Ga naar inhoud

LouiseH

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    82

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door LouiseH

  1. LouiseH
    # AdwCleaner v3.016 - Report created 30/12/2013 at 15:00:41 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Louise - LOUISE-PC # Running from : C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\058YH9VA\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Vuze Folder Deleted : C:\Users\Martijn\Qtrax Folder Deleted : C:\Users\Martijn\AppData\Local\torch Folder Deleted : C:\Users\Martijn\AppData\Local\UtilityChest_49 Folder Deleted : C:\Users\Martijn\AppData\LocalLow\UtilityChest_49 Folder Deleted : C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Folder Deleted : C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch File Deleted : C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk File Deleted : C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk File Deleted : C:\Users\Martijn\Desktop\iLivid.lnk File Deleted : C:\Users\Martijn\Desktop\Play Free Games.lnk File Deleted : C:\Users\Martijn\Desktop\Qtrax Player.lnk ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKCU\Software\53edddfe76eb948 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vuze_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vuze_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\InstallIQ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 ************************* AdwCleaner[R0].txt - [6754 octets] - [30/12/2013 14:59:53] AdwCleaner[s0].txt - [6768 octets] - [30/12/2013 15:00:41] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6828 octets] ##########
  2. LouiseH
    Zoek.exe v5.0.0.0 Updated 28-December-2013 Tool run by Louise on zo 29-12-2013 at 18:16:32,02. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Louise\Documents\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2013-12-28-103209.log 84187 bytes C:\zoek-results2013-12-28-131256.log 60967 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Users\Louise\Documents\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.2.0 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Browsersafeguard not found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard deleted C:\Users\Louise\AppData\Roaming\Allmyapps deleted C:\Users\Martijn\AppData\Roaming\Allmyapps deleted C:\ProgramData\AVG Secure Search deleted C:\Users\Louise\AppData\Local\AVG Secure Search deleted C:\Users\Martijn\AppData\Local\AVG Secure Search deleted C:\Users\Louise\AppData\LocalLow\AVG Secure Search deleted C:\Users\Martijn\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\AllmyappsUpdateTask.job deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\17.2.0\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0\SiteSafety.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0\log4cplusU.dll" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\17.2.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Louise\AppData\Local\Temp ==== 2013-12-29 14:51:18 6AF6582E2578430E521C4445519375C7 4811800 ----a-w- C:\Users\Louise\AppData\Local\Temp\oi_{630BD0B7-87CE-4F27-8068-3779AD9CFBE8}.exe 2013-12-29 09:12:01 F5C0CEF8B88B0A3EFA3D2681C76DC564 299008 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\ssleay32.dll 2013-12-29 09:12:01 4B5D9D024D8BFBEE770DB3D16FCE3E77 470528 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\sqldrivers\qsqlite4.dll 2013-12-29 09:12:00 BC83108B18756547013ED443B8CDB31B 421200 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\msvcp100.dll 2013-12-29 09:12:00 A9FD9DD23C03AED462127ECC3E262590 13112320 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtWebKit4.dll 2013-12-29 09:12:00 A93C6C38EC6FE12117E3D73452C93A16 1199104 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\libeay32.dll 2013-12-29 09:12:00 8F8B55BDFD689BE50F7991196AB680FC 201728 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtSql4.dll 2013-12-29 09:12:00 8A2E025FD3DDD56C8E4F63416E46E2EC 1053696 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtNetwork4.dll 2013-12-29 09:12:00 831BA3A8C9D9916BDF82E07A3E8338CC 8581632 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtGui4.dll 2013-12-29 09:12:00 70F47629EC62BAE2E371C104D4DA2517 55808 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\CrashRpt1301.dll 2013-12-29 09:12:00 6260A8A04E0D214C851AE35994124297 87040 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\qjson.dll 2013-12-29 09:12:00 215F565F4842E20E6BB66E59BDF22C87 1341440 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtScript4.dll 2013-12-29 09:12:00 17579FA06EB59761DAF434AD72EF6136 2598912 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\QtCore4.dll 2013-12-29 09:12:00 0E37FBFA79D349D672456923EC5FBBE3 773968 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\msvcr100.dll 2013-12-29 09:11:59 AA66636860D979C657D980E3992D4745 317304 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\AllmyappsUpdater.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-12-28 11:52:31 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-12-28 11:52:29 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-12-28 11:52:29 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-12-28 11:52:28 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2013-12-28 11:52:27 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2013-12-28 11:52:26 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-12-28 11:52:26 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-12-28 11:52:26 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-12-28 11:52:26 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-12-28 11:52:24 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-12-28 11:52:24 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-12-28 11:52:23 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-12-27 16:40:39 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll 2013-12-27 16:40:35 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf 2013-12-27 16:40:35 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-27 16:40:35 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll 2013-12-27 16:40:35 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec 2013-12-27 16:40:35 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll 2013-12-27 16:40:35 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat 2013-12-27 16:40:35 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-12-27 16:40:35 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll 2013-12-27 16:40:35 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx 2013-12-27 16:40:35 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-12-27 16:40:35 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-12-27 16:40:35 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-12-27 16:40:35 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-12-27 16:40:35 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2013-12-27 16:40:35 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-12-27 16:40:35 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-27 16:40:35 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-12-27 16:40:35 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll 2013-12-27 16:40:35 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-27 16:40:35 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll 2013-12-27 16:40:35 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2013-12-27 16:40:35 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-27 16:40:35 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll 2013-12-27 16:40:35 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-12-27 16:40:35 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll 2013-12-27 16:40:35 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2013-12-27 16:40:35 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2013-12-17 18:49:38 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\SysWOW64\RaCoInst.dat 2013-12-16 17:29:27 E40F9FA28AC367BB5E4E8F8010C7E9BB 361360 ----a-w- C:\Windows\SysWOW64\sysfer.dll 2013-12-16 17:29:27 A1F46B9A608E2FA65D50B4B17821A264 50576 ----a-w- C:\Windows\SysWOW64\snacnp.dll 2013-12-16 17:29:27 8045E0B78899D77897B321452AD4BCF9 136080 ----a-w- C:\Windows\SysWOW64\FwsVpn.dll 2013-12-16 17:29:27 7C1A986C996E588AE12277DA5736D83C 11152 ----a-w- C:\Windows\SysWOW64\sysferThunk.dll 2013-12-16 17:29:27 49147C75C4A74DAF4441DF7CC00A1C9E 420752 ----a-w- C:\Windows\SysWOW64\SymVPN.dll 2013-12-16 17:05:26 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2013-12-16 17:05:25 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-12-28 11:52:31 A3427586C75749B51BF5DEBEDEB4AD5C 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-12-28 11:52:30 FB13F4873F6747AB4E3C37CAFEA8ACAE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2013-12-28 11:52:29 EF098867663B07247587587C29E631DB 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-12-28 11:52:29 4E249022336591E9C6DE374A68C18EF6 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-12-28 11:52:29 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-12-28 11:52:29 2A0B7281854ACBECA25D8FDD06A4D714 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-12-28 11:52:29 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-12-28 11:52:28 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2013-12-28 11:52:28 40B33A42F90DED26DE4F5AAFA00F24CA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2013-12-28 11:52:28 2E2875FFC6C2DC1ACF4F46AFC7819BD5 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-12-28 11:52:28 16B0A65F52531B769B891DC251ECC6C0 23183360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-12-28 11:52:27 95EED00D70485F6F82983EB7C03CC42A 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2013-12-28 11:52:27 7016991D493B9F9FA492E75BD13D031D 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-12-28 11:52:27 14074CF6190B937EB70BE2F93113B5FE 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2013-12-28 11:52:26 FA30E3DC75EA42FE19B819F30FBDED8D 1995264 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-12-28 11:52:26 C8CF11D73017CC588411FCB936891CF4 1395200 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-12-28 11:52:26 9B6678DB9C6A232C5A84D2FDFFF8B0E1 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-12-28 11:52:25 EDF5C6A9F33FBD3D717D1B77A9864C64 12996608 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-12-28 11:52:23 6491B719695D713335B431FCF0EAE28B 5769216 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf 2013-12-27 16:40:35 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll 2013-12-27 16:40:35 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2013-12-27 