 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGOpt.dll 2014-01-28 18:07:32 5562D0C6D78A5EB832F34DB71D77A210 1050624 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGOpt.dll 2014-01-28 18:07:32 4E4629F35DF9274D40A32375537EF327 1393664 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGSg.dll 2014-01-28 18:07:32 3F07CB6466279A809A2A9977784B6C18 145408 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll 2014-01-28 18:07:32 3F07CB6466279A809A2A9977784B6C18 145408 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll 2014-01-28 18:07:32 2AE5771C4C414316B22165D26F4CD971 3105280 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll 2014-01-28 18:07:32 2ADDE7A820E75DF261DA622CD7FA6DCF 631808 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGMath.dll 2014-01-28 18:07:32 2ADDE7A820E75DF261DA622CD7FA6DCF 631808 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGMath.dll 2014-01-28 18:07:31 C35243A826964A115500B6B301F606E1 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll 2014-01-28 18:07:31 C35243A826964A115500B6B301F606E1 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGAttrs.dll 2014-01-28 18:07:31 6DD0A58C130A79D7C4D5783631F615D8 1224192 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGCore.dll 2014-01-28 18:07:31 6DD0A58C130A79D7C4D5783631F615D8 1224192 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGCore.dll 2014-01-28 18:07:31 6B4CD508390953D6EC8D540DC7CEBB77 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGAttrs.dll 2014-01-28 18:07:31 6B4CD508390953D6EC8D540DC7CEBB77 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll 2014-01-28 18:07:31 6B4CD508390953D6EC8D540DC7CEBB77 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGAttrs.dll 2014-01-28 18:07:31 6B4CD508390953D6EC8D540DC7CEBB77 751104 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGAttrs.dll 2014-01-28 18:07:31 4475305A7F73EB8AE47E3B73C08E3DB4 3148288 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGGfx.dll 2014-01-28 18:07:31 4475305A7F73EB8AE47E3B73C08E3DB4 3148288 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll 2014-01-28 18:07:31 4475305A7F73EB8AE47E3B73C08E3DB4 3148288 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGGfx.dll 2014-01-28 18:07:31 4475305A7F73EB8AE47E3B73C08E3DB4 3148288 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGGfx.dll 2014-01-28 18:07:31 360B5E2C91140CCA141B5CF51969F5B0 9843200 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\icudt.dll 2014-01-28 18:07:31 2FBB97BD0DD258E1DDF093682B929DA6 726016 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGExportCommon.dll 2014-01-28 18:07:31 2FBB97BD0DD258E1DDF093682B929DA6 726016 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGExportCommon.dll 2014-01-28 18:07:31 2AE5771C4C414316B22165D26F4CD971 3105280 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGGfx.dll 2014-01-28 18:07:30 5F22869442F9B6BB9918D403E14DF9D5 17652224 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll 2014-01-28 18:07:30 360B5E2C91140CCA141B5CF51969F5B0 9843200 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\icudt.dll 2014-01-28 18:07:29 D1F060242851EE7F5407359D2F8CF3B7 15872 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemyext.dll 2014-01-28 18:07:29 D1F060242851EE7F5407359D2F8CF3B7 15872 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemyext.dll 2014-01-28 18:07:29 A9BFB5A8A75FA0D3C0CAF9BE03D51802 86528 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll 2014-01-28 18:07:29 A9BFB5A8A75FA0D3C0CAF9BE03D51802 86528 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll 2014-01-28 18:07:29 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll 2014-01-28 18:07:29 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\d3dx9_43.dll 2014-01-28 18:07:29 6A9B8D02C6EBF22ED5AEAC9ACF193967 1207296 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\GoogleEarth.exe 2014-01-28 18:07:29 5F22869442F9B6BB9918D403E14DF9D5 17652224 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll 2014-01-28 18:07:29 52347385EB760EAF8B1C56A1EB59C5B1 18944 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll 2014-01-28 18:07:29 52347385EB760EAF8B1C56A1EB59C5B1 18944 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthps.dll 2014-01-28 18:07:29 479D8C124562F49C83FC9150635962E9 208384 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe 2014-01-28 18:07:29 479D8C124562F49C83FC9150635962E9 208384 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe 2014-01-28 18:07:29 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll 2014-01-28 18:07:29 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\D3DCompiler_43.dll 2014-01-28 18:07:29 10840B6059E7FBB29BF0787B00FD0E12 301056 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe 2014-01-28 18:07:28 EE6719E48BF2E094683B05655AE7A024 1319936 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\Google Earth.msi 2014-01-28 18:07:28 2B30226A9C3A529BC98F0D1AFCC27333 51712 ----a-w- C:\Users\Fons\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe 2014-01-28 16:10:34 60610E5F78A1327982CC2AA0D0841DC0 17496456 ----a-w- C:\Users\Fons\AppData\Local\Temp\pc-suite-setup.exe ====== C:\Windows\system32 ===== 2014-02-07 10:50:44 509DDAE12A61D4AA6B7972D0C4430D97 96784 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmpsearch ====== C:\Windows\system32\drivers ===== 2014-02-07 14:44:12 47CC68138DADC5A0680ACDEDC7A924CF 35088 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2014-01-28 17:30:26 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-16 09:19:23 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-16 09:19:22 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-16 09:19:22 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-16 09:19:22 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-16 09:19:22 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-16 09:19:22 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-16 09:19:22 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-16 09:19:22 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-11 10:22:44 D14960E39B570AAB8C58EC54A94D217D 186952 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys 2014-01-11 10:22:43 828BD9826072BC10A20093BE4CD560F3 51784 ----a-w- C:\Windows\System32\drivers\eubakup.sys 2014-01-11 10:22:43 52D87663A265D135CF8F0E76A427C2FD 15944 ----a-w- C:\Windows\System32\drivers\eudskacs.sys 2014-01-11 10:22:42 994A95AD44D20D32D8C81D7AA16D3DB4 41544 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys ====== C:\Windows\Tasks ====== 2014-02-06 20:38:49 F66C4AE0128EEA1CFFA8B3D67A712C1B 3116 ----a-w- C:\Windows\system32\Tasks\WSUS-System Protector_startup 2014-01-28 18:11:16 ACB93B2B0B9357F6523465DFD826A278 