Ga naar inhoud

Frank87

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    9

  • Registratiedatum

  • Laatst bezocht

Frank87's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. Frank87
    Hallo mensen, Nu blijkt dat ook de derde PC in ons huis dezelfde en zelfs ook andere mankementen als virusmeldingen vertoond. Kunnen jullie me hierbij nog eenmaal helpen? Bij voorbaat dank. Met vriendelijke groet, Frank
  2. Frank87
    Superrrr!!! De PC gedraagt zich weer normaal, mijn dank is groot!
  3. Frank87
    # AdwCleaner v3.016 - Report created 03/01/2014 at 13:13:16 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (32 bits) # Username : gebruiker - LAPTOP # Running from : C:\Users\gebruiker\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_morphvox_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_morphvox_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default\prefs.js ] [ File : C:\Users\bkbqkxcpwgvk\AppData\Roaming\Mozilla\Firefox\Profiles\tbezczdk.default\prefs.js ] -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : urls_to_restore_on_startup [ File : C:\Users\bkbqkxcpwgvk\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2580 octets] - [03/01/2014 13:09:43] AdwCleaner[s0].txt - [2431 octets] - [03/01/2014 13:13:16] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2491 octets] ##########
  4. Frank87
    Zoek.exe v5.0.0.0 Updated 23-December-2013 Tool run by gebruiker on do 26-12-2013 at 11:51:11,84. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\GEBRUI~1\AppData\Local\Temp\Rar$DIa0.631\zoek.com [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 26-12-2013 11:52:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Xenocode deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\Pinnacle Studio Plus deleted successfully C:\Users\bkbqkxcpwgvk\AppData\Roaming\Google deleted successfully C:\Users\gebruiker\AppData\Roaming\Media Player Classic deleted successfully C:\Users\gebruiker\AppData\Roaming\uTorrent deleted successfully C:\Users\bkbqkxcpwgvk\AppData\Local\VirtualStore deleted successfully C:\Users\nijenoert\AppData\Local\VirtualStore deleted successfully ==== Creating Sample_26-12-2013_1202.zip ====================== Copied file C:\Users\gebruiker\dopdf-7.exe to sample\dopdf-7.exe Copied file C:\Users\gebruiker\FSViewerSetup42.exe to sample\FSViewerSetup42.exe sample\dopdf-7.exe renamed to FFF4BA9C996322EBE2A4B5108D471344 sample\FSViewerSetup42.exe renamed to 23D8594EFA71B89967932A8C86D30C4E C:\Users\Public\Desktop\sample_26-12-2013_1202.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{90EFF544-3981-4d46-85C9-C0361D0931D6} deleted successfully HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted C:\Program Files\FastStone Image Viewer deleted C:\Program Files\SearchProtect deleted C:\Users\gebruiker\AppData\Local\SearchProtect deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer deleted C:\Users\gebruiker\Downloads\coupon.pdf deleted C:\Users\gebruiker\Downloads\SoftonicDownloader_voor_free-mp3-cutter-and-editor.exe deleted C:\Users\gebruiker\AppData\LocalLow\AVG Security Toolbar deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default\searchplugins\conduit-search.xml deleted C:\Users\gebruiker\Desktop\GemistDownloader.lnk deleted C:\Users\gebruiker\dopdf-7.exe deleted C:\Users\gebruiker\FSViewerSetup42.exe deleted "C:\Program Files\Expat Shield\bin\hsswd.exe" deleted "C:\Program Files\Expat Shield\bin\libcurl.dll" deleted "C:\Program Files\Expat Shield\bin\libeay32.dll" deleted "C:\Program Files\Expat Shield\bin\libidn-11.dll" deleted "C:\Program Files\Expat Shield\bin\libssl32.dll" deleted "C:\Program Files\Expat Shield\bin\openvpnas.exe" deleted "C:\Program Files\Expat Shield\bin\openvpntray.exe" deleted "C:\Program Files\Expat Shield\HssWPR\hsssrv.exe" deleted "C:\Program Files\Expat Shield\log\oas.log" not deleted "C:\Program Files\Expat Shield\bin\lang\gui-eng.dll" deleted "C:\Program Files\Expat Shield" not deleted "C:\Program Files\Expat Shield\bin" not deleted "C:\Program Files\Expat Shield\hsswd" not deleted "C:\Program Files\Expat Shield\HssWPR" not deleted "C:\Program Files\Expat Shield\log" not deleted "C:\Program Files\Expat Shield\bin\lang" deleted "C:\Program Files\Expat Shield\hsswd\default" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-12-12 19:15:24 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-12-12 19:15:23 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-12 19:15:23 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2013-12-12 19:15:22 BE8480727660354B93E32B0ED709BF0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-12-12 19:15:22 491B4F34BA2CD7EFCAC934C7EFF48F52 61952 ----a-w- C:\Windows\System32\iesetup.dll 2013-12-12 19:15:22 36D150C4F80DF88ED97D14598C24692F 32768 ----a-w- C:\Windows\System32\iernonce.dll 2013-12-12 19:15:22 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-12-12 19:15:22 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\System32\ieui.dll 2013-12-12 19:15:22 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\System32\ieapfltr.dll 2013-12-12 19:15:21 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-12 19:15:21 7C7FF72C48AF9DD8CA7ABA2EA97A6670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-12-12 19:15:21 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-12 19:15:20 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\System32\wininet.dll 2013-12-12 19:15:19 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\System32\iertutil.dll 2013-12-12 19:15:19 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-12-12 19:15:19 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\System32\urlmon.dll 2013-12-12 19:15:18 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\System32\ieframe.dll 2013-12-12 19:15:17 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\System32\mshtml.dll 2013-12-12 19:15:17 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\System32\jscript9.dll 2013-12-12 19:12:05 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\System32\wmp.dll 2013-12-12 19:12:04 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\System32\wmploc.DLL 2013-12-12 16:17:39 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-12 16:17:38 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\System32\imagehlp.dll 2013-12-12 