Ga naar inhoud

adriearentsen

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    3

  • Registratiedatum

  • Laatst bezocht

adriearentsen's prestaties

Nieuweling

Nieuweling (1/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. adriearentsen
    Zoek.exe Version 4.0.0.5 Updated 05-December-2013 Tool run by arentsen on za 07-12-2013 at 12:50:15,38. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\arentsen\Desktop\zoek.pif [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7-12-2013 13:00:22 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\DSP-worx deleted successfully C:\PROGRA~2\Fiddler2 deleted successfully C:\PROGRA~2\FreeTime deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\OnlineHD.TV deleted successfully C:\PROGRA~2\Optimizer Pro deleted successfully C:\PROGRA~2\SecretSauce deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\Symantec deleted successfully C:\ProgramData\4shared Desktop deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\Symantec deleted successfully C:\Users\arentsen\AppData\Roaming\PerformerSoft deleted successfully C:\Users\arentsen\AppData\Roaming\Systweak deleted successfully C:\Windows\serviceprofiles\Localservice\AppData\Roaming\Xfire deleted successfully C:\Users\arentsen\AppData\Local\DProtect deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2511679531-4247418346-2881348197-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2CA01A78-4F31-475E-AD74-D0D38DE09EC9} deleted successfully HKEY_USERS\S-1-5-21-2511679531-4247418346-2881348197-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3C0097E0-9032-4E39-B242-92D21BDA7D58} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IB Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IB Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Npggsvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Npggsvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Savesenselive deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Savesenselive deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Savesenselivem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Savesenselivem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SProtection deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SProtection deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js: Added to C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\19\prefs.js: Added to C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\19\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: Added to C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\0 ---- FireFox user.js and prefs.js backups ---- user_07-12-2013_1320_.backup prefs_07-12-2013_1320_.backup ProfilePath: C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\19 ---- FireFox user.js and prefs.js backups ---- user_07-12-2013_1320_.backup prefs_07-12-2013_1320_.backup ProfilePath: C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\extensions ---- FireFox user.js and prefs.js backups ---- user_07-12-2013_1320_.backup prefs_07-12-2013_1320_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Optimizer Pro not found C:\Program Files (x86)\SecretSauce not found C:\Users\arentsen\AppData\Roaming\Systweak not found "C:\windows\SysNative\GameMon.des.exe" not found C:\ProgramData\eSafe deleted C:\ProgramData\Iminent deleted C:\Users\arentsen\AppData\Roaming\SaveSense deleted C:\Program Files (x86)\IminentToolbar deleted C:\Users\arentsen\AppData\Roaming\iminent deleted C:\Program Files (x86)\Iminent deleted C:\Program Files (x86)\MyPC Backup deleted C:\ProgramData\BonanzaDealsLive deleted C:\Program Files (x86)\BonanzaDealsLive deleted C:\Program Files (x86)\BonanzaDeals deleted C:\Users\arentsen\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\arentsen\AppData\Roaming\OpenCandy deleted C:\Program Files (x86)\TornTV.com deleted C:\Windows\syswow64\appdata deleted C:\PROGRA~2\Mozilla Firefox\user.js deleted C:\PROGRA~2\BitLord 2 deleted C:\PROGRA~2\COMMON~1\Umbrella deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\SearchProtect deleted C:\Program Files\IB Updater deleted C:\PROGRA~2\Gophoto.it deleted C:\PROGRA~2\Conduit deleted C:\Users\arentsen\AppData\Roaming\BitLord deleted C:\Users\arentsen\AppData\Roaming\File Scout deleted C:\Users\arentsen\AppData\Roaming\DSite deleted C:\ProgramData\Ask deleted C:\ProgramData\APN deleted C:\ProgramData\Partner deleted C:\ProgramData\boost_interprocess deleted C:\ProgramData\IBUpdaterService deleted C:\ProgramData\Tarma Installer deleted C:\Users\arentsen\AppData\Local\BonanzaDealsLive deleted C:\Users\arentsen\AppData\Local\SearchProtect deleted C:\Users\arentsen\AppData\Local\avgchrome deleted C:\Users\arentsen\AppData\Local\Pokki