3346 ----a-w- C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001 2014-01-28 18:11:13 9102268F815A6C24EE9A4E52E7FE2006 3366 ----a-w- C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001 2014-01-27 17:31:10 0660DF2A05842A0A8FF0C178E26A751B 3324 ----a-w- C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001 2014-01-26 16:51:46 001BBE6749E9C4F35266368ECDE3EC52 3486 ----a-w- C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-Fons-PC-Fons ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-02 16:27:53 -------- d-----w- C:\Program Files\WinZip System Utilities Suite 2014-02-02 16:00:38 -------- d-----w- C:\Program Files\WinZip 2014-01-29 17:58:11 -------- d-----w- C:\Program Files\Musitek 2014-01-28 18:01:52 -------- d-----w- C:\Program Files\VideoLAN 2014-01-28 18:01:37 -------- d-----w- C:\Program Files\eMule 2014-01-28 18:01:27 -------- d-----w- C:\Program Files\VS Revo Group 2014-01-28 18:01:18 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2014-01-26 17:15:34 -------- d-----w- C:\Program Files\TweakBit 2014-01-20 09:07:19 -------- d-----w- C:\Program Files\Dialexicon 2014-01-17 18:23:44 -------- d-----w- C:\Program Files\Greenshot 2014-01-14 17:31:47 -------- d-----w- C:\Program Files\Winamp 2014-01-11 10:19:36 -------- d-----w- C:\Program Files\EaseUS ======= C: ===== 2014-02-02 16:58:52 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\StartUpManager_scandataOUTPUT.xml 2014-02-02 16:58:51 50A3353C0F4F50EF30DC10E8B19B3243 5634 ----a-w- C:\StartUpManager_scandataINPUT.xml 2014-01-14 17:32:05 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS 2014-01-14 17:32:05 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS 2014-01-11 12:03:05 4C9B20B5C39798A54E000842E8A10445 4096 --sha-w- C:\{06FD95A0-5002-4C9A-8891-3B7978EA55CA}.CBM 2014-01-11 11:39:10 D442C87E5055F3EAE363F24A76F04702 476672 --sha-w- C:\EUMONBMP.SYS ====== C:\Users\Fons\AppData\Roaming ====== 2014-02-02 16:36:35 -------- d-----w- C:\Users\Fons\AppData\Roaming\WinZip 2014-02-02 16:01:31 -------- d-----w- C:\Users\Fons\AppData\Local\WinZip 2014-01-29 09:14:51 -------- d-----w- C:\Users\Fons\AppData\Roaming\ujawke 2014-01-29 09:13:04 -------- d-----w- C:\Users\Fons\AppData\Roaming\ewbuas 2014-01-29 09:01:36 -------- d-----w- C:\Users\Fons\AppData\Roaming\epelnu 2014-01-29 09:01:03 -------- d-----w- C:\Users\Fons\AppData\Roaming\elnude 2014-01-28 18:51:35 -------- d-----w- C:\Users\Fons\AppData\Local\Mozilla 2014-01-28 18:01:27 -------- d-----w- C:\Users\Fons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-01-26 16:57:04 -------- d-----w- C:\Users\Fons\AppData\Local\Diagnostics 2014-01-26 16:01:15 -------- d-----w- C:\Users\Fons\AppData\Roaming\No Company Name 2014-01-24 17:42:40 CE54B9B341D1CA852910E1E5169C00B7 58 ----a-w- C:\Users\Fons\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat 2014-01-24 17:42:40 -------- d-----w- C:\Users\Fons\AppData\Roaming\DonationCoder 2014-01-14 17:31:47 -------- d-----w- C:\Users\Fons\AppData\Roaming\Winamp ====== C:\Users\Fons ====== 2014-02-06 19:56:31 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Fons\Downloads\RSIT.exe 2014-02-02 16:28:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip System Utilities Suite 2014-02-02 16:00:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-02-01 13:49:17 -------- d-----w- C:\ProgramData\WinZip 2014-02-01 13:48:07 85BE8E2F3473441E72FFB10789B7DF0F 14166656 ----a-w- C:\Users\Fons\Downloads\wzsus18.exe 2014-01-29 18:09:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartScore X2 Pro 2014-01-28 18:08:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-01-28 18:02:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-01-28 18:01:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule 2014-01-28 18:01:20 -------- d-----w- C:\ProgramData\Mozilla 2014-01-28 18:00:36 EDCAFA798D6BA668D54C64DB3384AB52 265752 ----a-w- C:\Users\Fons\Downloads\Ninite 7Zip Chrome Firefox Google Earth Greenshot Installer.exe 2014-01-26 17:15:44 -------- d-----w- C:\ProgramData\TweakBit 2014-01-26 17:15:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit 2014-01-26 17:14:59 F4805CA813F12E6AF9AE36C7FE79547A 14802656 ----a-w- C:\Users\Fons\Downloads\pc-speed-up-setup.exe 2014-01-20 09:07:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dialexicon 2014-01-17 18:23:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot 2014-01-14 17:32:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-01-11 10:22:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 6.1 ====== C: exe-files == 2014-02-07 14:44:50 4336FBC3A8A75922456D194391A5999C 36528344 ----a-w- C:\Program Files\Google\Update\Install\{ED13EE1C-75C7-40A4-8645-502DBF88087F}\32.0.1700.107_chrome_installer.exe 2014-02-07 14:44:48 4336FBC3A8A75922456D194391A5999C 36528344 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_chrome_installer.exe 2014-02-07 10:49:52 6DF2A0656058A87DD0816E1BAF38B206 25624 ------w- C:\Program Files\Trend Micro\AMSP\module\10012\1.7.1008\1.7.1008\DREBoot.exe 2014-02-07 10:49:51 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ------w- C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmExtIns.exe 2014-02-07 10:49:51 A640306D84D986E40256ADCBA9A9F5A2 54296 ------w- C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmopHookMgrHelper32.exe 2014-02-07 10:49:49 F0256DB33C5B7BF4251DE5290F9892F0 14872 ------w- C:\Program Files\Trend Micro\AMSP\module\10017\2.2.1045\2.2.1045\CheckUI.exe 2014-02-06 20:29:58 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe 2014-02-06 19:56:31 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Fons\Downloads\RSIT.exe 2014-02-06 19:45:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Fons.exe 2014-02-02 16:08:57 4DFB1F866A02D338E3B60002C96EA34B 14268880 ----a-r- C:\Users\Fons\Downloads\WinZip System Utilities Suite 2.0.648.14990 Final Multilanguage - SceneDL (PimpRG)\WinZipSystemUtilitiesSuite.exe 2014-02-02 16:08:05 8DB6AED096DF2B69945F2C62973D8063 19264130 ----a-r- C:\Users\Fons\Downloads\WinZip System Utilities Suite v2.0.648.14990 + Crack [ChattChitto RG]\WinZip System Utilities Suite v2.0.648.14990 + Crack [ChattChitto RG].exe 2014-02-02 15:50:18 B3CA16C61AD26A1006C888910B1905C5 12504936 ----a-w- C:\Users\Fons\Downloads\WinZip Pro 18 Build 10661 [x86x64] DC 12.12.13+Key-Lz0\CRACK\64BIT\WINZIP64.EXE 2014-02-02 15:50:14 9D1420902A7BC23D2321ED076C475410 10295656 ----a-w- C:\Users\Fons\Downloads\WinZip Pro 18 Build 10661 [x86x64] DC 12.12.13+Key-Lz0\CRACK\32BIT\WINZIP32.EXE 2014-02-01 13:48:07 85BE8E2F3473441E72FFB10789B7DF0F 14166656 ----a-w- C:\Users\Fons\Downloads\wzsus18.exe === C: other files == 2014-02-07 15:08:18 