16:17:37 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-12-12 16:17:37 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\System32\scrrun.dll 2013-12-12 16:17:37 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe 2013-12-12 16:17:37 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe 2013-12-12 16:17:37 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\System32\wshom.ocx 2013-12-12 16:17:33 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-12-12 16:17:27 8ACB33EF85F9EA87D18FECEAD593A255 2349056 ----a-w- C:\Windows\System32\win32k.sys ====== C:\Windows\system32\drivers ===== 2013-12-12 16:17:27 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-12 16:17:27 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys ====== C:\Windows\Tasks ====== 2013-12-05 14:06:44 B1FF8EADA4C67B81DDDF2B47EA35E767 4040 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1cef1c33a4a7555 2013-12-05 14:06:44 46E193A01A1052ED3516397D97D1BFC7 1044 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef1c33a4a7555.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-19 13:44:05 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\gebruiker\AppData\Roaming ====== 2013-12-19 10:37:39 -------- d-s---w- C:\Users\nijenoert\AppData\Locallow\Microsoft 2013-12-19 10:32:40 -------- d-----w- C:\Users\nijenoert\AppData\Roaming\ESET 2013-12-19 10:32:40 -------- d-----w- C:\Users\nijenoert\AppData\Local\ESET 2013-12-19 10:32:16 -------- d-----r- C:\Users\nijenoert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-19 10:32:16 -------- d-----r- C:\Users\nijenoert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-12-19 10:32:01 -------- d-----w- C:\Users\nijenoert\AppData\Roaming\Identities 2013-12-19 10:31:47 -------- d-----w- C:\Users\nijenoert\AppData\Roaming\Adobe 2013-12-19 10:31:42 -------- d-----w- C:\Users\nijenoert\AppData\Roaming\Media Center Programs 2013-12-19 10:31:42 -------- d-----w- C:\Users\nijenoert\AppData\Local\Temp 2013-12-19 10:31:42 -------- d-----w- C:\Users\nijenoert\AppData\Local\Microsoft Help 2013-12-19 10:31:42 -------- d-----w- C:\Users\nijenoert\AppData\Local\Microsoft 2013-12-19 10:31:41 -------- d-s---w- C:\Users\nijenoert\AppData\Roaming\Microsoft 2013-12-19 10:31:41 -------- d-----w- C:\Users\nijenoert\AppData\Roaming\TuneUp Software 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\gebruiker ====== 2013-12-19 13:43:52 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\gebruiker\Downloads\RSIT.exe 2013-12-19 10:32:16 -------- d-----r- C:\Users\nijenoert\Searches 2013-12-19 10:31:58 -------- d-----r- C:\Users\nijenoert\Contacts 2013-12-19 10:31:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\nijenoert\ntuser.ini 2013-12-19 10:31:41 -------- d--h--w- C:\Users\nijenoert\AppData 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Videos 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Saved Games 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Pictures 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Music 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Links 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Favorites 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Downloads 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Documents 2013-12-19 10:31:41 -------- d-----r- C:\Users\nijenoert\Desktop ====== C: exe-files == 2013-12-22 08:23:00 41BD2F3A3D883BC5A18F99E57B9B2FA2 274032 ----a-w- C:\Users\gebruiker\AppData\Local\Mozilla\updates\308046B0AF4A39CB\updates\0\updater.exe 2013-12-19 13:44:05 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\gebruiker.exe 2013-12-19 13:43:52 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\gebruiker\Downloads\RSIT.exe === C: other files == 2013-12-26 11:02:59 C978D5CF50B0E72213D1A6631A7AE663 8588778 ----a-w- C:\Users\Public\Desktop\sample_26-12-2013_1202.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "USBToolTip"="C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Folders ====================== 2013-10-31 20:44:24 1051 ----a-w- C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2011-11-15 10:33:03 2012 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce4aeea6e859c2.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef1c33a4a7555.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1ce4aeea6e859c2" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1cef1c33a4a7555" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Expat Shield Helper Please allow this installation - %AppDir%\extensions\afurladvisor@anchorfree.com - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45 F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18 BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner + 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 31DA97B4682187C6639BBE2215814FDA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== Docs - bkbqkxcpwgvk - Default\Extensions\aohghmighlieiainnegkcijnfilokake YouTube - gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.marktplaats.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.marktplaats.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_USERS\S-1-5-21-1492782960-3742457041-1094309832-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Users\bkbqkxcpwgvk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\bkbqkxcpwgvk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\gebruiker\AppData\Local\Xenocode\Sandbox\MyPhotoFun\4.4.1.27400\2010.05.03T14.13\Native\STUBEXE\8.0.1135\@APPDATALOCAL@\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\nijenoert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\bkbqkxcpwgvk\AppData\Local\Mozilla\Firefox\Profiles\tbezczdk.default\Cache emptied successfully C:\Users\gebruiker\AppData\Local\Mozilla\Firefox\Profiles\qwx0hon6.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\bkbqkxcpwgvk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=342 folders=47 28966681 bytes) ==== Empty Temp Folders ====================== C:\Users\bkbqkxcpwgvk\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\nijenoert\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\Expat Shield\log\oas.log" not found "C:\Program Files\Expat Shield" not found ==== EOF on do 26-12-2013 at 12:20:17,46 ====================== Wanneer ik Chrome opstart is nog altijd Search Conduit aanwezig..