deleted C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent deleted C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki deleted C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\dmwu.exe deleted C:\windows\SysNative\Tasks\DSite deleted C:\Users\arentsen\Downloads\iLividSetup_B-r362-t-bc.exe deleted C:\Users\arentsen\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\arentsen\Downloads\FileConverter_1.4.exe deleted C:\Users\arentsen\Downloads\SoftonicDownloader_voor_autocad.exe deleted C:\Users\arentsen\Downloads\SoftonicDownloader_voor_free-youtube-to-mp3-converter.exe deleted C:\Users\arentsen\AppData\LocalLow\Softonic deleted C:\Users\arentsen\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted C:\Users\arentsen\AppData\LocalLow\Incredibar.com deleted C:\Users\arentsen\AppData\LocalLow\PriceGong deleted C:\Users\arentsen\AppData\LocalLow\Conduit deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\windows\SysNative\tasks\QtraxPlayer deleted C:\Windows\tasks\DSite.job deleted C:\windows\SysNative\tasks\BitGuard deleted C:\user.js deleted C:\windows\SysNative\ljkb deleted C:\Windows\Syswow64\jmdp_old deleted C:\Windows\Syswow64\SearchProtect deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\arentsen\Documents\Optimizer Pro deleted C:\Users\arentsen\Documents\BitLord deleted C:\Users\arentsen\Desktop\MyPC Backup.lnk deleted "C:\Windows\tasks\SaveSense.job" deleted "C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job" deleted "C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job" deleted "C:\Windows\Installer\2cd80c0.msi" deleted "C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\19\extensions\torntv@torntv.com.xpi" deleted "C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe" deleted "C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll" deleted "C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log" not deleted "C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe" deleted "C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll" deleted "C:\Program Files (x86)\SaveSenseLive" not deleted "C:\ProgramData\SaveSenseLive" not deleted "C:\Program Files (x86)\SaveSenseLive" not deleted "C:\Program Files (x86)\SaveSenseLive\Update" not deleted "C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0" not deleted "C:\ProgramData\SaveSenseLive\Update" not deleted "C:\ProgramData\SaveSenseLive\Update\Log" not deleted "C:\Program Files (x86)\SaveSenseLive\Update" not deleted "C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\arentsen\AppData\Local\Temp ==== ====== Java Cache ===== 2013-11-15 14:15:43 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\arentsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-6d619b3b 2013-11-15 14:15:31 A9D6ABE8B9937150A3D9AE30AD031840 99 ----a-w- C:\Users\arentsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap 2013-11-15 14:15:31 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\arentsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-673de396 2013-11-15 14:15:22 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\arentsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-23a600e6 2013-11-15 14:15:33 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\arentsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-333db403 ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2013-11-09 21:56:55 DC0AECEDF4A832C3796161FDF4CF7F89 3166 ----a-w- C:\Windows\Sysnative\Tasks\{02BF168A-AA48-423E-B29A-74E35BAEB2E9} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-07 06:41:34 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-11-22 18:42:11 -------- d-----w- C:\PROGRA~2\SaveSenseLive 2013-11-16 17:01:04 -------- d-----w- C:\PROGRA~2\DVDVideoSoft 2013-11-16 17:01:04 -------- d-----w- C:\PROGRA~2\COMMON~1\DVDVideoSoft 2013-11-15 14:12:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\arentsen\AppData\Roaming ====== 2013-11-22 18:42:11 -------- d-----w- C:\Users\arentsen\AppData\Local\SaveSenseLive 2013-11-22 18:41:39 -------- d-----w- C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense 2013-11-22 18:38:04 -------- d-----w- C:\Users\arentsen\AppData\Roaming\Python-Eggs ====== C:\Users\arentsen ====== 2013-12-07 06:41:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\arentsen\Downloads\RSITx64.exe 2013-11-22 18:42:11 -------- d-----w- C:\ProgramData\SaveSenseLive 2013-11-16 17:01:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2013-11-15 14:14:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2013-11-15 14:11:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-12-07 06:41:36 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\arentsen.exe 2013-12-07 