BBAA3D0301391D8C620F962439D155A2 14297 ----a-w- C:\Users\Public\Desktop\sample_07-02-2014_1607.zip 2014-02-07 14:50:39 56F21B384E4FF2BB285424DF67737FF8 8688 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1671update.zip 2014-02-07 14:44:12 47CC68138DADC5A0680ACDEDC7A924CF 35088 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2014-02-07 10:50:38 15FD4DD5B389EAC280A9242F980C7835 15070 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1670update.zip 2014-02-07 10:49:52 11AEBCD1166F484CB93617BB6F9F5AD7 312148 ------w- C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx 2014-02-07 10:49:51 EE80A6D966630DF258A0E4179FA05F10 151308 ------w- C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\ChromeExtension\tmNSCchromeExt.crx 2014-02-06 13:26:43 8AB174E3490A7AEEB29DF18AAFA28264 24435 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1669update.zip 2014-02-06 13:26:43 8034A8F0F1C2A6D4B0553021127196B0 30250 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1668update.zip 2014-02-05 18:01:33 F51F666E95F689D5A46ECCF2FBCB36E3 13819902 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\ElementsCameraRaw8.0All\Assets1_1.zip 2014-02-05 18:01:13 02A688BF0EC5B20FFD94D3CC8A44FDDC 252 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\PSE12STIInstaller\Assets1_1.zip 2014-02-05 18:01:12 DAB69C9561342FA47A83CA6AC3A5B8F7 740 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\SupportFiles\payloads\PSE12AMTLibSupport\Assets1_1.zip 2014-02-05 18:01:12 08A359E831B5DFF9D725B76026560E38 717 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\ElementsOrganizer\SupportFiles\payloads\EO12AMTLibSupport\Assets1_1.zip 2014-02-05 18:00:35 1C86F49CDCA28773CFE78C817246F3CB 14535520 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\ElementsCameraRaw8.0All-x64\Assets1_1.zip 2014-02-05 18:00:32 48181888C1B1A3009C892FFCFAEE6975 114265531 ----a-r- C:\Users\Fons\Downloads\Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\AdobeCameraRawProfile8.0All\Assets1_1.zip 2014-02-05 15:30:07 CF33F46A41237540C5B5F352AC9C4508 1484 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1665update.zip 2014-02-05 15:30:07 3F83470E5B4C337A46F8A288732AF454 58459 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1666update.zip 2014-02-05 15:30:07 2428D64A753C593BCDBE759030F2E608 44550 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1667update.zip 2014-02-05 15:30:04 3D042A26739B843AE416ADE9DD343C2D 16045039 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1664mupdate.zip 2014-02-05 15:30:02 BBE9229D5C64DB6A669C0B0618725E40 12472047 ----a-w- C:\ProgramData\WinZip\System Protector\updates\1545completedatabase.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "OV3_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "phonostar-PlayerTimer"="C:\Program Files\phonostar-Player\phonostarTimer.exe" "okuoud.exe"="C:\Users\Fons\AppData\Roaming\elnude\\okuoud.exe" "awelnu.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\awelnu.exe" "jaujla.exe"="C:\Users\Fons\AppData\Roaming\epelnu\\jaujla.exe" "udbuja.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\udbuja.exe" "sjawe.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\sjawe.exe" "epweok.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\epweok.exe" "nuewab.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\nuewab.exe" "ujpuel.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\ujpuel.exe" "oknuud.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\oknuud.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "OV3_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe /OS" "itype"="c:\Program Files\Microsoft IntelliType Pro\itype.exe" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "Trend Micro Client Framework"="C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" "EaseUs Tray"="C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe" "Allin1Convert_8h Browser Plugin Loader"="C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe" "EaseUs Watch"="C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe" "EaseUs TB Tray Agent"="C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe" "TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "OV3_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "phonostar-PlayerTimer"="C:\Program Files\phonostar-Player\phonostarTimer.exe" "okuoud.exe"="C:\Users\Fons\AppData\Roaming\elnude\\okuoud.exe" "awelnu.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\awelnu.exe" "jaujla.exe"="C:\Users\Fons\AppData\Roaming\epelnu\\jaujla.exe" "udbuja.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\udbuja.exe" "sjawe.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\sjawe.exe" "epweok.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\epweok.exe" "nuewab.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\nuewab.exe" "ujpuel.exe"="C:\Users\Fons\AppData\Roaming\ujawke\\ujpuel.exe" "oknuud.exe"="C:\Users\Fons\AppData\Roaming\ewbuas\\oknuud.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Acrobat 11.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert EPM Support] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Allin1Convert EPM Support" "hkey"="HKLM" "command"="\"C:\\PROGRA~1\\ALLIN1~2\\bar\\1.bin\\8hmedint.exe\" T8EPMSUP.DLL,S" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Home Page Guard 32 bit] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Allin1Convert Home Page Guard 32 bit" "hkey"="HKLM" "command"="\"C:\\PROGRA~1\\ALLIN1~2\\bar\\1.bin\\AppIntegrator.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Search Scope Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Allin1Convert Search Scope Monitor" "hkey"="HKLM" "command"="\"C:\\PROGRA~1\\ALLIN1~2\\bar\\1.bin\\8hsrchmn.exe\" /m=2 /w /h" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Everything] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Everything" "hkey"="HKLM" "command"="\"C:\\Program Files\\Everything\\Everything.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Greenshot] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Greenshot" "hkey"="HKLM" "command"="C:\\Program Files\\Greenshot\\Greenshot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KeePass 2 PreLoad] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KeePass 2 PreLoad" "hkey"="HKLM" "command"="\"C:\\Program Files\\KeePass Password Safe 2\\KeePass.exe\" --preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NextLive" "hkey"="HKCU" "command"="C:\\Windows\\system32\\rundll32.exe \"C:\\Users\\Fons\\AppData\\Roaming\\newnext.me\\nengine.dll\",EntryPoint -m l" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PCSpeedUp" "hkey"="HKCU" "command"="C:\\Program Files\\PC Speed Up\\PCSUNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\phonostar-PlayerTimer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="phonostar-PlayerTimer" "hkey"="HKCU" "command"="\"C:\\Program Files\\phonostar-Player\\phonostarTimer.