16:40:35 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2013-12-27 16:40:35 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll 2013-12-27 16:40:35 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx 2013-12-27 16:40:35 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-12-27 16:40:35 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll 2013-12-27 16:40:35 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat 2013-12-27 16:40:35 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-12-27 16:40:35 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll 2013-12-27 16:40:35 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-12-27 16:40:35 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2013-12-27 16:40:35 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe 2013-12-27 16:40:35 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll 2013-12-27 16:40:35 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2013-12-27 16:40:35 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll 2013-12-27 16:40:35 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-12-27 16:40:35 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2013-12-27 16:40:35 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-12-27 16:40:35 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec 2013-12-27 16:40:35 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll 2013-12-27 16:40:35 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll 2013-12-27 16:40:35 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe 2013-12-27 16:40:35 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-12-27 16:40:35 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll 2013-12-27 16:40:35 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2013-12-27 16:40:35 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2013-12-16 20:35:35 0BD3FF158E379DFBC7A91A82B612E345 42774 ----a-w- C:\Windows\Sysnative\.crusader 2013-12-16 19:28:17 9EF10F91F7FE1537521FAB2225D0172C 327008 ----a-w- C:\Windows\Sysnative\RaCoInstx.dll 2013-12-16 19:28:17 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\Sysnative\RaCoInst.dat 2013-12-16 17:29:27 F9AF213DBB261CABBD1DA5F819F0A1F4 459152 ----a-w- C:\Windows\Sysnative\sysfer.dll 2013-12-16 17:29:27 CBECEACE83FD113ADA02EF73FBB40653 576912 ----a-w- C:\Windows\Sysnative\SymVPN.dll 2013-12-16 17:29:27 C6F756585E72F37355E560E8BE35895F 158096 ----a-w- C:\Windows\Sysnative\FwsVpn.dll 2013-12-16 17:29:27 2DEF9EEA77902D1B748A9592BD286A78 12176 ----a-w- C:\Windows\Sysnative\sysferThunk.dll 2013-12-16 17:05:26 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2013-12-16 17:05:24 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll ====== C:\Windows\Sysnative\drivers ===== 2013-12-29 14:51:27 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2013-12-17 18:49:38 5758FD37BF31E759F8610311E4D08ECA 1488448 ----a-w- C:\Windows\Sysnative\drivers\netr28x.sys 2013-12-16 20:37:10 FCE2251FE4464DCAA2F4684F19A8EE9B 32512 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2013-12-16 17:29:51 E16E2431516D904CED3946AD3FF8C86B 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-12-16 17:29:51 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-12-16 17:29:51 7846ED59291A134CC5DD017C6EC7B433 8222 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-12-16 17:29:27 FCCA4DE9BCF2467541AFFCB70A3095D6 155352 ----a-w- C:\Windows\Sysnative\drivers\SysPlant.sys 2013-12-16 17:29:27 522D46E5CDCE86724C857323DF28195C 44448 ----a-w- C:\Windows\Sysnative\drivers\WGX64.SYS 2013-12-14 16:30:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-12-14 16:01:18 03725F3DE428E7F9F2E59B196CAD1BB4 626720 ----a-w- C:\Windows\Sysnative\drivers\RTL8192cu.sys 2013-12-14 15:12:04 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2013-12-14 15:12:04 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2013-12-09 18:31:09 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-12-09 18:30:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-12-09 18:30:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-12-09 18:30:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== 2013-12-16 22:01:26 9EB6D78655EF947FD238B3F6E53802EF 3172 ----a-w- C:\Windows\Sysnative\Tasks\{D08CE2B5-0CB2-4C82-B459-9C0CDC6069D5} 2013-12-14 16:59:11 4F2F3F533BDD223FAC11729E8ABC7B35 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2013-12-14 16:59:10 B9F05A512A2D59548DAC2641BE0D0B02 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-29 14:52:08 -------- d-----w- C:\Program Files\WinZip 2013-12-27 13:07:41 -------- d-----w- C:\Program Files\trend micro 2013-12-25 08:01:58 -------- d-----w- C:\Program Files\Speccy 2013-12-16 20:18:40 -------- d-----w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2013-12-16 20:18:46 -------- d-----w- C:\PROGRA~2\AMD AVT 2013-12-16 20:18:40 -------- d-----w- C:\PROGRA~2\AMD 2013-12-14 17:16:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2013-12-14 17:16:03 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Louise\AppData\Roaming ====== 2013-12-29 17:15:47 -------- d-----w- C:\Users\Louise\AppData\Local\WinZip 2013-12-29 14:52:44 -------- d-----w- C:\Users\Martijn\AppData\Local\WinZip 2013-12-28 18:07:44 -------- d-----w- C:\Users\Martijn\AppData\Roaming\Skype 2013-12-28 18:07:07 -------- d-----w- C:\Users\Martijn\AppData\Local\AMD 2013-12-28 18:06:46 -------- d-----w- C:\Users\Martijn\AppData\Roaming\ATI 2013-12-28 18:06:46 -------- d-----w- C:\Users\Martijn\AppData\Local\ATI 2013-12-28 13:09:39 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Users\Martijn\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Users\Louise\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Users\Fleur\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2013-12-28 13:09:39 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2013-12-17 18:48:31 -------- d-----w- C:\Users\Louise\AppData\Roaming\InstallShield 2013-12-16 21:47:40 -------- d-----w- C:\Users\Fleur\AppData\Local\AMD 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Roaming\ATI 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Local\ATI 2013-12-16 20:19:41 -------- d-----w- C:\Users\Louise\AppData\Local\AMD 2013-12-16 16:57:02 -------- d-----w- C:\Users\Louise\AppData\Roaming\Skype 2013-12-14 15:47:43 1A1EE8D0A8FEDAEA1F72EBFC7482D210 7625 ----a-w- C:\Users\Louise\AppData\Local\resmon.resmoncfg 2013-12-14 12:37:51 -------- d-----w- C:\Users\Louise\AppData\Local\EgisTec 2013-12-14 12:29:00 -------- d-----w- C:\Users\Louise\AppData\Local\ElevatedDiagnostics ====== C:\Users\Louise ====== 2013-12-29 14:52:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2013-12-17 18:49:37 -------- d-----w- C:\ProgramData\Ralink Driver 2013-12-16 21:46:56 CF082D6266C2152CBEBD4FFD343F173B 1240 --sha-r- C:\Users\Fleur\ntuser.pol 2013-12-16 20:23:00 -------- d-----w- C:\ProgramData\HitmanPro 2013-12-16 20:19:23 -------- d-----w- C:\ProgramData\ATI 2013-12-16 20:17:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2013-12-16 20:16:59 -------- d-----w- C:\ProgramData\AMD 2013-12-14 17:16:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-12-14 12:51:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-12-29 15:22:16 46F894121BA43508942E31F0B2841590 420768 ----a-w- C:\Users\Louise\Documents\Louise\Kids\winnzip.exe 2013-12-29 14:51:18 6AF6582E2578430E521C4445519375C7 4811800 ----a-w- C:\Users\Louise\AppData\Local\Temp\oi_{630BD0B7-87CE-4F27-8068-3779AD9CFBE8}.exe 2013-12-29 14:47:39 0B4DFEDA2F37E2D6DB5C1F8100FB3FFC 420768 ----a-w- C:\Users\Louise\Documents\Louise\Kids\WinZip180.exe 2013-12-29 09:11:59 AA66636860D979C657D980E3992D4745 317304 ----a-w- C:\Users\Martijn\AppData\Local\Temp\Allmyapps_2.0.0.22\AllmyappsUpdater.exe 2013-12-28 18:07:17 10CC6840A82998909015A56A4477A9BD 2304092 ------w- C:\Users\Martijn\AppData\Roaming\.technic\temp.exe 2013-12-28 11:52:30 78CCC9D9665DC2A4DDC31CD99ED374FC 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-12-28 11:52:30 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2013-12-28 11:52:29 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-28 11:52:29 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-28 11:52:28 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\System32\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-12-27 16:40:35 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\System32\mshta.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\System32\iexpress.exe 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-12-27 16:40:35 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\System32\wextract.exe 2013-12-27 16:40:35 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-12-27 13:07:41 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Louise.exe 2013-12-24 19:37:52 7C7F58F197392947DA70D56DF3C8CF2F 2476224 ----a-w- C:\Users\Louise\Documents\Louise\Kids\TechnicLauncher (1).exe 2013-12-24 19:37:52 33783404923E3E8E42D3920ED81049D9 215552 ----a-w- C:\Users\Louise\Documents\Louise\Kids\VideoDownloadConvert.exe 2013-12-24 19:37:52 13D8938D2AAE3F5F1C54B2D47C1C650F 9075640 ----a-w- C:\Users\Louise\Documents\PC hulp downloads\Vuze_Installer[1].exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Kids\minecraftsp.exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Kids\minecraftsp (1).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Kids\Minecraft.exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Kids\Minecraft (2).