06:41:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\arentsen\Downloads\RSITx64.exe 2013-12-05 06:04:44 0C04A51D2892F0501FED4D0EAA43FA36 1751392 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe 2013-12-03 03:12:05 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe 2013-12-03 03:12:05 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe 2013-12-03 03:12:05 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe 2013-12-03 03:11:52 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe 2013-12-03 03:11:52 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe 2013-12-03 03:11:52 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe 2013-12-03 03:11:49 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe === C: other files == 2013-12-07 02:21:33 5CA8C4CF3790A8EE6DBCD1EEB16DBD91 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131207-Rainlendar2Backup.zip 2013-12-06 02:55:06 034F56A436B2995E266C4F3F858D2F77 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131206-Rainlendar2Backup.zip 2013-12-05 01:49:33 7BBFA5ED3497F54EF7E63043E2F595D2 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131205-Rainlendar2Backup.zip 2013-12-03 23:00:00 EB7E683AD51C419D552D4F5F42D74DEB 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131204-Rainlendar2Backup.zip 2013-12-02 23:00:00 77F37AB24936493BA39AECD146377E16 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131203-Rainlendar2Backup.zip 2013-12-02 02:14:42 E7672321DA759BE4439A169771234BA9 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131202-Rainlendar2Backup.zip 2013-11-30 23:00:01 4383AA5F0C67B62B08EF1B874C70F69D 5547 ----a-w- C:\Users\arentsen\.rainlendar2\backups\20131201-Rainlendar2Backup.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2511679531-4247418346-2881348197-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe" "Rainlendar2"="C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\64c60ec9-7315-4db1-ae6c-79a45d5f25fe.exe /check" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe" "Rainlendar2"="C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Verjaardagen"="" "msnmsgr"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "Facebook Update"="\"C:\\Users\\arentsen\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" "12Voip"="\"C:\\Program Files (x86)\\12Voip.com\\12Voip\\12voip.exe\" -nosplash -minimized" "swg"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" "BitTorrent"="\"C:\\Users\\arentsen\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" "SpybotSD TeaTimer"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "IAStorIcon"="C:\\Program Files (x86)\\Intel\\Intel® Rapid Storage Technology\\IAStorIcon.exe" "Aeria Ignite"="\"C:\\Program Files (x86)\\Aeria Games\\Ignite\\aeriaignite.exe\" silent" "APSDaemon"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "DivXMediaServer"="C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe" "DivXUpdate"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" "BackupManagerTray"="\"C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\BackupManagerTray.exe\" -h -k" "OEM Upgrade DVD"="C:\\Program Files (x86)\\Packard Bell\\Upgrade Kit\\DVDMainStart.Launcher.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Iminent"="C:\\Program Files (x86)\\Iminent\\Iminent.exe /warmup \"F77F87E5-A6BD-4922-A530-EDF63D7E9F8C\"" "IminentMessenger"="C:\\Program Files (x86)\\Iminent\\Iminent.Messengers.exe" "NeroFilterCheck"="C:\\Windows\\system32\\NeroCheck.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aeria Ignite] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Aeria Ignite" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Aeria Games\\Ignite\\aeriaignite.exe\" silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\arentsen\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rainlendar2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Rainlendar2" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rainlendar2\\Rainlendar2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\arentsen\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\arentsen\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\arentsen\\Desktop\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^arentsen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "item"="Dropbox" "path"="C:\\Users\\arentsen\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\arentsen\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" ==== Startup Folders ====================== 2011-07-26 09:36:19 2148 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk 2010-09-25 22:16:41 2067 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoWebCamera.exe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [03-12-2013 07:13] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000Core.job --a------ C:\Users\arentsen\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000UA.job --a------ C:\Users\arentsen\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-06-2011 16:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-06-2011 16:07] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [25-03-2013 20:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000Core" [C:\Users\arentsen\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000UA" [C:\Users\arentsen\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\{83E746E2-7602-477F-9F34-C2C74AE003C2}" [C:\Program Files (x86)\Verjaardagen\Verjaardagen.exe] "C:\Windows\SysNative\tasks\{B4A4C17B-3BD8-45DE-88FB-58A157A6CC12}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{F79FC866-DE3C-4088-BFF5-7E7EA2F7749B}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Downloading "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Symantec\Symantec Error Analyzer 17.1.0.19" [C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\Symantec\Symantec Error Processor 17.1.0.19" [C:\Program Files (x86)\Norton Internet Security\Engine\17.1.0.19\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} - Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi ExtDir: C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi deleted C:\Users\arentsen\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files (x86)\OnlineHD.TV\onhd10.crx[] dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] efbkdhmfnmnmfimllbjamfodcoanhmdd - C:\Users\arentsen\AppData\Local\WebToSave.crx[] hnofepcmbghfcimfbjicplikedjcnalm - C:\Users\arentsen\AppData\Local\CouponsMalibu.crx[] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] kcendgajlhoaiiccpijilcpmgphfflnj - C:\Users\arentsen\AppData\Local\newhb.crx[] lladpgmmlijbmhfknhgkenkhikoaapmj - C:\Users\arentsen\AppData\Local\RealSummerSale.crx[] pkhojieggfgllhllcegoffdcnmdeojgb - C:\Program Files (x86)\IminentToolbar\1.8.26.8\iminent.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions efbkdhmfnmnmfimllbjamfodcoanhmdd - C:\Users\arentsen\AppData\Local\WebToSave.crx[] hnofepcmbghfcimfbjicplikedjcnalm - C:\Users\arentsen\AppData\Local\CouponsMalibu.crx[] kcendgajlhoaiiccpijilcpmgphfflnj - C:\Users\arentsen\AppData\Local\newhb.crx[] lladpgmmlijbmhfknhgkenkhikoaapmj - C:\Users\arentsen\AppData\Local\RealSummerSale.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[29-10-2013 21:08] Safe ads - arentsen - Default\Extensions\hcggmljcgggleponbhifaannmoimdnob SaveSense - arentsen - Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk DVDVideoSoft - arentsen - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Google Wallet - arentsen - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{3C0097E0-9032-4E39-B242-92D21BDA7D58}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3C0097E0-9032-4E39-B242-92D21BDA7D58}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_nlNL437" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\arentsen\Desktop\Ad-aware 6.0.lnk - C:\Program Files (x86)\Lavasoft\Ad-aware 6\UNWISE.EXE /W1 "C:\Program Files (x86)\Lavasoft\Ad-aware 6\INSTALL.LOG" C:\Users\arentsen\Desktop\Continue VLC Media Player Installation.lnk - C:\Users\arentsen\AppData\Local\Temp\Shortcut_VLCMediaPlayerSDM.exe -Shortcut C:\Users\arentsen\Desktop\Dropbox.lnk - C:\Users\arentsen\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\arentsen\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\Desktop\Opgeruimd\12Voip.lnk - C:\Program Files (x86)\12Voip.com\12Voip\12Voip.exe C:\Users\arentsen\Desktop\Opgeruimd\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch C:\Users\arentsen\Desktop\Opgeruimd\intranet guler - Snelkoppeling (2).lnk - C:\Users\arentsen\Documents\intranet guler.txt C:\Users\arentsen\Desktop\Opgeruimd\intranet guler - Snelkoppeling.lnk - C:\Users\arentsen\Documents\intranet guler.txt C:\Users\arentsen\Desktop\Opgeruimd\converteren\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\avast Free Antivirus.lnk - C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\arentsen\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\arentsen\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\Uninstall SaveSense.lnk - C:\Program Files (x86)\SaveSense\uninst.