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\phonostarTimer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="phonostarTimer" "hkey"="HKCU" "command"="C:\\Program Files\\phonostar-Player\\phonostarTimer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files\\Real\\RealPlayer\\update\\realsched.exe\" -osboot" ==== Startup Folders ====================== 2014-01-29 11:02:44 1515 ----a-w- C:\Users\Fons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk 2014-02-06 20:34:32 2096 ----a-w- C:\Users\Fons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PRTG Enterprise Console.lnk 2014-01-28 16:04:16 2040 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 2014-01-26 17:28:25 1924 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-08-2013 15:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-08-2013 15:55] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Fons-PC-Fons" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "RoboForm Tutorials"] "C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2139244297-3979779918-2535287518-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2139244297-3979779918-2535287518-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2139244297-3979779918-2535287518-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\Run RoboForm Process" [C:\Users\Fons\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe] "C:\Windows\system32\tasks\Titanium BTC" [C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe] "C:\Windows\system32\tasks\WSUS-System Protector_startup" [C:\Program Files\WinZip System Utilities Suite\WINZIPSSSystemProtector.exe] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [12-12-2013 09:36] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Fons\AppData\Roaming\Mozilla\Firefox\Profiles\sv3giimt.default 3A9E1940B4459CC97FDCBB24FCB69004 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin B939F44C81A6C6B722E2AB19568733DE - C:\Program Files\phonostar-Player\npphonostarDetectNP.dll - phonostar Detector 4ABE7FADC6E7D30418638FEC7DDC79CA - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll - DYMO Label Framework 21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\browser\nppdf32.dll - Adobe Acrobat E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bmiabdepfhhiieiipmeecdmeljggmfee - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx[17-12-2013 04:49] dflinnddekagfkncpgojoppgnppfkbkj - C:\Program Files\Trend Micro\AMSP\module\20004\ChromeExt\chromeextension\TmNSCChromeExt.crx[10-07-2013 11:58] efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23-09-2012 20:43] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 15:24] Google Translate - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb Google Docs - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo TrendMicro BEP Extension - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee The Piratebay Forwarder - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\cloklogdjmmcmimeccogjmnebmjeolhn Google Search - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Trend Micro NSC Chrome Extension - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dflinnddekagfkncpgojoppgnppfkbkj Adobe Acrobat - Create PDF - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Silver Bird - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic Facebook for Chrome - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp RealDownloader - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Adblock for Pirate Bay - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd Spell Checker for Chrome - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg My Browser Page - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg Pirate Bay Search - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkhblhgagmibjakfdplikmkmobiield Value apps - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon Google Wallet - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage deleted successfully C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search" {8FE7D950-23AA-4643-88E7-5BB38E24249E} GenealogieOnline Url="Zoekresultaten » Genealogie Online" {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_USERS\S-1-5-21-2139244297-3979779918-2535287518-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_CLASSES_ROOT\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert EPM Support deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Home Page Guard 32 bit deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Search Scope Monitor deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp deleted successfully ==== HijackThis Entries ====================== C:\Users\Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [OV3_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe" /OS O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [EaseUs Tray] "C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe" O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe" O4 - HKLM\..\Run: [EaseUs TB Tray Agent] "C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [OV3_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" O4 - HKCU\..\Run: [] C:\Users\Fons\AppData\Roaming\epelnu\\ O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [phonostar-PlayerTimer] "C:\Program Files\phonostar-Player\phonostarTimer.exe" O4 - HKCU\..\Run: [okuoud.exe] C:\Users\Fons\AppData\Roaming\elnude\\okuoud.exe O4 - HKCU\..\Run: [awelnu.exe] C:\Users\Fons\AppData\Roaming\ujawke\\awelnu.exe O4 - HKCU\..\Run: [jaujla.exe] C:\Users\Fons\AppData\Roaming\epelnu\\jaujla.exe O4 - HKCU\..\Run: [udbuja.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\udbuja.exe O4 - HKCU\..\Run: [sjawe.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\sjawe.exe O4 - HKCU\..\Run: [epweok.exe] C:\Users\Fons\AppData\Roaming\ujawke\\epweok.exe O4 - HKCU\..\Run: [nuewab.exe] C:\Users\Fons\AppData\Roaming\ujawke\\nuewab.exe O4 - HKCU\..\Run: [ujpuel.exe] C:\Users\Fons\AppData\Roaming\ujawke\\ujpuel.exe O4 - HKCU\..\Run: [oknuud.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\oknuud.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: AutoStarter.lnk = Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe O4 - Startup: PRTG Enterprise Console.lnk = C:\Program Files\PRTG Network Monitor\PRTG Enterprise Console.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Active File Monitor V12 (AdobeActiveFileMonitor12.