  5. Frank87
    Logfile of random's system information tool 1.09 (written by random/random) Run by gebruiker at 2013-12-19 14:44:05 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 201 GB (70%) free of 288 GB Total RAM: 3000 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:44:10, on 19-12-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\gebruiker\AppData\Roaming\Spotify\spotify.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\taskhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\Expat Shield\bin\openvpntray.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\gebruiker\Downloads\RSIT.exe C:\Windows\system32\DllHost.exe C:\Program Files\trend micro\gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ? Marktplaats - De plek om nieuwe en tweedehands spullen te kopen en verkopen R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [uSBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files\Expat Shield\bin\openvpnas.exe O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files\Expat Shield\HssWPR\hsssrv.exe O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files\Expat Shield\bin\hsswd.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 8225 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce4aeea6e859c2.job C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef1c33a4a7555.job =========Mozilla firefox========= ProfilePath - C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default prefs.js - "browser.startup.homepage" - "http://www.marktplaats.nl/|http://www.hotmail.com/|http://www.buienradar.nl/" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin] "Description"=McAfee Mss Plugin "Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ afurladvisor@anchorfree.com {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ avg-secure-search.xml C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\qwx0hon6.default\searchplugins\ conduit-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] Expat Shield Class - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll [2012-01-05 233288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-24 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90EFF544-3981-4d46-85C9-C0361D0931D6}] af0.Adblock.BHO - C:\Windows\system32\mscoree.dll [2010-11-05 297808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-24 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520] "USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"=C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe [2013-12-05 5951488] "Spotify Web Helper"=C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-05 1168896] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-08-25 228864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "vidc.mjpg"=pvmjpg30.dll "wave4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-19 14:44:05 ----D---- C:\rsit 2013-12-19 14:44:05 ----D---- C:\Program Files\trend micro 2013-12-12 20:15:23 ----A---- C:\Windows\system32\jsproxy.dll 2013-12-12 20:15:23 ----A---- C:\Windows\system32\ie4uinit.exe 2013-12-12 20:15:22 ----A---- C:\Windows\system32\jscript9diag.dll 2013-12-12 20:15:22 ----A---- C:\Windows\system32\ieui.dll 2013-12-12 20:15:22 ----A---- C:\Windows\system32\iesetup.dll 2013-12-12 20:15:22 ----A---- C:\Windows\system32\iernonce.dll 2013-12-12 20:15:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2013-12-12 20:15:22 ----A---- C:\Windows\system32\ieapfltr.dll 2013-12-12 20:15:21 ----A---- C:\Windows\system32\ieUnatt.exe 2013-12-12 20:15:21 ----A---- C:\Windows\system32\ieetwproxystub.dll 2013-12-12 20:15:21 ----A---- C:\Windows\system32\ieetwcollector.exe 2013-12-12 20:15:20 ----A---- C:\Windows\system32\wininet.dll 2013-12-12 20:15:19 ----A---- C:\Windows\system32\urlmon.dll 2013-12-12 20:15:19 ----A---- C:\Windows\system32\iertutil.dll 2013-12-12 20:15:18 ----A---- C:\Windows\system32\ieframe.dll 2013-12-12 20:15:17 ----A---- C:\Windows\system32\mshtml.dll 2013-12-12 20:15:17 ----A---- C:\Windows\system32\jscript9.dll 2013-12-12 20:12:05 ----A---- C:\Windows\system32\wmp.dll 2013-12-12 20:12:04 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-12 17:17:39 ----A---- C:\Windows\system32\msieftp.dll 2013-12-12 17:17:38 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-12 17:17:37 ----A---- C:\Windows\system32\wscript.exe 2013-12-12 17:17:37 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-12 17:17:37 ----A---- C:\Windows\system32\scrrun.dll 2013-12-12 17:17:37 ----A---- C:\Windows\system32\cscript.exe 2013-12-12 17:17:33 ----A---- C:\Windows\system32\tzres.dll 2013-12-12 17:17:27 ----A---- C:\Windows\system32\win32k.sys 2013-12-12 17:17:27 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-12 17:17:27 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-10 20:36:34 ----D---- C:\hjs 2013-11-26 07:56:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-26 07:56:42 ----A---- C:\Windows\system32\elshyph.dll 2013-11-26 07:56:41 ----A---- C:\Windows\system32\jsIntl.dll 2013-11-26 07:56:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-26 07:56:40 ----A---- C:\Windows\system32\msls31.dll 2013-11-26 07:56:39 ----A---- C:\Windows\system32\msrating.dll 2013-11-26 07:56:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\url.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\mshtmlmedia.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\iedkcs32.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\ieapfltr.dat 2013-11-26 07:56:38 ----A---- C:\Windows\system32\icardie.