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Kids\Minecraft (1).exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Kids\minecraft_server.1.6.2.exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Kids\minecraft_server.1.6.2 (1).exe 2013-12-24 19:37:50 FDC73AB4FC013B66321A81835B9BD1E7 1307696 ----a-w- C:\Users\Louise\Documents\Louise\Kids\iLividSetup.exe === C: other files == 2013-12-29 15:18:33 8EFCCF3866A2E0831CDDF09DF92438A3 110152 ----a-w- C:\Users\Martijn\AppData\Roaming\.minecraft\mods\TooManyItems2013_10_26_1.7.2.zip 2013-12-29 14:56:32 8EFCCF3866A2E0831CDDF09DF92438A3 110152 ----a-w- C:\Users\Louise\Documents\Louise\Kids\TooManyItems2013_10_26_1.7.2.zip 2013-12-29 14:51:27 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-12-28 18:08:59 270D9775872CC9FA773389812CAB91FE 201404 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\lib\deobfuscation_data_1.5.2.zip 2013-12-28 18:08:50 EA117D7DDC2714FB8BEB5CC11A379972 159141 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\qCraft1.01.zip 2013-12-28 18:08:49 6F2D28DCB5FDF9BA1CA82602F5E16EDB 133403 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\qcraft-v1.0.1.zip 2013-12-28 18:08:49 00103D5AB91510ED9E0D0213B6321A57 110363 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\simplepowerstorage-v1.0.10.zip 2013-12-28 18:08:48 EBE7A187725CBFEB99CDAE579BC4565A 227490 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\openperipheral-v0.1.9.zip 2013-12-28 18:08:48 8CE134D46E189C5401F9C675A7711ADD 1214756 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\calc-mffs-v3.1.0.175.zip 2013-12-28 18:08:46 F553CBCA6B07DA483C63A64E83683069 54146 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\projectbench-v1.7.5.zip 2013-12-28 18:08:46 F159933E507B66220C1F039088697405 1317455 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\ue-atomicscience-v0.6.2.117.zip 2013-12-28 18:08:46 952815740D6DA9C6ABCAA14FE4988552 69259 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\gregslighting-v1.8.4.zip 2013-12-28 18:08:46 0C937FDF6D2890204AF9F57CEF2FDA21 62350 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\[1.5.2]ProjectBench-v1.7.5.zip 2013-12-28 18:08:45 F1BBEA1BEF2F63132C30D7839F7B861A 2078419 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\galacticraft-va0.1.36.410.zip 2013-12-28 18:08:45 E22317CD3D941A850616DAB17BB38EE6 2475 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\anobsidianplate-v1.1.zip 2013-12-28 18:08:45 16476FBFB58A8A93E695862B6F558F15 2501 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\AnObsidianPlate-v1.1.zip 2013-12-28 18:08:44 F89BB25E158860B624D61CCA7329D602 42245 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\tradebooth.0.4.2.zip 2013-12-28 18:08:44 B59D25F292EB39F13837B5B39972C029 36889 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\tradebooth-v0.4.2.zip 2013-12-28 18:08:44 885F56E39CCD667B3BA4C7D726B9E215 119135 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\buildcraft-additionalpipes-v2.3.1.zip 2013-12-28 18:08:43 A88370173E405F0045BF27B73E8B5D1A 86898 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\backpacks-v1.12.13.zip 2013-12-28 18:08:43 64F67376D490884776DC3E0C274014AB 118074 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\z-tekkitmain-configs-v1.1.10.zip 2013-12-28 18:08:43 3CA661EF15E40423F9CA71385B6E4D80 104589 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\backpack-1.12.13-1.5.2.zip 2013-12-28 18:08:43 3A9D98F65BF7BABDE5304A1ED94D0C9A 78221 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\treecapitator-v1.5.2.r14.zip 2013-12-28 18:08:42 8898B19B4D71F5094EDC813A6D3EB8D4 78462 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\mpsaddons-v0.2.3.144.zip 2013-12-28 18:08:42 224D501494E252D62CA02945ADE14F97 185416 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\immibismicroblocks-v55.0.7.zip 2013-12-28 18:08:41 C47BCB9CA7647D6614D7F35B15D82BA5 4021380 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\DimensionalDoors-1.5.2R1.4.1RC1-194.zip 2013-12-28 18:08:41 48B169E96A021435E2A34EFECD635AF8 1658077 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\ue-mps-v0.7.0.534.noapis.zip 2013-12-28 18:08:40 A98E6AF421164E005AEBECFF7191DAE1 1215446 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\appeng-rv13-c-mc15x.zip 2013-12-28 18:08:40 85B02C0532C723916F3CAB133721CEDC 1809349 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\StevesCarts2.0.0.a122.zip 2013-12-28 18:08:40 7A6C84EA5FBE10CB6423E61CCEBF7356 1657555 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\stevescarts-v2.0.0.a122.zip 2013-12-28 18:08:40 227A99C4825FA8EBD2BF62FE383F999B 3910244 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\dimensional-doors-v1.4.1.194.zip 2013-12-28 18:08:38 CE75EE40E98919DD46AF06FD38270302 236031 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\reisminimap-v3.3_06.zip 2013-12-28 18:08:38 495FA9A70AEE293B1949CC331ECDD625 758956 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\thermalexpansion-v2.4.6.0.zip 2013-12-28 18:08:38 41220E3240E088AC9D2EE7D16B377428 1032239 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\applied-energistics-v13.c.zip 2013-12-28 18:08:38 1392997C0165ADA3F21C772B7278E5F1 252452 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\[1.5.2]ReiMinimap_v3.3_06.zip 2013-12-28 18:08:37 6AAC4B071ADAA09353D0F7C655F87DC6 126781 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\powercrystalscore-v1.1.6.107.zip 2013-12-28 18:08:37 031368246C7A8EAC3F0F332849E9811F 141932 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\openccsensors-v1.5.2.0.zip 2013-12-28 18:08:36 BA5D03B1CD903201DF3D81592C50E2C9 354160 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\nei-v1.5.2.28.zip 2013-12-28 18:08:36 B4877C583CE4259A26A5CBA46F174C9C 309928 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\nei-plugins-v1.0.9.3.zip 2013-12-28 18:08:36 54C001BE920DD3F7DC1F4C1BA48B6B6B 1661691 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\mystcraft-uni-1.5.2-0.10.5.00.zip 2013-12-28 18:08:36 53636A5076C429E0514C8FC9C58D7410 44680 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\netherores-v2.1.5.75.zip 2013-12-28 18:08:36 3BF0212C0A54C8822522FDE9DF3B3C9B 78412 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\omnitools-v3.1.6.0.zip 2013-12-28 18:08:35 CF26D4DE564296DB7BE4B74E5061D903 1578593 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\mystcraft-v0.10.5.00.zip 2013-12-28 18:08:34 A0591B385DCD837F2DD897F5F318C611 117212 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\ironchest-universal-1.5.2-5.2.6.412.zip 2013-12-28 18:08:34 4146547688224D5E96EE1A09E785721D 96851 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\ironchests-v5.2.6.412.zip 2013-12-28 18:08:34 0F559D61CA32C3FA8B1EB3CB4EC52EE1 1040536 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\mfr-v2.6.4.975.zip 2013-12-28 18:08:33 A9A8E8BE84CF5BC105ECCED4F60D46C5 97786 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\enderstorage-v1.4.2.12.zip 2013-12-28 18:08:33 5450A9731E43F1C3CE41DAAC5890E0AF 172803 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\inventorytweaks-v1.54b.zip 2013-12-28 18:08:33 366183E7439AFD12811E4FE9A01750B5 675523 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\EE3-pre1h-TechnicFix.zip 2013-12-28 18:08:33 02C973E995D76E54D63A42694E258124 205025 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\immibiscore-v55.1.6.zip 2013-12-28 18:08:32 7D413DBE13C50EC372C433C517A00A1F 625107 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\ee3-vpre1h.technic.zip 2013-12-28 18:08:31 DC5074CD716C52A37B7082F7D4264EF9 264655 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\cofhcore-v1.5.2.5.zip 2013-12-28 18:08:31 D696670C95B8D2538F6CE0F16CB605CD 112077 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\customport-v1.5.2.zip 2013-12-28 18:08:31 A35ADB9659E6848D23F8E9364B9B2398 106986 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\dimanchor-v55.0.3.zip 2013-12-28 18:08:30 BE7B77384B966E66E264DE6868CD25F9 1036312 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\ComputerCraft1.53.zip 2013-12-28 18:08:29 8EAF08DED237F0E8AFBE13C7B2AEB539 894816 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\computercraft-v1.53.zip 2013-12-28 18:08:28 512BEE5BF5E0780511C2CAD11D04CC65 269222 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\codechickencore-v0.8.7.zip 2013-12-28 18:08:27 E368377E63FDA45F04D2E85A515C383C 85841 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\chickenchunks-v1.3.2.12.zip 2013-12-28 18:08:25 EB2020057F788A9FA32C9E1A989255A7 58794 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\mods\[1.5.2]bspkrsCorev2.09.zip 2013-12-28 18:08:25 5BC1D25E061022E130CA138B497640E8 1055079 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\buildcraft-v3.7.1.zip 2013-12-28 18:08:25 4BBE9C0AD6B89D13B492BDD96C6DE5F3 56188 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\bspkrscore-v2.09.zip 2013-12-28 18:08:24 68FF345A59B4EDF3B5423FD48CF09326 220268 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\balkonsweaponmod-v1.12.zip 2013-12-28 18:08:20 2DDFCB9305AD9D3D4A325337FABFCAE5 1948764 ----a-w- C:\Users\Martijn\AppData\Roaming\.technic\tekkitmain\cache\basemods-tekkitmain-v1.1.6.zip 2013-12-28 16:01:18 8DC46DB73CD428BC460B7BFEE9F9CA90 1875341 ----a-w- C:\Users\Louise\Pictures\2013\Louise 40\Foto's verjaardag.zip 2013-12-24 19:37:49 20A1A92497461CCEA986629AAC8F73FF 35078138 ----a-w- C:\Users\Louise\Documents\Louise\Kids\1.6_Flows_HD_128x_beta.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" ==== Startup Folders ====================== 2013-06-08 07:54:59 1304 ----a-w- C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2012-08-29 15:21:39 1055 ----a-w- C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 17:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 15:21] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx[] Docs - Fleur - Default\Extensions\aohghmighlieiainnegkcijnfilokake SiteAdvisor - Fleur - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho SiteAdvisor - Martijn - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJXEKXEW will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3278 folders=567 268450804 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fleur\AppData\Local\Temp emptied successfully C:\Users\Martijn\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Louise\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Louise\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJXEKXEW" not found ==== EOF on zo 29-12-2013 at 18:43:57,12 ======================
  3. LouiseH