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PRTG Core Server Service (PRTGCoreService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Server.exe O23 - Service: PRTG Probe Service (PRTGProbeService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Probe.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WINZIPSSDiskOptimizer - Unknown owner - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Users\Fons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Fons\AppData\Local\Mozilla\Firefox\Profiles\sv3giimt.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fons\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1928 folders=227 199700705 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Fons\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Fons\AppData\Local\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\System32\WPRO_41_2001woem.tmpsearch" not found "C:\Program Files\WinZip System Utilities Suite" not found ==== EOF on vr 07-02-2014 at 16:19:50,30 ======================
  9. Beste forum leden. Hier het gevraagde RSI 32 bits log bestand. Logfile of random's system information tool 1.09 (written by random/random) Run by Fons at 2014-02-06 20:57:23 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 173 GB (73%) free of 238 GB Total RAM: 3549 MB (43% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:57:42, on 6-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\phonostar-Player\phonostarTimer.exe C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe C:\Program Files\ScanWizard 5\ScannerFinder.exe C:\Users\Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe C:\Program Files\Microsoft Office\Office15\MsoSync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe C:\Program Files\PrivaZer\privazer.exe C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\explorer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Fons\Downloads\RSIT.exe C:\Program Files\trend micro\Fons.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbar.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file) O3 - Toolbar: Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbar.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [OV3_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe" /OS O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [EaseUs Tray] "C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe" O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe" O4 - HKLM\..\Run: [EaseUs TB Tray Agent] "C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [OV3_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" O4 - HKCU\..\Run: [] C:\Users\Fons\AppData\Roaming\epelnu\\ O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [phonostar-PlayerTimer] "C:\Program Files\phonostar-Player\phonostarTimer.exe" O4 - HKCU\..\Run: [okuoud.exe] C:\Users\Fons\AppData\Roaming\elnude\\okuoud.exe O4 - HKCU\..\Run: [awelnu.exe] C:\Users\Fons\AppData\Roaming\ujawke\\awelnu.exe O4 - HKCU\..\Run: [jaujla.exe] C:\Users\Fons\AppData\Roaming\epelnu\\jaujla.exe O4 - HKCU\..\Run: [udbuja.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\udbuja.exe O4 - HKCU\..\Run: [sjawe.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\sjawe.exe O4 - HKCU\..\Run: [epweok.exe] C:\Users\Fons\AppData\Roaming\ujawke\\epweok.exe O4 - HKCU\..\Run: [nuewab.exe] C:\Users\Fons\AppData\Roaming\ujawke\\nuewab.exe O4 - HKCU\..\Run: [ujpuel.exe] C:\Users\Fons\AppData\Roaming\ujawke\\ujpuel.exe O4 - HKCU\..\Run: [oknuud.exe] C:\Users\Fons\AppData\Roaming\ewbuas\\oknuud.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: AutoStarter.lnk = Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Active File Monitor V12 (AdobeActiveFileMonitor12.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Allin1ConvertService (Allin1Convert_8hService) - COMPANYVERS_NAME - C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbarsvc.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PRTG Core Server Service (PRTGCoreService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Server.exe O23 - Service: PRTG Probe Service (PRTGProbeService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Probe.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- End of file - 13155 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job C:\Windows\tasks\WINZIPSS-WINZIPSSOneClickCare.job =========Mozilla firefox========= ProfilePath - C:\Users\Fons\AppData\Roaming\Mozilla\Firefox\Profiles\sv3giimt.default "web2pdfextension@web2pdf.adobedotcom"=C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn "tmbepff@trendmicro.com"=C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\firefoxextension "{22C7F6C6-8D67-4534-92B5-529A0EC09405}"=C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ "{22181a4d-af90-4ca3-a569-faed9118d6bc}"=C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension "{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.7.700.224 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin] "Description"=Allin1Convert Plugin "Path"=C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@dymo.com/DymoLabelFramework] "Description"=DYMO Label Framework Plugin "Path"=C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51] "Description"=RealPlayer LiveConnect-Enabled Plug-In "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3] "Description"=RealNetworks RealDownloader Chrome Background Extension Plug-In "Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3] "Description"=RealNetworks RealDownloader HTML5VideoShim Plug-In "Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3] "Description"=RealNetworks RealDownloader Peppe rFlash Video Shim Plug-In "Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51] "Description"=RealPlayer Download Plugin "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1] "Description"=RealDownloader Plugin "Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll C:\Program Files\Mozilla Firefox\plugins\ npMeetingJoinPluginOC.dll nppdf32.NLD ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}] TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll [2013-07-10 332824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-10-17 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}] Search Assistant BHO - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2014-01-23 140360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-12 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 705240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}] TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll [2013-12-17 1376792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 1727176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] Toolbar