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\dxtrans.dll 2013-11-26 07:56:38 ----A---- C:\Windows\system32\dxtmsft.dll 2013-11-26 07:56:37 ----A---- C:\Windows\system32\wextract.exe 2013-11-26 07:56:37 ----A---- C:\Windows\system32\webcheck.dll 2013-11-26 07:56:37 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-26 07:56:37 ----A---- C:\Windows\system32\licmgr10.dll 2013-11-26 07:56:37 ----A---- C:\Windows\system32\inseng.dll 2013-11-26 07:56:37 ----A---- C:\Windows\system32\iexpress.exe 2013-11-26 07:56:36 ----A---- C:\Windows\system32\vbscript.dll 2013-11-26 07:56:36 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-26 07:56:34 ----A---- C:\Windows\system32\pngfilt.dll 2013-11-26 07:56:34 ----A---- C:\Windows\system32\occache.dll 2013-11-26 07:56:33 ----A---- C:\Windows\system32\mshta.exe 2013-11-26 07:56:32 ----A---- C:\Windows\system32\MshtmlDac.dll 2013-11-26 07:56:32 ----A---- C:\Windows\system32\jscript.dll 2013-11-26 07:56:32 ----A---- C:\Windows\system32\imgutil.dll 2013-11-26 07:56:32 ----A---- C:\Windows\system32\iepeers.dll 2013-11-26 07:56:31 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2013-11-26 07:56:31 ----A---- C:\Windows\system32\msfeedssync.exe 2013-11-26 07:56:31 ----A---- C:\Windows\system32\msfeedsbs.dll 2013-11-26 07:56:31 ----A---- C:\Windows\system32\IEAdvpack.dll 2013-11-26 07:56:30 ----A---- C:\Windows\system32\mshtmler.dll 2013-11-26 07:56:30 ----A---- C:\Windows\system32\iesysprep.dll 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-11-20 14:37:38 ----A---- C:\Windows\system32\drivers\usbccgp.sys ======List of files/folders modified in the last 1 month====== 2013-12-19 14:44:10 ----D---- C:\Windows\Prefetch 2013-12-19 14:44:06 ----D---- C:\Windows\Temp 2013-12-19 14:44:05 ----RD---- C:\Program Files 2013-12-19 14:42:18 ----D---- C:\Users\gebruiker\AppData\Roaming\Spotify 2013-12-19 14:39:36 ----D---- C:\Windows\system32\config 2013-12-19 14:37:47 ----D---- C:\Users\gebruiker\AppData\Roaming\Dropbox 2013-12-19 11:31:57 ----SHD---- C:\$Recycle.Bin 2013-12-19 11:31:41 ----RD---- C:\Users 2013-12-17 07:51:05 ----SHD---- C:\System Volume Information 2013-12-15 21:31:37 ----D---- C:\Windows\system32\catroot2 2013-12-15 20:27:06 ----D---- C:\Windows\system32\FxsTmp 2013-12-14 14:16:34 ----D---- C:\Windows\System32 2013-12-14 14:16:34 ----D---- C:\Windows\inf 2013-12-14 14:16:34 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-13 07:49:31 ----D---- C:\Windows 2013-12-12 20:58:59 ----D---- C:\Windows\rescache 2013-12-12 20:22:20 ----D---- C:\Windows\SoftwareDistribution 2013-12-12 20:21:19 ----D---- C:\Windows\debug 2013-12-12 20:19:42 ----D---- C:\Windows\winsxs 2013-12-12 20:17:31 ----D---- C:\Program Files\Internet Explorer 2013-12-12 20:17:30 ----D---- C:\Windows\system32\nl-NL 2013-12-12 20:17:29 ----D---- C:\Program Files\Windows Media Player 2013-12-12 20:17:28 ----D---- C:\Windows\system32\DriverStore 2013-12-12 20:17:28 ----D---- C:\Windows\system32\drivers 2013-12-12 20:15:31 ----D---- C:\Windows\system32\catroot 2013-12-12 20:15:15 ----SHD---- C:\Windows\Installer 2013-12-12 20:15:10 ----D---- C:\ProgramData\Microsoft Help 2013-12-12 20:14:01 ----D---- C:\Windows\system32\MRT 2013-12-12 20:12:19 ----A---- C:\Windows\system32\MRT.exe 2013-12-11 18:37:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-12-10 22:03:23 ----D---- C:\pijlman-privé 2013-12-09 18:42:17 ----D---- C:\Windows\system32\NDF 2013-12-05 15:06:44 ----D---- C:\Windows\Tasks 2013-12-05 15:06:44 ----D---- C:\Windows\system32\Tasks 2013-12-02 15:18:55 ----D---- C:\Windows\Panther 2013-12-02 15:18:54 ----D---- C:\Windows\Logs 2013-11-26 09:00:15 ----D---- C:\Windows\system32\migration 2013-11-26 09:00:15 ----D---- C:\Windows\PolicyDefinitions 2013-11-26 09:00:14 ----D---- C:\Windows\system32\en-US 2013-11-21 18:34:03 ----D---- C:\paul ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-14 47568] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 25656] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 Cdralwnt;Cdralwnt; C:\Windows\system32\drivers\Cdralwnt.sys [2010-08-19 27388] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 171680] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 46056] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 150080] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 HssDrv;Expat Shield Routing Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2012-01-05 37376] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512] R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520] R3 NETw5s32;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896] R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-01-05 32768] S0 Cdr4vsd;Cdr4vsd; C:\Windows\system32\drivers\Cdr4vsd.sys [2010-08-19 66000] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664] R2 ExpatShieldService;Expat Shield Service; C:\Program Files\Expat Shield\bin\openvpnas.exe [2012-01-17 331608] R2 ExpatSrv;Expat Shield Routing Service; C:\Program Files\Expat Shield\HssWPR\hsssrv.exe [2012-01-05 363336] R2 ExpatWd;Expat Shield Monitoring Service; C:\Program Files\Expat Shield\bin\hsswd.exe [2012-01-05 329544] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-07 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 ExpatTrayService;Expat Shield Tray Service; C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-07 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-07 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-03 1343400] -----------------EOF-----------------
  6. Frank87
    De laptop van mijn ouders vertoond spyware (search conduit) en misschien is er meer aan de hand. Kan een van jullie mij helpen dit te verwijderen? Onlangs heb ik op mijn eigen laptop hetzelfde probleem gehad en is dankzij jullie opgelost. Waarvoor nogmaals dank! Daarnaast heb ik enkele vragen voor jullie, aangezien ik enigszins een leek ben op het gebied van computers. * We hebben Eset Smart Security 6; hoe is het mogelijk dat er ondanks deze virusscanner toch spyware aanwezig is? * Als mijn ouders Firefox gebruiken en in hotmail de inbox bekijken kan het soms voorkomen dat er een "1 item" bij de cursor verschijnt en hotmail niet meer goed werkt. Ik heb zelf al gegoogeld en zag dat dit wellicht te maken heeft met add-ons. Klopt dit of wordt dit ook hersteld na het verwijderen van de spyware? Bij voorbaat dank!