    Zoek.exe v5.0.0.0 Updated 23-December-2013 Tool run by Louise on za 28-12-2013 at 13:44:10,90. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Louise\AppData\Local\Temp\wzcfcc\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-12-28-103209.log 84187 bytes ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe C:\Windows\system32\DllHost.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\WinZip\WINZIP32.EXE C:\Users\Louise\AppData\Local\Temp\wzcfcc\zoek.exe C:\Windows\system32\conhost.exe ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ??????????? ?? Windows Live ABN AMRO e.dentifier2 software Acer eRecovery Management Acer Games Acer Updater Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.8) MUI Agatha Christie - Death on the Nile AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In Apple Application Support Apple Mobile Device Support Apple Software Update AVI to DVD Converter Bejeweled 2 Deluxe Bonjour BrowserSafeguard Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CopyTrans Suite Alleen Verwijderen Crazy Chicken Kart 2 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox Evernote v. 4.5.1 FATE Final Drive: Nitro Fooz Kids Fooz Kids Platform Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotogr…fica del Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live High-Definition Video Playback 10 Hotkey Utility iCloud Insaniquarium Deluxe iTunes Java 7 Update 45 Java Auto Updater Jewel Match 3 John Deere Drive Green Junk Mail filter update Malwarebytes Anti-Malware versie 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4.5 Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 More Games from Acer Games MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion MyWinLocker MyWinLocker 4 MyWinLocker Suite Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) Penguins Plants vs. Zombies - Game of the Year Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Bowler Posta Windows Live QuickTime Raccolta foto di Windows Live Ralink RT2860 Wireless LAN Card Realtek Ethernet Controller Driver Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shredder SkypeT 6.9 Slingo Deluxe Speccy Symantec Endpoint Protection Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Torchlight Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition Update Installer for WildTangent Games App Verzoek of wijziging voorlopige aanslag 2012 Verzoek of wijziging voorlopige aanslag 2013 Virtual Villagers 4 - The Tree of Life Vuze Wedding Dash WildTangent Games App (Acer Games) Windows Live ??? Windows Live ???? Windows Live Argazki Galeria Windows Live Communications Platform Windows Live Essentials Windows Live Fotogal‚ria Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinZip 15.0 Xilisoft Audio Converter 6 Zuma Deluxe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Windows\Sysnative\Tasks\BrowserSafeguard Update Task" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3541 MB CPU Info: AMD A6-3620 APU with Radeon HD Graphics CPU Speed: 2194.9 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 6530D | AMD Radeon HD 6530D | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #8 | 802.11n Wireless LAN Card #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 223.0GB | D: 223.7GB | H: 931.5GB Hard Disks - Free: C: 144.5GB | D: 223.6GB | H: 659.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/20/11 | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Aspire X3470 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Symantec Endpoint Protection On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Symantec Endpoint Protection disabled (Outdated) Firewall: Symantec Endpoint Protection disabled Internet Explorer Version: 11.0.9600.16476 Adobe Reader version: 10.1.8.24 Sun Java version: 1.7.0_45 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Louise\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-12-28 11:52:31 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-12-28 11:52:29 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-12-28 11:52:29 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-12-28 11:52:28 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2013-12-28 11:52:27 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2013-12-28 11:52:26 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-12-28 11:52:26 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-12-28 11:52:26 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-12-28 11:52:26 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-12-28 11:52:24 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-12-28 11:52:24 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-12-28 11:52:23 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-12-27 16:40:39 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll 2013-12-27 16:40:35 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf 2013-12-27 16:40:35 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-27 16:40:35 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll 2013-12-27 16:40:35 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec 2013-12-27 16:40:35 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll 2013-12-27 16:40:35 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat 2013-12-27 16:40:35 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-12-27 16:40:35 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll 2013-12-27 16:40:35 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx 2013-12-27 16:40:35 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-12-27 16:40:35 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-12-27 16:40:35 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-12-27 16:40:35 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-12-27 16:40:35 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2013-12-27 16:40:35 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-12-27 16:40:35 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-27 16:40:35 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-12-27 16:40:35 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll 2013-12-27 16:40:35 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-27 16:40:35 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll 2013-12-27 16:40:35 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2013-12-27 16:40:35 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-27 16:40:35 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll 2013-12-27 16:40:35 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-12-27 16:40:35 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll 2013-12-27 16:40:35 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2013-12-27 16:40:35 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2013-12-17 18:49:38 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\SysWOW64\RaCoInst.dat 2013-12-16 17:29:27 E40F9FA28AC367BB5E4E8F8010C7E9BB 361360 ----a-w- C:\Windows\SysWOW64\sysfer.dll 2013-12-16 17:29:27 A1F46B9A608E2FA65D50B4B17821A264 50576 ----a-w- C:\Windows\SysWOW64\snacnp.dll 2013-12-16 17:29:27 8045E0B78899D77897B321452AD4BCF9 136080 ----a-w- C:\Windows\SysWOW64\FwsVpn.dll 2013-12-16 17:29:27 7C1A986C996E588AE12277DA5736D83C 11152 ----a-w- C:\Windows\SysWOW64\sysferThunk.dll 2013-12-16 17:29:27 49147C75C4A74DAF4441DF7CC00A1C9E 420752 ----a-w- C:\Windows\SysWOW64\SymVPN.dll 2013-12-16 17:05:26 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2013-12-16 17:05:25 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll 2013-12-14 16:53:52 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll 2013-12-14 16:53:49 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-12-14 16:52:52 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll 2013-12-14 16:46:23 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll 2013-12-14 15:11:33 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe 2013-12-14 15:11:33 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx 2013-12-14 15:11:32 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll 2013-12-14 15:11:32 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-12-28 11:52:31 A3427586C75749B51BF5DEBEDEB4AD5C 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-12-28 11:52:30 FB13F4873F6747AB4E3C37CAFEA8ACAE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2013-12-28 11:52:29 EF098867663B07247587587C29E631DB 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-12-28 11:52:29 4E249022336591E9C6DE374A68C18EF6 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-12-28 11:52:29 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-12-28 11:52:29 2A0B7281854ACBECA25D8FDD06A4D714 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-12-28 11:52:29 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-12-28 11:52:28 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2013-12-28 11:52:28 40B33A42F90DED26DE4F5AAFA00F24CA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2013-12-28 11:52:28 2E2875FFC6C2DC1ACF4F46AFC7819BD5 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-12-28 11:52:28 16B0A65F52531B769B891DC251ECC6C0 23183360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-12-28 11:52:27 95EED00D70485F6F82983EB7C03CC42A 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2013-12-28 11:52:27 7016991D493B9F9FA492E75BD13D031D 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-12-28 11:52:27 14074CF6190B937EB70BE2F93113B5FE 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2013-12-28 11:52:26 FA30E3DC75EA42FE19B819F30FBDED8D 1995264 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-12-28 11:52:26 C8CF11D73017CC588411FCB936891CF4 1395200 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-12-28 11:52:26 9B6678DB9C6A232C5A84D2FDFFF8B0E1 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-12-28 11:52:25 EDF5C6A9F33FBD3D717D1B77A9864C64 12996608 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-12-28 11:52:23 6491B719695D713335B431FCF0EAE28B 5769216 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf 2013-12-27 16:40:35 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll 2013-12-27 16:40:35 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2013-12-27 16:40:35 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2013-12-27 16:40:35 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll 2013-12-27 16:40:35 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx 2013-12-27 16:40:35 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-12-27 16:40:35 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll 2013-12-27 16:40:35 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat 2013-12-27 16:40:35 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-12-27 16:40:35 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll 2013-12-27 16:40:35 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-12-27 16:40:35 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2013-12-27 16:40:35 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe 2013-12-27 16:40:35 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll 2013-12-27 16:40:35 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2013-12-27 16:40:35 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll 2013-12-27 16:40:35 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-12-27 16:40:35 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2013-12-27 16:40:35 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-12-27 16:40:35 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec 2013-12-27 16:40:35 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll 2013-12-27 16:40:35 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll 2013-12-27 16:40:35 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe 2013-12-27 16:40:35 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-12-27 16:40:35 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll 2013-12-27 16:40:35 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2013-12-27 