BHO - C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbar.dll [2014-01-23 859720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-12 194128] {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} {cd1a63ba-a08c-431b-9a34-f240aadc728d} - Allin1Convert - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-01-23 859720] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080] "OV3_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [2013-07-29 55656] "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640] "KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152] "Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2013-10-09 143792] "EaseUs Tray"=C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe [2013-09-04 1372232] "Allin1Convert_8h Browser Plugin Loader"=C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe [2014-01-23 61512] "EaseUs Watch"=C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe [2013-09-04 70728] "EaseUs TB Tray Agent"=C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe [2013-09-04 253512] "TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-12-12 295512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] "OV3_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [2013-07-29 420200] ""=C:\Users\Fons\AppData\Roaming\epelnu\\ [] "KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-12-11 1564528] "KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-08-25 39408] "phonostar-PlayerTimer"=C:\Program Files\phonostar-Player\phonostarTimer.exe [2013-04-25 42496] "okuoud.exe"=C:\Users\Fons\AppData\Roaming\elnude\\okuoud.exe [2013-12-26 72513080] "awelnu.exe"=C:\Users\Fons\AppData\Roaming\ujawke\\awelnu.exe [] "jaujla.exe"=C:\Users\Fons\AppData\Roaming\epelnu\\jaujla.exe [] "udbuja.exe"=C:\Users\Fons\AppData\Roaming\ewbuas\\udbuja.exe [2013-12-26 72513080] "sjawe.exe"=C:\Users\Fons\AppData\Roaming\ewbuas\\sjawe.exe [] "epweok.exe"=C:\Users\Fons\AppData\Roaming\ujawke\\epweok.exe [2013-12-26 72513080] "nuewab.exe"=C:\Users\Fons\AppData\Roaming\ujawke\\nuewab.exe [] "ujpuel.exe"=C:\Users\Fons\AppData\Roaming\ujawke\\ujpuel.exe [] "oknuud.exe"=C:\Users\Fons\AppData\Roaming\ewbuas\\oknuud.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert EPM Support] C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hmedint.exe [2014-01-23 12872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Home Page Guard 32 bit] C:\PROGRA~1\ALLIN1~2\bar\1.bin\AppIntegrator.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Search Scope Monitor] C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hsrchmn.exe [2014-01-23 55368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Everything] C:\Program Files\Everything\Everything.exe [2009-03-13 602624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Greenshot] C:\Program Files\Greenshot\Greenshot.exe [2013-12-12 495616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe [2013-11-03 2065408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive] C:\Users\Fons\AppData\Roaming\newnext.me\nengine.dll [2013-11-14 1283584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] C:\Program Files\PC Speed Up\PCSUNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\phonostar-PlayerTimer] C:\Program Files\phonostar-Player\phonostarTimer.exe [2013-04-25 42496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\phonostarTimer] C:\Program Files\phonostar-Player\phonostarTimer.exe [2013-04-25 42496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-08-25 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-12-12 295512] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe C:\Users\Fons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup AutoStarter.lnk - C:\Users\Fons\Documents\Usenext\wizard\Musitek SmartScore X2 Professional Edition v10 - R (2)\Musitek_SmartScore_X2_Professional_Edition_v10.5.4-RBS.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Fons\AppData\Roaming\elnude\okuoud.exe"="C:\Users\Fons\AppData\Roaming\elnude\okuoud.exe:*:Enabled:okuoud" "C:\Users\Fons\AppData\Roaming\epelnu\awelnu.exe"="C:\Users\Fons\AppData\Roaming\epelnu\awelnu.exe:*:Enabled:awelnu" "C:\Users\Fons\AppData\Roaming\ujawke\epweok.exe"="C:\Users\Fons\AppData\Roaming\ujawke\epweok.exe:*:Enabled:epweok" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 2 months====== 2014-02-06 20:45:04 ----D---- C:\rsit 2014-02-06 20:42:12 ----A---- C:\Users\Fons\AppData\Roaming\loadit.exe 2014-02-02 17:36:35 ----D---- C:\Users\Fons\AppData\Roaming\WinZip 2014-02-02 17:36:11 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp 2014-02-02 17:28:09 ----A---- C:\Windows\system32\roboot.exe 2014-02-02 17:28:08 ----A---- C:\Windows\system32\sasnative32.exe 2014-02-02 17:27:53 ----D---- C:\Program Files\WinZip System Utilities Suite 2014-02-02 17:00:38 ----D---- C:\Program Files\WinZip 2014-02-01 16:09:05 ----A---- C:\Windows\system32\drivers\WPRO_41_2001.sys 2014-02-01 14:49:17 ----D---- C:\ProgramData\WinZip 2014-01-29 18:58:11 ----D---- C:\Program Files\Musitek 2014-01-29 10:14:51 ----D---- C:\Users\Fons\AppData\Roaming\ujawke 2014-01-29 10:13:04 ----D---- C:\Users\Fons\AppData\Roaming\ewbuas 2014-01-29 10:01:36 ----D---- C:\Users\Fons\AppData\Roaming\epelnu 2014-01-29 10:01:03 ----D---- C:\Users\Fons\AppData\Roaming\elnude 2014-01-28 19:01:52 ----D---- C:\Program Files\VideoLAN 2014-01-28 19:01:37 ----D---- C:\Program Files\eMule 2014-01-28 19:01:27 ----D---- C:\Program Files\VS Revo Group 2014-01-28 19:01:20 ----D---- C:\ProgramData\Mozilla 2014-01-28 19:01:18 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-01-28 18:30:39 ----D---- C:\Users\Fons\AppData\Roaming\Malwarebytes 2014-01-28 18:30:28 ----D---- C:\ProgramData\Malwarebytes 2014-01-28 18:30:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-01-28 18:30:26 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-01-28 17:04:25 ----D---- C:\ProgramData\McAfee Security Scan 2014-01-28 17:04:25 ----D---- C:\ProgramData\McAfee 2014-01-28 17:04:16 ----D---- C:\Program Files\McAfee Security Scan 2014-01-26 18:15:44 ----D---- C:\ProgramData\TweakBit 2014-01-26 18:15:34 ----D---- C:\Program Files\TweakBit 2014-01-26 17:01:15 ----D---- C:\Users\Fons\AppData\Roaming\No Company Name 2014-01-24 18:42:40 ----D---- C:\Users\Fons\AppData\Roaming\DonationCoder 2014-01-23 17:25:48 ----D---- C:\Program Files\Allin1Convert_8h 2014-01-20 10:07:19 ----D---- C:\Program Files\Dialexicon 2014-01-20 10:07:03 ----N---- C:\Windows\Setup1.exe 2014-01-20 10:07:02 ----A---- C:\Windows\ST6UNST.EXE 2014-01-17 19:23:44 ----D---- C:\Program Files\Greenshot 2014-01-16 10:19:25 ----A---- C:\Windows\system32\win32k.sys 2014-01-16 10:19:23 