  7. Frank87
    Hallo kape, Ik heb het onlangs geprobeerd en ben het script op dit moment wederom aan het draaien. Ik vroeg me af hoe lang dit doorgaans duurt. Er is bij mij geen logbestand gekregen de eerste keer na dik 2 uur wachten. Alvast bedankt! - - - Updated - - - Zoek.exe Version 4.0.0.5 Updated 09-November-2013 Tool run by janneke on ma 11-11-2013 at 10:58:35,10. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\janneke\Downloads\zoek\zoek.com [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-10-28-183259.log 44466 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4115981393-51546123-1818741190-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\rmjvevkt.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\rmjvevkt.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnUpdater"=- "Instant Savings App-repairJob"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Ask.com not found C:\Program Files (x86)\uTorrentBar_NL not found C:\Program Files (x86)\Microsoft\BingBar not found C:\Program Files (x86)\Instant Savings App not found C:\Users\janneke\AppData\Roaming\Free YouTube to MP3 Converter Studio not found C:\Users\janneke\AppData\Roaming\DVDVideoSoftIEHelpers not found C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found C:\Program Files (x86)\SearchProtect not found C:\Program Files (x86)\Bench not found "C:\Windows\tasks\bench-S-1-5-21-4115981393-51546123-1818741190-1000.job" not found "C:\Windows\tasks\bench-sys.job" not found "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" not found "C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\extensions\toolbar@ask.com" not found "C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\searchplugins\conduit-search.xml" not found "C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\searchplugins\askcom.xml" not found C:\Users\janneke\AppData\Local\BenchUpdater deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\janneke\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2013-10-14 15:55:40 5F5036A25DFA9E9ED75AF7AEA5570C3E 1074 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000UA1cec8f5d4c809f5.job 2013-10-14 15:55:40 06A16DE7A162B4E1CF6D3D56CF522D58 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000UA1cec8f5d4c809f5 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-28 15:43:52 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-10-29 21:28:56 -------- d-----w- C:\PROGRA~2\uTorrent 2013-10-18 09:33:51 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\janneke\AppData\Roaming ====== 2013-10-29 21:28:23 -------- d-----w- C:\Users\janneke\AppData\Local\uTorrent 2013-10-28 18:19:17 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\janneke\AppData\Local\resmon.resmoncfg 2013-10-27 01:31:08 -------- d-----w- C:\Users\Frank\AppData\Local\Google 2013-10-27 01:31:00 -------- d-----w- C:\Users\Frank\AppData\Locallow\Evernote 2013-10-27 01:30:45 -------- d-----w- C:\Users\Frank\AppData\Locallow\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} 2013-10-27 01:27:34 -------- d-----w- C:\Users\Frank\AppData\Roaming\uTorrent 2013-10-27 01:08:40 -------- d-----w- C:\Users\Frank\AppData\Roaming\Mozilla 2013-10-27 01:08:40 -------- d-----w- C:\Users\Frank\AppData\Local\Mozilla 2013-10-27 01:07:59 -------- d-----w- C:\Users\Frank\AppData\Roaming\ESET 2013-10-27 01:07:59 -------- d-----w- C:\Users\Frank\AppData\Local\ESET 2013-10-20 19:08:18 891F814C8E7690BF5EF112BF99EE0FBD 558328 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat ====== C:\Users\janneke ====== 2013-10-28 15:42:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\janneke\Downloads\RSITx64.exe 2013-10-18 09:32:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == === C: other files == 2013-11-05 15:49:40 CCF499C30AE9B8A4D145B5D142CDB6BB 1144 ----a-w- C:\Users\janneke\AppData\Roaming\XBMC\addons\packages\metadata.common.amazon.de-1.0.1.zip 2013-11-05 15:49:39 8213C27C00655AAB80FCE91A74964367 17053 ----a-w- C:\Users\janneke\AppData\Roaming\XBMC\addons\packages\metadata.common.last.fm-1.6.1.zip 2013-11-05 15:49:39 80EB84035494A171F594EA155F275AF9 1986 ----a-w- C:\Users\janneke\AppData\Roaming\XBMC\addons\packages\metadata.common.fanart.tv-2.1.3.zip 2013-11-05 15:49:39 77DBAA1CF7DDEB36DD01DCEA357F343D 16140 ----a-w- C:\Users\janneke\AppData\Roaming\XBMC\addons\packages\metadata.common.allmusic.com-3.0.2.zip 2013-11-05 15:49:39 0356072DFE8D3766808D4B5879A8861A 2918 ----a-w- C:\Users\janneke\AppData\Roaming\XBMC\addons\packages\metadata.common.musicbrainz.org-2.0.2.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4115981393-51546123-1818741190-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify Web Helper"="C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_A14A7950E8150BDF6B4FF973C0953710"="C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify Web Helper"="C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_A14A7950E8150BDF6B4FF973C0953710"="C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 " "TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" "Toshiba Registration"="C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\janneke\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" "AdobeBridge"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Adobe Acrobat Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrobat_sl.exe\"" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Acrobat Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrobat_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5.5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Pro Agent" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Pro\\DTAgent.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBAgent" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Nero\\Nero 10\\Nero BackItUp\\NBAgent.exe\" /WinStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\janneke\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\janneke\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosNC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosNC" "hkey"="HKLM" "command"="%ProgramFiles%\\Toshiba\\BulletinBoard\\TosNcCore.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosReelTimeMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosReelTimeMonitor" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\ReelTime\\TosReelTimeMonitor.exe" ==== Startup Folders ====================== 2011-02-28 09:42:11 1258 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-02-28 09:42:11 1258 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2013-04-23 09:13:07 1258 ----a-w- C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2012-06-14 09:55:35 1062 ----a-w- C:\Users\janneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce4b0f224cc9e0.