16:40:35 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2013-12-16 20:35:35 0BD3FF158E379DFBC7A91A82B612E345 42774 ----a-w- C:\Windows\Sysnative\.crusader 2013-12-16 19:28:17 9EF10F91F7FE1537521FAB2225D0172C 327008 ----a-w- C:\Windows\Sysnative\RaCoInstx.dll 2013-12-16 19:28:17 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\Sysnative\RaCoInst.dat 2013-12-16 17:29:27 F9AF213DBB261CABBD1DA5F819F0A1F4 459152 ----a-w- C:\Windows\Sysnative\sysfer.dll 2013-12-16 17:29:27 CBECEACE83FD113ADA02EF73FBB40653 576912 ----a-w- C:\Windows\Sysnative\SymVPN.dll 2013-12-16 17:29:27 C6F756585E72F37355E560E8BE35895F 158096 ----a-w- C:\Windows\Sysnative\FwsVpn.dll 2013-12-16 17:29:27 2DEF9EEA77902D1B748A9592BD286A78 12176 ----a-w- C:\Windows\Sysnative\sysferThunk.dll 2013-12-16 17:05:26 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2013-12-16 17:05:24 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll 2013-12-14 16:53:52 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll 2013-12-14 16:53:49 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-12-14 16:52:52 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll 2013-12-14 16:50:14 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-12-14 16:46:23 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll 2013-12-14 15:11:33 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe 2013-12-14 15:11:33 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll 2013-12-14 15:11:33 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx 2013-12-14 15:11:32 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe ====== C:\Windows\Sysnative\drivers ===== 2013-12-17 18:49:38 5758FD37BF31E759F8610311E4D08ECA 1488448 ----a-w- C:\Windows\Sysnative\drivers\netr28x.sys 2013-12-16 20:37:10 FCE2251FE4464DCAA2F4684F19A8EE9B 32512 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2013-12-16 17:29:51 E16E2431516D904CED3946AD3FF8C86B 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-12-16 17:29:51 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-12-16 17:29:51 7846ED59291A134CC5DD017C6EC7B433 8222 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-12-16 17:29:27 FCCA4DE9BCF2467541AFFCB70A3095D6 155352 ----a-w- C:\Windows\Sysnative\drivers\SysPlant.sys 2013-12-16 17:29:27 522D46E5CDCE86724C857323DF28195C 44448 ----a-w- C:\Windows\Sysnative\drivers\WGX64.SYS 2013-12-14 16:30:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-12-14 16:01:18 03725F3DE428E7F9F2E59B196CAD1BB4 626720 ----a-w- C:\Windows\Sysnative\drivers\RTL8192cu.sys 2013-12-14 15:12:04 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2013-12-14 15:12:04 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2013-12-09 18:31:09 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-12-09 18:30:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-12-09 18:30:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-12-09 18:30:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== 2013-12-16 22:01:26 9EB6D78655EF947FD238B3F6E53802EF 3172 ----a-w- C:\Windows\Sysnative\Tasks\{D08CE2B5-0CB2-4C82-B459-9C0CDC6069D5} 2013-12-14 16:59:11 4F2F3F533BDD223FAC11729E8ABC7B35 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2013-12-14 16:59:10 D546761A3AA8CA77FC4F0532C1F8C9A2 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-27 13:07:41 -------- d-----w- C:\Program Files\trend micro 2013-12-25 08:01:58 -------- d-----w- C:\Program Files\Speccy 2013-12-16 20:18:40 -------- d-----w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2013-12-16 20:18:46 -------- d-----w- C:\PROGRA~2\AMD AVT 2013-12-16 20:18:40 -------- d-----w- C:\PROGRA~2\AMD 2013-12-14 17:16:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2013-12-14 17:16:03 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Louise\AppData\Roaming ====== 2013-12-28 10:23:11 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2013-12-28 10:23:11 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2013-12-28 10:23:11 -------- d-----w- C:\Users\Martijn\AppData\Local\Temp 2013-12-28 10:23:10 -------- d-----w- C:\Users\Louise\AppData\Local\Temp 2013-12-28 10:23:10 -------- d-----w- C:\Users\Fleur\AppData\Local\Temp 2013-12-28 10:23:10 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2013-12-28 10:23:10 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2013-12-17 18:48:31 -------- d-----w- C:\Users\Louise\AppData\Roaming\InstallShield 2013-12-16 21:47:40 -------- d-----w- C:\Users\Fleur\AppData\Local\AMD 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Roaming\ATI 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Local\ATI 2013-12-16 20:19:41 -------- d-----w- C:\Users\Louise\AppData\Local\AMD 2013-12-16 16:57:02 -------- d-----w- C:\Users\Louise\AppData\Roaming\Skype 2013-12-14 15:47:43 1A1EE8D0A8FEDAEA1F72EBFC7482D210 7625 ----a-w- C:\Users\Louise\AppData\Local\resmon.resmoncfg 2013-12-14 12:37:51 -------- d-----w- C:\Users\Louise\AppData\Local\EgisTec 2013-12-14 12:29:00 -------- d-----w- C:\Users\Louise\AppData\Local\ElevatedDiagnostics ====== C:\Users\Louise ====== 2013-12-24 22:06:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard 2013-12-17 18:49:37 -------- d-----w- C:\ProgramData\Ralink Driver 2013-12-16 21:46:56 CF082D6266C2152CBEBD4FFD343F173B 1240 --sha-r- C:\Users\Fleur\ntuser.pol 2013-12-16 20:23:00 -------- d-----w- C:\ProgramData\HitmanPro 2013-12-16 20:19:23 -------- d-----w- C:\ProgramData\ATI 2013-12-16 20:17:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2013-12-16 20:16:59 -------- d-----w- C:\ProgramData\AMD 2013-12-14 17:16:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-12-14 12:51:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-12-28 11:52:30 78CCC9D9665DC2A4DDC31CD99ED374FC 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-12-28 11:52:30 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2013-12-28 11:52:29 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-28 11:52:29 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-28 11:52:28 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\System32\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-12-27 16:40:35 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\System32\mshta.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\System32\iexpress.exe 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-12-27 16:40:35 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\System32\wextract.exe 2013-12-27 16:40:35 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-12-27 13:07:41 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Louise.exe 2013-12-24 19:37:52 7C7F58F197392947DA70D56DF3C8CF2F 2476224 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\TechnicLauncher (1).exe 2013-12-24 19:37:52 33783404923E3E8E42D3920ED81049D9 215552 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\VideoDownloadConvert.exe 2013-12-24 19:37:52 13D8938D2AAE3F5F1C54B2D47C1C650F 9075640 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Pc\Vuze_Installer[1].exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraftsp.exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraftsp (1).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft.exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft (2).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft (1).exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraft_server.1.6.2.exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraft_server.1.6.2 (1).exe 2013-12-24 19:37:50 FDC73AB4FC013B66321A81835B9BD1E7 1307696 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\iLividSetup.exe === C: other files == 2013-12-24 19:37:49 20A1A92497461CCEA986629AAC8F73FF 35078138 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\1.6_Flows_HD_128x_beta.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" ==== Startup Folders ====================== 2013-06-08 07:54:59 1304 ----a-w- C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2012-08-29 15:21:39 1055 ----a-w- C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 17:59] C:\Windows\tasks\AllmyappsUpdateTask.job --a------ C:\Users\Martijn\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [25-10-2013 10:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 15:21] ==== Chrome Look ====================== Docs - Fleur - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Fleur - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Fleur - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Fleur - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Fleur - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Gmail - Fleur - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Drive - Martijn - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Martijn - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Martijn - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Martijn - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Gmail - Martijn - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [browserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJXEKXEW will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3044 folders=487 205335311 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fleur\AppData\Local\Temp emptied successfully C:\Users\Martijn\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Louise\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Louise\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJXEKXEW" not found ==== EOF on za 28-12-2013 at 14:12:56,70 ======================
  4. LouiseH