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-16 10:19:22 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-14 18:32:05 ----RASH---- C:\MSDOS.SYS 2014-01-14 18:32:05 ----RASH---- C:\IO.SYS 2014-01-14 18:31:47 ----D---- C:\Users\Fons\AppData\Roaming\Winamp 2014-01-14 18:31:47 ----D---- C:\Program Files\Winamp 2014-01-11 12:39:10 ----ASH---- C:\EUMONBMP.SYS 2014-01-11 11:22:48 ----D---- C:\My Backups 2014-01-11 11:22:44 ----A---- C:\Windows\system32\drivers\EuFdDisk.sys 2014-01-11 11:22:43 ----A---- C:\Windows\system32\drivers\eudskacs.sys 2014-01-11 11:22:43 ----A---- C:\Windows\system32\drivers\eubakup.sys 2014-01-11 11:22:42 ----A---- C:\Windows\system32\drivers\EUBKMON.sys 2014-01-11 11:20:25 ----A---- C:\Windows\system32\fbnative.exe 2014-01-11 11:19:36 ----D---- C:\Program Files\EaseUS 2014-01-04 16:51:17 ----A---- C:\Windows\system32\dgderapi.dll 2014-01-04 16:32:10 ----A---- C:\Windows\system32\drivers\ssudmdm.sys 2014-01-04 16:32:10 ----A---- C:\Windows\system32\drivers\ssudbus.sys 2014-01-04 16:30:27 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys 2014-01-04 16:30:27 ----A---- C:\Windows\system32\drivers\ssadmdm.sys 2014-01-04 16:30:26 ----A---- C:\Windows\system32\drivers\ssadserd.sys 2014-01-04 16:30:26 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys 2014-01-04 16:30:26 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys 2014-01-04 16:30:26 ----A---- C:\Windows\system32\drivers\ssadbus.sys 2014-01-04 16:30:26 ----A---- C:\Windows\system32\drivers\ssadadb.sys 2013-12-25 19:05:06 ----D---- C:\Users\Fons\AppData\Roaming\AIMP3 2013-12-25 19:05:02 ----D---- C:\Program Files\AIMP3 2013-12-20 20:01:28 ----D---- C:\Program Files\phonostar-Player 2013-12-17 20:02:38 ----D---- C:\Users\Fons\AppData\Roaming\Geek Uninstaller 2013-12-12 10:14:52 ----D---- C:\Users\Fons\AppData\Roaming\newnext.me 2013-12-12 10:08:25 ----D---- C:\Users\Fons\AppData\Roaming\COWON 2013-12-12 10:05:05 ----D---- C:\Program Files\Common Files\COWON 2013-12-12 10:05:03 ----D---- C:\Program Files\JetAudio 2013-12-12 10:03:38 ----D---- C:\Program Files\MyPC Backup 2013-12-12 09:36:56 ----D---- C:\Users\Fons\AppData\Roaming\RealNetworks 2013-12-12 09:36:26 ----D---- C:\Program Files\RealNetworks 2013-12-12 09:36:22 ----D---- C:\ProgramData\RealNetworks 2013-12-12 09:36:10 ----D---- C:\Program Files\Common Files\xing shared 2013-12-12 09:36:00 ----A---- C:\Windows\system32\rmoc3260.dll 2013-12-12 09:35:53 ----A---- C:\Windows\system32\pndx5032.dll 2013-12-12 09:35:53 ----A---- C:\Windows\system32\pndx5016.dll 2013-12-12 09:35:53 ----A---- C:\Windows\system32\pncrt.dll 2013-12-12 09:35:44 ----D---- C:\Program Files\Real 2013-12-12 09:35:21 ----D---- C:\Users\Fons\AppData\Roaming\Real 2013-12-12 09:34:44 ----D---- C:\ProgramData\Real 2013-12-11 15:26:10 ----A---- C:\Windows\system32\jsproxy.dll 2013-12-11 15:26:10 ----A---- C:\Windows\system32\ie4uinit.exe 2013-12-11 15:26:09 ----A---- C:\Windows\system32\jscript9diag.dll 2013-12-11 15:26:09 ----A---- C:\Windows\system32\ieui.dll 2013-12-11 15:26:09 ----A---- C:\Windows\system32\iesetup.dll 2013-12-11 15:26:09 ----A---- C:\Windows\system32\iernonce.dll 2013-12-11 15:26:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2013-12-11 15:26:09 ----A---- C:\Windows\system32\ieapfltr.dll 2013-12-11 15:26:08 ----A---- C:\Windows\system32\ieUnatt.exe 2013-12-11 15:26:08 ----A---- C:\Windows\system32\ieetwproxystub.dll 2013-12-11 15:26:08 ----A---- C:\Windows\system32\ieetwcollector.exe 2013-12-11 15:26:07 ----A---- C:\Windows\system32\wininet.dll 2013-12-11 15:26:07 ----A---- C:\Windows\system32\urlmon.dll 2013-12-11 15:26:07 ----A---- C:\Windows\system32\iertutil.dll 2013-12-11 15:26:06 ----A---- C:\Windows\system32\ieframe.dll 2013-12-11 15:26:05 ----A---- C:\Windows\system32\mshtml.dll 2013-12-11 15:26:05 ----A---- C:\Windows\system32\jscript9.dll 2013-12-11 15:19:18 ----A---- C:\Windows\system32\wmp.dll 2013-12-11 15:19:17 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-11 14:01:00 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-11 14:01:00 ----A---- C:\Windows\system32\msieftp.dll 2013-12-11 14:00:59 ----A---- C:\Windows\system32\wscript.exe 2013-12-11 14:00:59 ----A---- C:\Windows\system32\scrrun.dll 2013-12-11 14:00:59 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-11 14:00:59 ----A---- C:\Windows\system32\cscript.exe 2013-12-11 14:00:56 ----A---- C:\Windows\system32\tzres.dll 2013-12-11 14:00:54 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-11 14:00:54 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-10 19:24:40 ----D---- C:\Users\Fons\AppData\Roaming\pdf995 2013-12-10 19:07:40 ----D---- C:\ProgramData\pdf995 2013-12-10 19:07:39 ----A---- C:\Windows\system32\pdfmona.dll 2013-12-10 19:07:39 ----A---- C:\Windows\system32\pdf995mon.dll 2013-12-10 19:07:22 ----D---- C:\pdf995 ======List of files/folders modified in the last 2 months====== 2014-02-06 20:57:26 ----D---- C:\Program Files\Trend Micro 2014-02-06 20:57:21 ----D---- C:\Windows\Prefetch 2014-02-06 20:55:02 ----SHD---- C:\System Volume Information 2014-02-06 20:48:18 ----D---- C:\Windows\Temp 2014-02-06 20:41:42 ----D---- C:\Windows\system32\config 2014-02-06 20:37:05 ----D---- C:\Windows\system32\Tasks 2014-02-06 20:36:37 ----D---- C:\Program Files\PRTG Network Monitor 2014-02-06 20:36:36 ----AD---- C:\ProgramData\TEMP 2014-02-06 20:36:11 ----D---- C:\Windows\Tasks 2014-02-06 20:36:11 ----D---- C:\Windows\system32\wfp 2014-02-06 20:36:08 ----D---- C:\Windows\system32\wbem 2014-02-06 20:36:08 ----D---- C:\Windows 2014-02-06 20:35:22 ----SHD---- C:\Windows\Installer 2014-02-06 20:35:22 ----D---- C:\Windows\system32\NDF 2014-02-06 20:35:22 ----D---- C:\Windows\system32\DriverStore 2014-02-06 20:35:22 ----D---- C:\Windows\system32\drivers 2014-02-06 20:35:22 ----D---- C:\Windows\system32\catroot2 2014-02-06 20:35:22 ----D---- C:\Windows\system32\catroot 2014-02-06 20:35:22 ----D---- C:\Windows\System32 2014-02-06 20:35:22 ----D---- C:\Windows\inf 2014-02-06 20:35:21 ----D---- C:\Windows\AppCompat 2014-02-06 20:35:21 ----D---- C:\Users\Fons\AppData\Roaming\uTorrent 2014-02-06 20:35:21 ----D---- C:\Users\Fons\AppData\Roaming\Greenshot 2014-02-06 20:35:21 ----D---- C:\ProgramData\Trend Micro 2014-02-06 20:35:20 ----HD---- C:\ProgramData 2014-02-06 20:35:20 ----D---- C:\ProgramData\Licenses 2014-02-06 20:35:19 ----RD---- C:\Program Files 2014-02-06 20:35:19 ----D---- C:\Program Files\Common Files\PX Storage Engine 2014-02-06 20:35:17 ----D---- C:\Program Files\Adobe 2014-02-06 20:35:14 ----D---- C:\gensdatapro 2014-02-06 20:35:05 ----D---- C:\Windows\registration 2014-02-06 20:34:36 ----D---- C:\ProgramData\Adobe 