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\arentsen\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6 C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\arentsen\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\arentsen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61386F821F8B50E4ABFD24BDCE4BF0E0 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hnofepcmbghfcimfbjicplikedjcnalm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hnofepcmbghfcimfbjicplikedjcnalm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hnofepcmbghfcimfbjicplikedjcnalm deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lladpgmmlijbmhfknhgkenkhikoaapmj deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\61386F821F8B50E4ABFD24BDCE4BF0E0 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D14143D5782BEE842A45208B63A8E465 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\arentsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\arentsen\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\arentsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\arentsen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\arentsen\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\arentsen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log" deleted "C:\Users\arentsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files (x86)\SaveSenseLive" not found "C:\ProgramData\SaveSenseLive" deleted "C:\Program Files (x86)\SaveSenseLive" not found "C:\Users\arentsen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UPPJJVWF\www.cartoonnetwork.com" not found ==== EOF on za 07-12-2013 at 14:01:20,66 ====================== - - - Updated - - - ik zie nu dat mijn startpagina weer normaal is:adore: echt superbedankt voor je hulp. en dan ook echt super bedankt heb me rot gezocht om dit weg te krijgen maar lukte me niet vandaar hulp hier gezocht. super dat jullie er zijn
  2. adriearentsen
    Logfile of random's system information tool 1.09 (written by random/random) Run by arentsen at 2013-12-07 07:41:34 Microsoft Windows 7 Home Premium System drive C: has 49 GB (17%) free of 292 GB Total RAM: 3764 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:41:51, on 7-12-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\arentsen\Downloads\HijackThis (2).exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\arentsen.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\64c60ec9-7315-4db1-ae6c-79a45d5f25fe.exe /check O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload2.macromedia.com/get/shockwave/cabs/director/sw.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe -- End of file - 11338 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\ProgramData\eSafe\eGdpSvc.exe taskeng.exe {CFC100ED-6F63-47CF-93E1-61304226F5AD} "taskhost.exe" "C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe" /c "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "C:\Windows\WindowsMobile\wmdc.exe" "C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe" "C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe" "C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe" "C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe" /s "C:/Users/arentsen/AppData/Local/Akamai/netsession_win.exe" --client "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Users\arentsen\Downloads\HijackThis (2).exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" "C:\Program Files\IB Updater\ExtensionUpdaterService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe" "C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe" WLIDSvcM.exe 2272 C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\igfxext.exe -Embedding C:\Windows\system32\igfxsrvc.exe -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\svchost.exe -k HPService "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f163/qvo6-logje-66598-new/" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4272.0.2059288619\1182010806" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2119 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_81/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="4272.1.1134897291\357068723" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 552 556 564 65536 560 "C:\Users\arentsen\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\DSite.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2511679531-4247418346-2881348197-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job C:\Windows\tasks\SaveSense.job C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-15 1567016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-10-30 336952] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-15 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-15 606544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-15 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-15 1567016] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-15 606544] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-23 323584] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-07 161304] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-07 386584] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-07 