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-06-2011 13:01] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000Core.job --a------ C:\Users\janneke\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000UA1cec8f5d4c809f5.job --a------ C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe [12-02-2012 13:39] C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17-01-2013 22:16] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-jannekecomp-janneke" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ConfigFree Startup Programs" [C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1ce4b0f224cc9e0" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000Core" [C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000UA1cec8f5d4c809f5" [C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\NCH Software\WavePadDowngrade" [C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [16-09-2013 14:10] ==== Firefox Extensions ====================== ProfilePath: C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default - Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn - McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor - British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} ==== Firefox Plugins ====================== Profilepath: C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default 1E3AEA3D55F6F310C3C9E3DCCF2D2A02 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll - Shockwave Flash 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\janneke\AppData\Local\Temp\crx48B.tmp[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[22-05-2013 09:24] SiteAdvisor - janneke - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - janneke - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Last updated at time on date - janneke - Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5DE82153-5FB8-4E74-8DC3-48DFA661F218} Bing Url="http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {A53FED75-139B-46B6-BEE4-D2A646B1FA8B} Amazon Url="http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2" {AC3B0922-D674-455C-AE96-C5A9FDFC2DCF} eBay Url="http://rover.ebay.com/rover/1/1346-71494-26233-7/4?satitle={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{D629FDE2-1C75-40B2-9B20-CE72D3A430AF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D629FDE2-1C75-40B2-9B20-CE72D3A430AF} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D629FDE2-1C75-40B2-9B20-CE72D3A430AF} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\janneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Frank\AppData\Local\Mozilla\Firefox\Profiles\rmjvevkt.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\janneke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found "C:\Program Files (x86)\SearchProtect" not found "C:\PROGRA~2\SearchProtect" not found ==== EOF on ma 11-11-2013 at 11:31:13,98 ======================
  8. Frank87
    Bedankt alvast!! --------------------------------------------------------------------------------- Logfile of random's system information tool 1.09 (written by random/random) Run by Frank at 2013-10-28 16:43:51 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 24 GB (15%) free of 152 GB Total RAM: 3893 MB (31% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:44:11, on 28-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\janneke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTo0.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Instant Savings App BHO - {6EB4A4C0-6036-4D2E-B010-20707C4B62E8} - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTo0.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTo0.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [instant Savings App-repairJob] wscript.exe "C:\Users\janneke\AppData\Local\Instant Savings App\repair.js" O4 - HKCU\..\Run: [Google Update] "C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A14A7950E8150BDF6B4FF973C0953710] "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = janneke\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\janneke\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding knippen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\janneke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Kopieer selectie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file) O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file) O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: gearsec - GEAR Software - C:\Windows\SysWOW64\gearsec.exe O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 22159 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" C:\Windows\SysWOW64\gearsec.exe c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2356 C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "taskhost.exe" "C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe" "C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3 taskeng.exe {923E3DE7-4726-4786-8509-E30641ED1CE4} "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" taskeng.exe {98A9664E-09A7-43A5-B6D5-41525C4C541A} C:\Windows\system32\igfxext.exe -Embedding C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window "C:\Users\janneke\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5964.0.1957846537\181092484" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,24,26 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2281 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe" "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.1.1140323429\453769231" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.2.471942271\455263753" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.4.1667454810\2023864575" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.5.2051274541\1332188707" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.6.967945131\147388763" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManualResetProfile/Enable/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.7.2107841699\2011170433" /prefetch:673131151 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManualResetProfile/Enable/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.8.1278135782\265592757" /prefetch:673131151 "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2013.1016.433.1_0\plugin/ace.dll" --lang=nl --channel="5964.11.174660685\1515410086" /prefetch:-390060480 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\janneke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\McChPlg.dll" --lang=nl --channel="5964.12.2100986706\206193729" /prefetch:-390060480 "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5964.14.1837010222\719745006" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "c:\Program Files (x86)\Nero\Update\NASvc.exe" C:\Windows\System32\svchost.exe -k secsvcs "c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\janneke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=nl --channel="5964.20.749909975\297239203" /prefetch:-390060480 "C:\Users\janneke\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManualResetProfile/Enable/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.34.1839593313\222514077" /prefetch:673131151 "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManualResetProfile/Enable/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5964.46.1508387512\68059251" /prefetch:673131151 "taskhost.exe" "C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManualResetProfile/Enable/NewMenuStyle/Compact2/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="5964.65.1194404695\340943661" /prefetch:673131151 C:\Windows\system32\sppsvc.exe "C:\Users\janneke\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\bench-S-1-5-21-4115981393-51546123-1818741190-1000.job C:\Windows\tasks\bench-sys.job C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce4b0f224cc9e0.