2014-02-06 20:34:14 ----D---- C:\Program Files\Common Files\Adobe 2014-02-06 20:32:51 ----RHD---- C:\MSOCache 2014-02-06 18:35:11 ----D---- C:\Users\Fons\AppData\Roaming\UseNeXT 2014-02-02 18:17:29 ----D---- C:\Windows\Minidump 2014-02-02 16:55:40 ----D---- C:\Program Files\PrivaZer 2014-02-01 15:00:51 ----A---- C:\Windows\RegBootClean.exe 2014-01-29 19:09:42 ----RSD---- C:\Windows\Fonts 2014-01-29 18:58:57 ----A---- C:\Windows\SSB2.ini 2014-01-29 18:42:10 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-29 18:40:14 ----D---- C:\Windows\system32\LogFiles 2014-01-29 12:10:45 ----D---- C:\Users\Fons\AppData\Roaming\tixati 2014-01-28 19:51:35 ----D---- C:\Users\Fons\AppData\Roaming\Mozilla 2014-01-28 19:07:52 ----D---- C:\Program Files\Google 2014-01-28 19:01:24 ----D---- C:\Program Files\WinRAR 2014-01-28 19:01:12 ----D---- C:\Program Files\Mozilla Firefox 2014-01-28 18:47:09 ----D---- C:\Windows\Branding 2014-01-26 18:34:17 ----D---- C:\Windows\debug 2014-01-26 17:51:50 ----D---- C:\Users\Fons\AppData\Roaming\Adobe 2014-01-26 17:51:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2014-01-26 16:58:02 ----RSD---- C:\Windows\assembly 2014-01-16 10:53:44 ----D---- C:\Windows\winsxs 2014-01-16 10:29:14 ----A---- C:\Windows\win.ini 2014-01-16 10:29:13 ----D---- C:\ProgramData\Microsoft Help 2014-01-16 10:28:34 ----D---- C:\Windows\system32\MRT 2014-01-16 10:25:46 ----A---- C:\Windows\system32\MRT.exe 2014-01-04 17:26:04 ----D---- C:\Windows\Microsoft.NET 2014-01-04 16:51:09 ----HD---- C:\Program Files\InstallShield Installation Information 2014-01-04 16:51:02 ----D---- C:\ProgramData\Samsung 2014-01-04 16:50:58 ----D---- C:\Program Files\Samsung 2014-01-04 16:42:41 ----D---- C:\Users\Fons\AppData\Roaming\Samsung 2014-01-03 18:10:04 ----D---- C:\Windows\system32\drivers\UMDF 2013-12-20 19:41:22 ----D---- C:\Users\Fons\AppData\Roaming\KeePass 2013-12-12 10:05:05 ----D---- C:\Program Files\Common Files 2013-12-12 09:57:54 ----D---- C:\Program Files\Everything 2013-12-12 09:35:49 ----A---- C:\Windows\system32\msvcr71.dll 2013-12-12 09:35:49 ----A---- C:\Windows\system32\msvcp71.dll 2013-12-11 20:39:12 ----D---- C:\Windows\rescache 2013-12-11 18:04:18 ----D---- C:\Program Files\Internet Explorer 2013-12-11 18:04:17 ----D---- C:\Windows\system32\nl-NL 2013-12-11 18:04:17 ----D---- C:\Windows\system32\en-US 2013-12-11 18:04:17 ----D---- C:\Windows\system32\de-DE 2013-12-11 18:04:16 ----D---- C:\Program Files\Windows Media Player ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2013-09-04 51784] R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2013-09-04 41544] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2013-07-19 46096] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2013-09-04 288840] R0 TMEBC;TMEBC; C:\Windows\system32\DRIVERS\TMEBC32.sys [2013-07-01 40736] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2013-09-04 15944] R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2013-09-04 186952] R1 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2013-09-04 102904] R1 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2013-09-04 83352] R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2012-05-02 92304] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 45288] R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\Windows\system32\DRIVERS\hcwPP2.sys [2005-12-14 160256] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2011-08-10 21784] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] R3 tmeevw;tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [2013-06-13 85280] R3 tmnciesc;tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [2013-05-22 282272] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2014-02-06 35088] S2 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2013-08-21 32064] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-21 84248] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2008-12-29 30096] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-08-21 136904] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-08-21 17864] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-08-21 153672] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-08-21 130248] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-21 182680] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12; C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [2013-09-25 181152] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192] R2 Allin1Convert_8hService;Allin1ConvertService; C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbarsvc.exe [2014-01-23 88648] R2 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-07-15 287256] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 DymoPnpService;DYMO PnP Service; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [2013-03-05 33072] R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [2013-10-11 69192] R2 Guard Agent;Guard Agent Service; C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-09-04 23624] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 PRTGCoreService;PRTG Core Server Service; C:\Program Files\PRTG Network Monitor\PRTG Server.exe [2013-10-29 7232736] R2 PRTGProbeService;PRTG Probe Service; C:\Program Files\PRTG Network Monitor\PRTG Probe.exe [2013-10-29 8814304] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072] R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer; C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe [2013-02-13 268072] R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-25 136176] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-25 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-08-25 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-21 1343400] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  10. Beste mensen. Ik krijg met regelmaat de onderstaande melding. C:\Users\Fons\AppData\Roaming\loadit.exe The NTVDM CPU has encountered an illegal instruction. CS:0581 IP:01bb OP:63 68 61 72 73 Choose 'Close' to terminate the application. Hoe kan ik dit oplossen? Mijn besturingsystem is Windows ultimate 7. mt.vr.gr. Fons
  11. beste mensen. Sinds de laatste updates van windows krijg ik bij het opstarten van mijn computer de volgende melding: Een probleem met IntelliPoint IntelliType NUID filter driver oplossen IntelliPoint IntelliType NUID filter driver wordt geblokkeerd omdat dit ertoe kan leiden dat de computer in de toekomst niet goed opstart. Uw versie van IntelliPoint IntelliType NUID filter driver is niet compatibel met deze versie van Windows. Ik heb windows 7 multimate. Hoe kan ik dit oplossen. mt.vr.gr. Fons
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.