413208] "Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-04-23 861216] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"=C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472] "Rainlendar2"=C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2012-07-24 2498048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\arentsen\AppData\Local\Google\Update\GoogleUpdate.exe /c [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2012-07-24 2498048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-03-01 18643560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] C:\Users\arentsen\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\arentsen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\arentsen\Desktop\uTorrent.exe /MINIMIZED [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^arentsen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\arentsen\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-05-25 27776968] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-15 3568312] "20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\64c60ec9-7315-4db1-ae6c-79a45d5f25fe.exe [2013-11-23 180184] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup InterVideo WinCinema Manager.lnk - C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe VideoWebCamera.exe.lnk - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~2\searchprotect\searchprotect\bin\spvc64loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-04-21 269824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.XFR1"=xfcodec64.dll "VIDC.FPS1"=frapsv64.dll "VIDC.LAGS"=lagarith.dll "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-07 07:41:34 ----D---- C:\rsit 2013-12-07 07:41:34 ----D---- C:\Program Files\trend micro 2013-11-26 07:09:20 ----D---- C:\ProgramData\eSafe 2013-11-24 22:57:00 ----D---- C:\Temp 2013-11-22 19:42:11 ----D---- C:\ProgramData\SaveSenseLive 2013-11-22 19:42:11 ----D---- C:\Program Files (x86)\SaveSenseLive 2013-11-22 19:41:58 ----D---- C:\ProgramData\Iminent 2013-11-22 19:41:53 ----D---- C:\Users\arentsen\AppData\Roaming\SaveSense 2013-11-22 19:41:38 ----D---- C:\Program Files (x86)\SaveSense 2013-11-22 19:41:34 ----D---- C:\Program Files (x86)\IminentToolbar 2013-11-22 19:41:28 ----D---- C:\Users\arentsen\AppData\Roaming\iminent 2013-11-22 19:41:20 ----D---- C:\Program Files (x86)\Optimizer Pro 2013-11-22 19:41:11 ----D---- C:\Program Files (x86)\Iminent 2013-11-22 19:40:44 ----D---- C:\Program Files (x86)\SecretSauce 2013-11-22 19:38:04 ----D---- C:\Users\arentsen\AppData\Roaming\Python-Eggs 2013-11-22 19:37:44 ----D---- C:\Users\arentsen\AppData\Roaming\BitLord 2013-11-22 19:37:44 ----A---- C:\Users\arentsen\AppData\Roaming\bitlord_log.txt 2013-11-22 19:32:10 ----D---- C:\Program Files (x86)\MyPC Backup 2013-11-22 19:32:01 ----D---- C:\Program Files (x86)\BitLord 2 2013-11-22 19:31:40 ----D---- C:\ProgramData\BonanzaDealsLive 2013-11-22 19:31:40 ----D---- C:\Program Files (x86)\BonanzaDealsLive 2013-11-22 19:31:26 ----D---- C:\Users\arentsen\AppData\Roaming\Systweak 2013-11-22 19:31:10 ----D---- C:\Program Files (x86)\BonanzaDeals 2013-11-16 18:01:44 ----D---- C:\Users\arentsen\AppData\Roaming\DVDVideoSoftIEHelpers 2013-11-16 18:01:04 ----D---- C:\Users\arentsen\AppData\Roaming\OpenCandy 2013-11-16 18:01:04 ----D---- C:\Program Files (x86)\DVDVideoSoft 2013-11-15 16:45:20 ----D---- C:\Users\arentsen\AppData\Roaming\AVAST Software 2013-11-15 15:11:52 ----D---- C:\ProgramData\Oracle 2013-11-15 15:11:48 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-11-15 15:11:18 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-11-15 15:11:18 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-11-15 15:11:18 ----A---- C:\Windows\SYSWOW64\java.exe ======List of files/folders modified in the last 1 month====== 2013-12-07 07:41:38 ----D---- C:\Windows\Temp 2013-12-07 07:41:34 ----D---- C:\Program Files 2013-12-06 18:20:17 ----D---- C:\Windows\system32\config 2013-12-06 18:05:26 ----A---- C:\Windows\SYSWOW64\log.txt 2013-12-04 14:20:10 ----D---- C:\Users\arentsen\AppData\Roaming\Dropbox 2013-12-04 13:19:34 ----D---- C:\Windows\System32 2013-12-04 13:19:34 ----D---- C:\Windows\inf 2013-12-04 13:19:34 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-04 01:13:57 ----SHD---- C:\System Volume Information 2013-12-03 07:13:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-12-03 04:17:03 ----SHD---- C:\Windows\Installer 2013-12-03 04:12:12 ----D---- C:\Program Files (x86) 2013-11-26 07:18:17 ----HD---- C:\ProgramData 2013-11-26 07:17:39 ----D---- C:\Program Files (x86)\DSP-worx 2013-11-26 07:17:28 ----D---- C:\Windows\SysWOW64 2013-11-26 07:16:14 ----D---- C:\Windows\system32\Tasks 2013-11-26 07:16:11 ----D---- C:\Windows\Tasks 2013-11-26 