    Zoek.exe v5.0.0.0 Updated 23-December-2013 Tool run by Louise on za 28-12-2013 at 10:54:29,31. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Louise\AppData\Local\Temp\wz06d3\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\WinZip\WINZIP32.EXE C:\Users\Louise\AppData\Local\Temp\wz06d3\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 28-12-2013 10:56:22 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\Google deleted successfully C:\ProgramData\Datamngr deleted successfully C:\ProgramData\Evernote deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\TorchCrashHandler deleted successfully C:\Users\Fleur\AppData\Roaming\.minecraft deleted successfully C:\Users\Louise\AppData\Roaming\TP deleted successfully C:\Users\Louise\AppData\Local\MigWiz deleted successfully ==== Checking Systemdrive for Symlinks ====================== De volumenaam van station C is Acer Het volumenummer is 8836-CBE9 Map van C:\ 19-07-2012 16:26 <KOPPELING> Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\Program Files\Windows NT 19-07-2012 16:26 <KOPPELING> Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 bestand(en) 0 bytes Map van C:\ProgramData 19-07-2012 16:26 <KOPPELING> Application Data [C:\ProgramData] 19-07-2012 16:26 <KOPPELING> Bureaublad [C:\Users\Public\Desktop] 19-07-2012 16:26 <KOPPELING> Documenten [C:\Users\Public\Documents] 19-07-2012 16:26 <KOPPELING> Favorieten [C:\Users\Public\Favorites] 19-07-2012 16:26 <KOPPELING> Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 19-07-2012 16:26 <KOPPELING> Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Microsoft\Windows\Start Menu 19-07-2012 16:26 <KOPPELING> Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\ProgramData\Symantec\Symantec Endpoint Protection 16-12-2013 18:30 <KOPPELING> CurrentVersion [\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105] 0 bestand(en) 0 bytes Map van C:\Users 19-07-2012 16:26 <SYMLINKD> All Users [C:\ProgramData] 19-07-2012 16:26 <KOPPELING> Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\All Users 19-07-2012 16:26 <KOPPELING> Application Data [C:\ProgramData] 19-07-2012 16:26 <KOPPELING> Bureaublad [C:\Users\Public\Desktop] 19-07-2012 16:26 <KOPPELING> Documenten [C:\Users\Public\Documents] 19-07-2012 16:26 <KOPPELING> Favorieten [C:\Users\Public\Favorites] 19-07-2012 16:26 <KOPPELING> Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 19-07-2012 16:26 <KOPPELING> Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Microsoft\Windows\Start Menu 19-07-2012 16:26 <KOPPELING> Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Symantec\Symantec Endpoint Protection 16-12-2013 18:30 <KOPPELING> CurrentVersion [\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105] 0 bestand(en) 0 bytes Map van C:\Users\Default 19-07-2012 16:26 <KOPPELING> Application Data [C:\Users\Default\AppData\Roaming] 19-07-2012 16:26 <KOPPELING> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 19-07-2012 16:26 <KOPPELING> Local Settings [C:\Users\Default\AppData\Local] 19-07-2012 16:26 <KOPPELING> Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 19-07-2012 16:26 <KOPPELING> Mijn documenten [C:\Users\Default\Documents] 19-07-2012 16:26 <KOPPELING> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 19-07-2012 16:26 <KOPPELING> Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 19-07-2012 16:26 <KOPPELING> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 19-07-2012 16:26 <KOPPELING> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 19-07-2012 16:26 <KOPPELING> Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 19-07-2012 16:26 <KOPPELING> Application Data [C:\Users\Default\AppData\Local] 19-07-2012 16:26 <KOPPELING> Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 19-07-2012 16:26 <KOPPELING> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 19-07-2012 16:26 <KOPPELING> Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 19-07-2012 16:26 <KOPPELING> Mijn afbeeldingen [C:\Users\Default\Pictures] 19-07-2012 16:26 <KOPPELING> Mijn muziek [C:\Users\Default\Music] 19-07-2012 16:26 <KOPPELING> Mijn video's [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Fleur 08-06-2013 08:49 <KOPPELING> Application Data [C:\Users\Fleur\AppData\Roaming] 08-06-2013 08:49 <KOPPELING> Cookies [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Cookies] 08-06-2013 08:49 <KOPPELING> Local Settings [C:\Users\Fleur\AppData\Local] 08-06-2013 08:49 <KOPPELING> Menu Start [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu] 08-06-2013 08:49 <KOPPELING> Mijn documenten [C:\Users\Fleur\Documents] 08-06-2013 08:49 <KOPPELING> NetHood [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 08-06-2013 08:49 <KOPPELING> Netwerkprinteromgeving [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 08-06-2013 08:49 <KOPPELING> Recent [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Recent] 08-06-2013 08:49 <KOPPELING> SendTo [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\SendTo] 08-06-2013 08:49 <KOPPELING> Sjablonen [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Fleur\AppData\Local 08-06-2013 08:49 <KOPPELING> Application Data [C:\Users\Fleur\AppData\Local] 08-06-2013 08:49 <KOPPELING> Geschiedenis [C:\Users\Fleur\AppData\Local\Microsoft\Windows\History] 08-06-2013 08:49 <KOPPELING> Temporary Internet Files [C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu 08-06-2013 08:49 <KOPPELING> Programma's [C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Fleur\Documents 08-06-2013 08:49 <KOPPELING> Mijn afbeeldingen [C:\Users\Fleur\Pictures] 08-06-2013 08:49 <KOPPELING> Mijn muziek [C:\Users\Fleur\Music] 08-06-2013 08:49 <KOPPELING> Mijn video's [C:\Users\Fleur\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Louise 19-07-2012 16:27 <KOPPELING> Application Data [C:\Users\Louise\AppData\Roaming] 19-07-2012 16:27 <KOPPELING> Cookies [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Cookies] 19-07-2012 16:27 <KOPPELING> Local Settings [C:\Users\Louise\AppData\Local] 19-07-2012 16:27 <KOPPELING> Menu Start [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu] 19-07-2012 16:27 <KOPPELING> Mijn documenten [C:\Users\Louise\Documents] 19-07-2012 16:27 <KOPPELING> NetHood [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 19-07-2012 16:27 <KOPPELING> Netwerkprinteromgeving [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 19-07-2012 16:27 <KOPPELING> Recent [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Recent] 19-07-2012 16:27 <KOPPELING> SendTo [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\SendTo] 19-07-2012 16:27 <KOPPELING> Sjablonen [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Louise\AppData\Local 19-07-2012 16:27 <KOPPELING> Application Data [C:\Users\Louise\AppData\Local] 19-07-2012 16:27 <KOPPELING> Geschiedenis [C:\Users\Louise\AppData\Local\Microsoft\Windows\History] 19-07-2012 16:27 <KOPPELING> Temporary Internet Files [C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu 19-07-2012 16:27 <KOPPELING> Programma's [C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Louise\Documents 19-07-2012 16:27 <KOPPELING> Mijn afbeeldingen [C:\Users\Louise\Pictures] 19-07-2012 16:27 <KOPPELING> Mijn muziek [C:\Users\Louise\Music] 19-07-2012 16:27 <KOPPELING> Mijn video's [C:\Users\Louise\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Martijn 22-11-2012 18:20 <KOPPELING> Application Data [C:\Users\Martijn\AppData\Roaming] 22-11-2012 18:20 <KOPPELING> Cookies [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Cookies] 22-11-2012 18:20 <KOPPELING> Local Settings [C:\Users\Martijn\AppData\Local] 22-11-2012 18:20 <KOPPELING> Menu Start [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu] 22-11-2012 18:20 <KOPPELING> Mijn documenten [C:\Users\Martijn\Documents] 22-11-2012 18:20 <KOPPELING> NetHood [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 22-11-2012 18:20 <KOPPELING> Netwerkprinteromgeving [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22-11-2012 18:20 <KOPPELING> Recent [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Recent] 22-11-2012 18:20 <KOPPELING> SendTo [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\SendTo] 22-11-2012 18:20 <KOPPELING> Sjablonen [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Martijn\AppData\Local 22-11-2012 18:20 <KOPPELING> Application Data [C:\Users\Martijn\AppData\Local] 22-11-2012 18:20 <KOPPELING> Geschiedenis [C:\Users\Martijn\AppData\Local\Microsoft\Windows\History] 22-11-2012 18:20 <KOPPELING> Temporary Internet Files [C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu 22-11-2012 18:20 <KOPPELING> Programma's [C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Martijn\Documents 22-11-2012 18:20 <KOPPELING> Mijn afbeeldingen [C:\Users\Martijn\Pictures] 22-11-2012 18:20 <KOPPELING> Mijn muziek [C:\Users\Martijn\Music] 22-11-2012 18:20 <KOPPELING> Mijn video's [C:\Users\Martijn\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 19-07-2012 16:26 <KOPPELING> Mijn afbeeldingen [C:\Users\Public\Pictures] 19-07-2012 16:26 <KOPPELING> Mijn muziek [C:\Users\Public\Music] 19-07-2012 16:26 <KOPPELING> Mijn video's [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile 29-02-2012 18:17 <KOPPELING> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 29-02-2012 18:17 <KOPPELING> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 29-02-2012 18:17 <KOPPELING> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 29-02-2012 18:17 <KOPPELING> My Documents [C:\Windows\system32\config\systemprofile\Documents] 29-02-2012 18:17 <KOPPELING> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 29-02-2012 18:17 <KOPPELING> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 29-02-2012 18:17 <KOPPELING> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 29-02-2012 18:17 <KOPPELING> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 29-02-2012 18:17 <KOPPELING> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 29-02-2012 18:17 <KOPPELING> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile\AppData\Local 29-02-2012 18:17 <KOPPELING> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 29-02-2012 18:17 <KOPPELING> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 29-02-2012 18:17 <KOPPELING> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile\Documents 29-02-2012 18:17 <KOPPELING> My Music [C:\Windows\system32\config\systemprofile\Music] 29-02-2012 18:17 <KOPPELING> My Pictures [C:\Windows\system32\config\systemprofile\Pictures] 29-02-2012 18:17 <KOPPELING> My Videos [C:\Windows\system32\config\systemprofile\Videos] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile 29-02-2012 18:17 <KOPPELING> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 29-02-2012 18:17 <KOPPELING> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 29-02-2012 18:17 <KOPPELING> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 29-02-2012 18:17 <KOPPELING> My Documents [C:\Windows\system32\config\systemprofile\Documents] 29-02-2012 18:17 <KOPPELING> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 29-02-2012 18:17 <KOPPELING> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 29-02-2012 18:17 <KOPPELING> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 29-02-2012 18:17 <KOPPELING> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 29-02-2012 18:17 <KOPPELING> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 29-02-2012 18:17 <KOPPELING> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile\AppData\Local 29-02-2012 18:17 <KOPPELING> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 29-02-2012 18:17 <KOPPELING> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 29-02-2012 18:17 <KOPPELING> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile\Documents 29-02-2012 18:17 <KOPPELING> My Music [C:\Windows\system32\config\systemprofile\Music] 