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4115981393-51546123-1818741190-1000UA1cec8f5d4c809f5.job C:\Windows\tasks\ROC_REG_JAN_DELETE.job =========Mozilla firefox========= ProfilePath - C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE9ABD79B-90AD-4E96-AC30-DFC652671F38" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.262 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin] "Description"= "Path"=C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.262 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.DEU nppdf32.dll nppdf32.FRA npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ babylon.xml bing.xml bolcom-nl.xml google.xml marktplaats-nl.xml wikipedia-nl.xml C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\extensions\ en-GB@dictionaries.addons.mozilla.org toolbar@ask.com {6F2216DD-C7BF-38BE-6DD4-8071E9D36277} {ACAA314B-EEBA-48e4-AD47-84E31C44796C} C:\Users\janneke\AppData\Roaming\Mozilla\Firefox\Profiles\y96a2vyr.default\searchplugins\ askcom.xml conduit-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2013-10-22 322600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-05 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-05-22 298312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19 164496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll [2013-10-22 256552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] uTorrentBar_NL Toolbar - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTo0.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-22 587104] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-05 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-05-22 249872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}] TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05 529784] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-05-22 298312] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-05 256080] {D629FDE2-1C75-40B2-9B20-CE72D3A430AF} - Instant Savings App - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2013-10-22 322600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-05-22 249872] {87775fdb-6972-41f9-ae51-8326e38cb206} - uTorrentBar_NL Toolbar - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTo0.dll [2011-05-09 176936] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19 164496] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-05 194640] {eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-30 162328] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-30 386584] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-30 417304] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-12-09 571304] "TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-12-15 973176] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-12 11775592] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-10 2186856] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592] "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040] "TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376] "Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-02-28 150992] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 6330568] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\janneke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-12 136176] "Spotify Web Helper"=C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-01 1104384] "GoogleChromeAutoLaunch_A14A7950E8150BDF6B4FF973C0953710"=C:\Users\janneke\AppData\Local\Google\Chrome\Application\chrome.exe [2013-10-09 844752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-09-03 41336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-01-07 1406248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] C:\Users\janneke\AppData\Roaming\Spotify\Spotify.exe [2013-10-01 4640768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\janneke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-01 1104384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-12-13 597928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-12-14 38304] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] ""= [] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2013-09-03 840568] "ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-30 1721480] "Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-09-03 41336] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "Instant Savings App-repairJob"=wscript.exe C:\Users\janneke\AppData\Local\Instant Savings App\repair.js [] C:\Users\janneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\janneke\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-01-12 272384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Free Music Zilla\FMZilla.exe"="C:\Program Files (x86)\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2013-10-28 16:43:52 ----D---- C:\Program Files\trend micro 2013-10-28 16:43:51 ----D---- C:\rsit 2013-10-27 02:29:24 ----D---- C:\Program Files (x86)\SearchProtect 2013-10-27 02:29:11 ----D---- C:\Program Files (x86)\Instant Savings App 2013-10-27 02:29:08 ----D---- C:\Program Files (x86)\Bench 2013-10-18 10:33:57 ----D---- C:\ProgramData\Oracle 2013-10-18 10:33:43 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-10-18 10:33:37 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-10-18 10:33:37 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-10-18 10:33:37 ----A---- C:\Windows\SYSWOW64\java.exe 2013-10-10 19:23:24 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-10 19:23:24 ----A---- C:\Windows\system32\ieui.dll 2013-10-10 19:23:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-10 19:23:22 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-10 19:23:22 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-10 19:23:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-10 19:23:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-10 19:23:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 19:23:22 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-10 19:23:22 ----A---- C:\Windows\system32\iesetup.dll 2013-10-10 19:23:22 ----A---- C:\Windows\system32\iernonce.dll 2013-10-10 19:23:22 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-10 19:23:21 ----A---- C:\Windows\system32\iertutil.dll 2013-10-10 19:23:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-10 19:23:20 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-10 19:23:20 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-10 19:23:20 ----A---- C:\Windows\system32\jscript.dll 2013-10-10 19:23:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-10 19:23:19 ----A---- C:\Windows\system32\jscript9.dll 2013-10-10 19:23:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-10 19:23:18 ----A---- C:\Windows\system32\urlmon.dll 2013-10-10 19:23:16 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-10 19:23:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-10 19:23:16 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-10 19:23:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-10 19:23:15 ----A---- C:\Windows\system32\wininet.dll 2013-10-10 19:23:14 ----A---- C:\Windows\system32\ieframe.dll 2013-10-10 19:23:12 ----A---- C:\Windows\system32\mshtml.dll 2013-10-10 19:23:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-10 10:45:35 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-10 10:45:35 ----A---- C:\Windows\system32\comctl32.dll 2013-10-10 10:45:34 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-10 10:45:34 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-10 10:45:34 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-10 10:45:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-10 10:45:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-10 10:45:34 ----A---- C:\Windows\system32\lpk.dll 2013-10-10 10:45:34 ----A---- C:\Windows\system32\fontsub.dll 2013-10-10 10:45:34 ----A---- C:\Windows\system32\dciman32.dll 2013-10-10 10:45:34 ----A---- C:\Windows\system32\atmlib.dll 2013-10-10 10:45:34 ----A---- C:\Windows\system32\atmfd.dll 2013-10-10 10:45:33 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-10 10:45:32 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-10 10:45:32 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-10 10:45:32 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2013-10-10 10:45:32 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-10 