07:11:08 ----D---- C:\Program Files (x86)\TornTV.com 2013-11-22 19:41:11 ----D---- C:\Program Files (x86)\Common Files 2013-11-22 19:37:01 ----D---- C:\Windows\winsxs 2013-11-22 19:11:27 ----A---- C:\Windows\NeroDigital.ini 2013-11-22 06:28:04 ----D---- C:\Users\arentsen\AppData\Roaming\BitTorrent 2013-11-22 05:10:29 ----A---- C:\Windows\wininit.ini 2013-11-21 23:11:54 ----D---- C:\ProgramData\Spybot - Search & Destroy 2013-11-20 13:44:35 ----D---- C:\Windows\SYSWOW64\Adobe 2013-11-20 13:41:31 ----D---- C:\Windows\SYSWOW64\Macromed 2013-11-19 07:33:33 ----D---- C:\Windows\system32\catroot2 2013-11-16 18:21:48 ----D---- C:\Users\arentsen\AppData\Roaming\vlc 2013-11-16 18:01:23 ----RSD---- C:\Windows\assembly 2013-11-16 18:01:04 ----D---- C:\Users\arentsen\AppData\Roaming\DVDVideoSoft 2013-11-15 15:13:38 ----D---- C:\Windows 2013-11-15 15:13:32 ----A---- C:\Windows\system32\aswBoot.exe 2013-11-15 15:10:57 ----D---- C:\Program Files (x86)\Java 2013-11-15 15:07:56 ----D---- C:\ProgramData\AVAST Software 2013-11-15 15:06:24 ----D---- C:\Program Files (x86)\Adobe 2013-11-14 00:25:19 ----D---- C:\ProgramData\Microsoft Help 2013-11-14 00:19:08 ----D---- C:\Windows\system32\MRT 2013-11-14 00:19:07 ----D---- C:\Windows\debug 2013-11-14 00:19:04 ----A---- C:\Windows\system32\MRT.exe 2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-15 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-15 205320] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696] R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-07-09 645952] R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-07-09 27456] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-08-21 19600] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-15 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-15 1032416] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-15 409832] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-15 38984] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-15 84328] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-21 10326784] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S0 MrFilter;EasyWrite Driver; C:\Windows\system32\drivers\MrFilter.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-12-02 40448] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272] S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264] S3 sf;sf; \??\C:\AeriaGames\SoldierFront\avital\soldierf64.sys [] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672] S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 WINUSB;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 40448] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-15 50344] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-04-23 867360] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] R2 IB Updater;IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [2013-01-29 188760] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SProtection;SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-11-17 2905408] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-11-26 825920] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-09-19 38440] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-23 135664] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 savesenselive;SaveSenseLive Service (savesenselive); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-22 146920] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03 257416] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-23 135664] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352] S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-08-07 4562432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 savesenselivem;SaveSenseLive Service (savesenselivem); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-22 146920] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-25 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  3. adriearentsen
    Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 14:45:09, on 6-12-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\arentsen\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Web search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 92.108.103.207:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\64c60ec9-7315-4db1-ae6c-79a45d5f25fe.exe /check O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\arentsen\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk.disabled O4 - Startup: MyPC Backup.lnk.disabled O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload2.macromedia.com/get/shockwave/cabs/director/sw.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe -- End of file - 13172 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.