10:45:32 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-10 10:45:31 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-10 10:45:31 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-10 10:45:31 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-10 10:45:31 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-10 10:45:31 ----A---- C:\Windows\system32\davclnt.dll 2013-10-10 10:45:27 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-10 10:45:26 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-10 10:45:26 ----A---- C:\Windows\system32\mswsock.dll 2013-10-10 10:45:26 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-10 10:45:24 ----A---- C:\Windows\system32\win32k.sys 2013-10-10 10:45:20 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-10 10:45:20 ----A---- C:\Windows\system32\advapi32.dll 2013-10-10 10:45:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-10 10:45:18 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-10 10:45:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-10 10:45:18 ----A---- C:\Windows\system32\tdh.dll 2013-10-10 10:45:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-10 10:45:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-10 10:45:17 ----A---- C:\Windows\system32\ntdll.dll 2013-10-10 10:45:16 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-10 10:45:16 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-10 10:45:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-10 10:45:16 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-10 10:45:16 ----A---- C:\Windows\system32\wow64.dll 2013-10-10 10:45:15 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-10 10:45:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 10:45:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 10:45:07 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-10 10:45:07 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-10 10:45:07 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-10 10:45:06 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-10 10:45:06 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-10-10 10:45:06 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-10 10:45:06 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-10 10:45:05 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-10 10:45:02 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys ======List of files/folders modified in the last 1 month====== 2013-10-28 16:43:57 ----D---- C:\Windows\Temp 2013-10-28 16:43:52 ----RD---- C:\Program Files 2013-10-28 15:48:17 ----SHD---- C:\Windows\Installer 2013-10-28 13:52:26 ----D---- C:\Windows\system32\config 2013-10-28 13:40:41 ----D---- C:\Windows\System32 2013-10-28 13:40:41 ----D---- C:\Windows\inf 2013-10-28 13:40:41 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-28 13:39:52 ----D---- C:\Program Files (x86)\Microsoft 2013-10-28 13:39:20 ----D---- C:\Users\janneke\AppData\Roaming\Dropbox 2013-10-28 13:37:44 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-27 02:29:24 ----RD---- C:\Program Files (x86) 2013-10-27 02:29:10 ----D---- C:\Windows\Tasks 2013-10-27 02:29:10 ----D---- C:\Windows\system32\Tasks 2013-10-27 02:29:03 ----D---- C:\Users\janneke\AppData\Roaming\uTorrent 2013-10-25 19:08:35 ----D---- C:\Windows\rescache 2013-10-25 16:57:21 ----SHD---- C:\System Volume Information 2013-10-25 10:06:47 ----D---- C:\Users\janneke\AppData\Roaming\Mozilla 2013-10-25 00:03:32 ----D---- C:\Windows\system32\NDF 2013-10-24 13:21:59 ----D---- C:\Windows\system32\catroot2 2013-10-21 23:40:46 ----D---- C:\Users\janneke\AppData\Roaming\vlc 2013-10-21 17:42:38 ----D---- C:\Users\janneke\AppData\Roaming\XBMC 2013-10-19 20:06:45 ----D---- C:\Windows 2013-10-19 11:34:53 ----D---- C:\Users\janneke\AppData\Roaming\Winamp 2013-10-19 11:34:37 ----D---- C:\Windows\Logs 2013-10-19 11:34:37 ----D---- C:\Windows\debug 2013-10-18 10:33:57 ----HD---- C:\ProgramData 2013-10-18 10:33:51 ----D---- C:\Program Files (x86)\Common Files 2013-10-18 10:33:43 ----D---- C:\Windows\SysWOW64 2013-10-18 10:33:36 ----D---- C:\Program Files (x86)\Java 2013-10-16 12:51:56 ----D---- C:\Windows\Microsoft.NET 2013-10-16 12:51:55 ----RSD---- C:\Windows\assembly 2013-10-11 10:32:18 ----D---- C:\Windows\winsxs 2013-10-11 10:27:13 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-11 10:27:11 ----D---- C:\Program Files\Internet Explorer 2013-10-11 10:27:09 ----D---- C:\Windows\system32\drivers 2013-10-11 10:27:05 ----D---- C:\Windows\AppPatch 2013-10-11 10:27:00 ----D---- C:\Windows\system32\nl-NL 2013-10-11 10:26:55 ----D---- C:\Windows\system32\DriverStore 2013-10-11 10:24:17 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-11 10:24:14 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 19:26:34 ----D---- C:\ProgramData\Microsoft Help 2013-10-10 19:23:58 ----D---- C:\Windows\system32\catroot 2013-10-10 19:12:46 ----D---- C:\Windows\system32\MRT 2013-10-10 19:12:43 ----A---- C:\Windows\system32\MRT.exe 2013-10-09 15:43:19 ----RSD---- C:\Windows\Fonts 2013-10-01 14:46:24 ----D---- C:\Users\janneke\AppData\Roaming\Spotify ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-14 58416] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-27 540696] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-11 271424] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232] R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-12 10627392] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-13 2712680] R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2010-11-02 1103464] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872] R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-29 250984] S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-09 65640] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200] R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-10-18 1753376] R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-03-21 1341664] R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2013-01-30 9216] R2 gearsec;gearsec; C:\Windows\SysWOW64\gearsec.exe [2003-12-01 53248] R2 GFNEXSrv;GFNEX Service; C:\Windows\System32\GFNEXSrv.exe [2010-09-09 162824] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-05-06 325656] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2013-05-22 120592] R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-01-14 572712] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-06 2533400] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe [2013-07-23 240288] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe [2013-07-23 193696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-25 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-25 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-11 115168] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080] S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-23 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  9. Frank87
    Onlangs toen ik me verveelde en in de Google Chrome Web Store aan het kijken was, viel mijn oog op een mooi thema van Russische makelij. Ik heb en hoefde geen thema, maar uiteindelijk heb ik het gedownload (heel stom achteraf). Sindsdien heb ik last van het volgende: * Instant Savings app * Search Conduit * Bing als zoekmachine Ik heb gegoogeld en kwam op jullie forum terecht en heb me onmiddellijk aangemeld. Ik las dat de te nemen stappen per persoon kunnen verschillen. Mijn vraag is aan jullie wat moet ik doen om mijn pc weer normaal te laten functioneren, zonder deze virussen of adware. Met vriendelijke groet, Frank
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.