29-02-2012 18:17 <KOPPELING> My Pictures [C:\Windows\system32\config\systemprofile\Pictures] 29-02-2012 18:17 <KOPPELING> My Videos [C:\Windows\system32\config\systemprofile\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 0 bestand(en) 0 bytes 123 map(pen) 155.137.724.416 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Installed Programs ====================== ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ??????????? ?? Windows Live ABN AMRO e.dentifier2 software Acer eRecovery Management Acer Games Acer Updater Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.8) MUI Agatha Christie - Death on the Nile AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In Apple Application Support Apple Mobile Device Support Apple Software Update AVI to DVD Converter Bejeweled 2 Deluxe Bonjour BrowserSafeguard Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CopyTrans Suite Alleen Verwijderen Crazy Chicken Kart 2 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox Evernote v. 4.5.1 FATE Final Drive: Nitro Fooz Kids Fooz Kids Platform Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotogr…fica del Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live High-Definition Video Playback 10 Hotkey Utility iCloud Insaniquarium Deluxe iTunes Java 7 Update 45 Java Auto Updater Jewel Match 3 John Deere Drive Green Junk Mail filter update Malwarebytes Anti-Malware versie 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4.5 Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 More Games from Acer Games MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion MyWinLocker MyWinLocker 4 MyWinLocker Suite Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) Penguins Plants vs. Zombies - Game of the Year Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Bowler Posta Windows Live QuickTime Raccolta foto di Windows Live Ralink RT2860 Wireless LAN Card Realtek Ethernet Controller Driver Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shredder SkypeT 6.9 Slingo Deluxe Speccy Symantec Endpoint Protection Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Torchlight Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition Update Installer for WildTangent Games App Verzoek of wijziging voorlopige aanslag 2012 Verzoek of wijziging voorlopige aanslag 2013 Virtual Villagers 4 - The Tree of Life Vuze Wedding Dash WildTangent Games App (Acer Games) Windows Live ??? Windows Live ???? Windows Live Argazki Galeria Windows Live Communications Platform Windows Live Essentials Windows Live Fotogal‚ria Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinZip 15.0 Xilisoft Audio Converter 6 Zuma Deluxe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Martijn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\Users\Martijn\AppData\Roaming\DSite deleted C:\ProgramData\Ask deleted C:\ProgramData\APN deleted C:\ProgramData\Tarma Installer deleted C:\ProgramData\Package Cache deleted C:\Users\Louise\AppData\Local\Programs deleted C:\Users\Louise\AppData\Local\Software deleted C:\Users\Martijn\AppData\Local\iLivid deleted C:\Users\Martijn\AppData\Local\newhb2.crx deleted C:\Users\Martijn\AppData\Local\IAC deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs deleted C:\Users\Fleur\AppData\LocalLow\Vuze_Remote deleted C:\Users\Fleur\AppData\LocalLow\PriceGong deleted C:\Users\Louise\AppData\LocalLow\mixidj deleted C:\Users\Louise\AppData\LocalLow\PriceGong deleted C:\Users\Martijn\AppData\LocalLow\IAC deleted C:\Users\Martijn\AppData\LocalLow\Vuze_Remote deleted C:\Users\Martijn\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted C:\Users\Martijn\AppData\LocalLow\PriceGong deleted C:\Windows\wininit.ini deleted C:\END deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" deleted "C:\PROGRA~2\Browsersafeguard\BrowserSafeguard.exe" deleted "C:\PROGRA~2\Browsersafeguard\BrowserSafeguard.exe" deleted "C:\Program Files (x86)\Browsersafeguard" deleted "C:\PROGRA~2\Browsersafeguard" deleted "C:\PROGRA~2\Browsersafeguard" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3541 MB CPU Info: AMD A6-3620 APU with Radeon HD Graphics CPU Speed: 2195.6 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 6530D | AMD Radeon HD 6530D | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #8 | 802.11n Wireless LAN Card #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 223.0GB | D: 223.7GB | H: 931.5GB Hard Disks - Free: C: 144.4GB | D: 223.6GB | H: 659.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/20/11 | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Aspire X3470 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Symantec Endpoint Protection On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Symantec Endpoint Protection disabled (Outdated) Firewall: Symantec Endpoint Protection disabled Internet Explorer Version: 11.0.9600.16428 Adobe Reader version: 10.1.8.24 Sun Java version: 1.7.0_45 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Louise\AppData\Local\Temp ==== 2013-12-24 22:06:54 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Louise\AppData\Local\Temp\System.Data.SQLite.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-12-27 16:40:39 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll 2013-12-27 16:40:35 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf 2013-12-27 16:40:35 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-27 16:40:35 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-12-27 16:40:35 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll 2013-12-27 16:40:35 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec 2013-12-27 16:40:35 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll 2013-12-27 16:40:35 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat 2013-12-27 16:40:35 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-12-27 16:40:35 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-12-27 16:40:35 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-12-27 16:40:35 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-12-27 16:40:35 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll 2013-12-27 16:40:35 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll 2013-12-27 16:40:35 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx 2013-12-27 16:40:35 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-12-27 16:40:35 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-12-27 16:40:35 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2013-12-27 16:40:35 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-12-27 16:40:35 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-12-27 16:40:35 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-12-27 16:40:35 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2013-12-27 16:40:35 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-12-27 16:40:35 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-27 16:40:35 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-12-27 16:40:35 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll 2013-12-27 16:40:35 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-27 16:40:35 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll 2013-12-27 16:40:35 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-12-27 16:40:35 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2013-12-27 16:40:35 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2013-12-27 16:40:35 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-12-27 16:40:35 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-27 16:40:35 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll 2013-12-27 16:40:35 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-12-27 16:40:35 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-12-27 16:40:35 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll 2013-12-27 16:40:35 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2013-12-27 16:40:35 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2013-12-17 18:49:38 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\SysWOW64\RaCoInst.dat 2013-12-16 17:29:27 E40F9FA28AC367BB5E4E8F8010C7E9BB 361360 ----a-w- C:\Windows\SysWOW64\sysfer.dll 2013-12-16 17:29:27 A1F46B9A608E2FA65D50B4B17821A264 50576 ----a-w- C:\Windows\SysWOW64\snacnp.dll 2013-12-16 17:29:27 8045E0B78899D77897B321452AD4BCF9 136080 ----a-w- C:\Windows\SysWOW64\FwsVpn.dll 2013-12-16 17:29:27 7C1A986C996E588AE12277DA5736D83C 11152 ----a-w- C:\Windows\SysWOW64\sysferThunk.dll 2013-12-16 17:29:27 49147C75C4A74DAF4441DF7CC00A1C9E 420752 ----a-w- C:\Windows\SysWOW64\SymVPN.dll 2013-12-16 17:05:26 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2013-12-16 17:05:25 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll 2013-12-14 16:53:52 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll 2013-12-14 16:53:49 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-12-14 16:52:52 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll 2013-12-14 16:46:23 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll 2013-12-14 15:11:33 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe 2013-12-14 15:11:33 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx 2013-12-14 15:11:32 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll 2013-12-14 15:11:32 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe 2013-12-14 12:51:53 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2013-12-14 12:51:48 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2013-12-14 12:51:48 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-12-14 12:51:48 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll 2013-12-27 16:40:35 FB9459892AF2AD60BDA98F820C1A28C3 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2013-12-27 16:40:35 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf 2013-12-27 16:40:35 F34C20D099CF94A606A2B5B0C668B570 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2013-12-27 16:40:35 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll 2013-12-27 16:40:35 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2013-12-27 16:40:35 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-12-27 16:40:35 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll 2013-12-27 16:40:35 E6CB36B85BE59095337427E853A5B65A 2332160 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2013-12-27 16:40:35 E36FDC470352C8F351F31959619CADD8 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-12-27 16:40:35 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2013-12-27 16:40:35 D36A88D22B843C3812B501434E5A67A0 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2013-12-27 16:40:35 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll 2013-12-27 16:40:35 D233E1A32CE6AF918C9DE1BC44AFEB2A 23212032 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-12-27 16:40:35 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx 2013-12-27 16:40:35 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-12-27 16:40:35 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll 2013-12-27 16:40:35 C70F72684CDCF9BB142F50F98BB1DD9C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-12-27 16:40:35 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2013-12-27 16:40:35 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat 2013-12-27 16:40:35 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-12-27 16:40:35 B99C7CC6ED6917E3035A12171F40D240 5765120 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-12-27 16:40:35 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll 2013-12-27 16:40:35 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-12-27 16:40:35 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2013-12-27 16:40:35 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll 2013-12-27 16:40:35 95951E6A277F78FA13A85F2F408F4C0B 12995584 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe 2013-12-27 16:40:35 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll 2013-12-27 16:40:35 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2013-12-27 16:40:35 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll 2013-12-27 16:40:35 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-12-27 16:40:35 612DC699EBF0AA1AAA065898D33B553A 1993728 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-12-27 16:40:35 5FAC15F872026BBC31C11D3A32B84624 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-12-27 16:40:35 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2013-12-27 16:40:35 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll 2013-12-27 16:40:35 5A54ED24D5D42102A64904809215E0DC 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe 2013-12-27 16:40:35 45152BA21450811F4619C9C1790E7353 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2013-12-27 16:40:35 43D9CE875F8FC8370C6BA2F74D50D01C 1394176 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-12-27 16:40:35 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2013-12-27 16:40:35 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec 2013-12-27 16:40:35 3168FA85740503BAE77DB821CB3EE4FB 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-12-27 16:40:35 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll 2013-12-27 16:40:35 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll 2013-12-27 16:40:35 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe 2013-12-27 16:40:35 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-12-27 16:40:35 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll 2013-12-27 16:40:35 092F3E7D054FDF779054E29A0A0D4267 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-12-27 16:40:35 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-12-27 16:40:35 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2013-12-27 16:40:35 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2013-12-16 20:35:35 0BD3FF158E379DFBC7A91A82B612E345 42774 ----a-w- C:\Windows\Sysnative\.crusader 2013-12-16 19:28:17 9EF10F91F7FE1537521FAB2225D0172C 327008 ----a-w- C:\Windows\Sysnative\RaCoInstx.dll 2013-12-16 19:28:17 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\Sysnative\RaCoInst.dat 2013-12-16 17:29:27 F9AF213DBB261CABBD1DA5F819F0A1F4 459152 ----a-w- C:\Windows\Sysnative\sysfer.dll 2013-12-16 17:29:27 CBECEACE83FD113ADA02EF73FBB40653 576912 ----a-w- C:\Windows\Sysnative\SymVPN.dll 2013-12-16 17:29:27 C6F756585E72F37355E560E8BE35895F 158096 ----a-w- C:\Windows\Sysnative\FwsVpn.dll 2013-12-16 17:29:27 2DEF9EEA77902D1B748A9592BD286A78 12176 ----a-w- C:\Windows\Sysnative\sysferThunk.dll 2013-12-16 17:05:26 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2013-12-16 17:05:24 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll 2013-12-14 16:53:52 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll 2013-12-14 16:53:49 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-12-14 16:52:52 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll 2013-12-14 16:50:14 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-12-14 16:46:23 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll 2013-12-14 15:11:33 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe 2013-12-14 15:11:33 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll 2013-12-14 15:11:33 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx 2013-12-14 15:11:32 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe 2013-12-14 12:42:30 20567F82422BE0FA2DB0315034F836A9 56720 ----a-w- C:\Windows\Sysnative\snacnp.dll ====== C:\Windows\Sysnative\drivers ===== 2013-12-17 18:49:38 5758FD37BF31E759F8610311E4D08ECA 1488448 ----a-w- C:\Windows\Sysnative\drivers\netr28x.sys 2013-12-16 20:37:10 FCE2251FE4464DCAA2F4684F19A8EE9B 32512 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2013-12-16 17:29:51 E16E2431516D904CED3946AD3FF8C86B 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-12-16 17:29:51 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-12-16 17:29:51 7846ED59291A134CC5DD017C6EC7B433 8222 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-12-16 17:29:27 FCCA4DE9BCF2467541AFFCB70A3095D6 155352 ----a-w- C:\Windows\Sysnative\drivers\SysPlant.sys 2013-12-16 17:29:27 522D46E5CDCE86724C857323DF28195C 44448 ----a-w- C:\Windows\Sysnative\drivers\WGX64.SYS 2013-12-14 16:30:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-12-14 16:01:18 03725F3DE428E7F9F2E59B196CAD1BB4 626720 ----a-w- C:\Windows\Sysnative\drivers\RTL8192cu.sys 2013-12-14 15:12:04 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2013-12-14 15:12:04 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2013-12-09 18:31:09 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-12-09 18:30:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-12-09 18:30:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-12-09 18:30:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== 2013-12-24 22:06:59 7DE6D1E9C5524BF7D1CDF991424CB32D 3862 ----a-w- C:\Windows\Sysnative\Tasks\BrowserSafeguard Update Task 2013-12-16 22:01:26 9EB6D78655EF947FD238B3F6E53802EF 3172 ----a-w- C:\Windows\Sysnative\Tasks\{D08CE2B5-0CB2-4C82-B459-9C0CDC6069D5} 2013-12-14 16:59:11 4F2F3F533BDD223FAC11729E8ABC7B35 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2013-12-14 16:59:10 ABC2BF78B09AFD1BCEA3D22699DDD5CE 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-27 13:07:41 -------- d-----w- C:\Program Files\trend micro 2013-12-25 08:01:58 -------- d-----w- C:\Program Files\Speccy 2013-12-16 20:18:40 -------- d-----w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2013-12-16 20:18:46 -------- d-----w- C:\PROGRA~2\AMD AVT 2013-12-16 20:18:40 -------- d-----w- C:\PROGRA~2\AMD 2013-12-14 17:16:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2013-12-14 17:16:03 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Louise\AppData\Roaming ====== 2013-12-17 18:48:31 -------- d-----w- C:\Users\Louise\AppData\Roaming\InstallShield 2013-12-16 21:47:40 -------- d-----w- C:\Users\Fleur\AppData\Local\AMD 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Roaming\ATI 2013-12-16 21:47:31 -------- d-----w- C:\Users\Fleur\AppData\Local\ATI 2013-12-16 20:19:41 -------- d-----w- C:\Users\Louise\AppData\Local\AMD 2013-12-16 16:57:02 -------- d-----w- C:\Users\Louise\AppData\Roaming\Skype 2013-12-14 15:47:43 1A1EE8D0A8FEDAEA1F72EBFC7482D210 7625 ----a-w- C:\Users\Louise\AppData\Local\resmon.resmoncfg 2013-12-14 12:37:51 -------- d-----w- C:\Users\Louise\AppData\Local\EgisTec 2013-12-14 12:29:00 -------- d-----w- C:\Users\Louise\AppData\Local\ElevatedDiagnostics ====== C:\Users\Louise ====== 2013-12-24 22:06:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard 2013-12-17 18:49:37 -------- d-----w- C:\ProgramData\Ralink Driver 2013-12-16 21:46:56 CF082D6266C2152CBEBD4FFD343F173B 1240 --sha-r- C:\Users\Fleur\ntuser.pol 2013-12-16 20:23:00 -------- d-----w- C:\ProgramData\HitmanPro 2013-12-16 20:19:23 -------- d-----w- C:\ProgramData\ATI 2013-12-16 20:17:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2013-12-16 20:16:59 -------- d-----w- C:\ProgramData\AMD 2013-12-14 17:16:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-12-14 12:51:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2013-12-14 12:34:02 E84B2B9C3DEE691A147161D70CB9D54D 3218352 ----a-w- C:\Users\Louise\Downloads\MCPR.exe ====== C: exe-files == 2013-12-27 16:44:59 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\System32\IEUDINIT.EXE 2013-12-27 16:40:39 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-12-27 16:40:35 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-12-27 16:40:35 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2013-12-27 16:40:35 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-27 16:40:35 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-12-27 16:40:35 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2013-12-27 16:40:35 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-12-27 16:40:35 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-27 16:40:35 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe 2013-12-27 16:40:35 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe 2013-12-27 16:40:35 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\System32\mshta.exe 2013-12-27 16:40:35 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-27 16:40:35 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe 2013-12-27 16:40:35 70D721CC971A9EFFCF7845CEFBB02704 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-12-27 16:40:35 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe 2013-12-27 16:40:35 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-12-27 16:40:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2013-12-27 16:40:35 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\System32\iexpress.exe 2013-12-27 16:40:35 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-12-27 16:40:35 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2013-12-27 16:40:35 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-27 16:40:35 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\System32\wextract.exe 2013-12-27 16:40:35 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-12-27 16:40:35 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-27 13:07:41 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Louise.exe 2013-12-27 13:07:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXPUQHYG\RSITx64.exe 2013-12-25 08:01:08 8141DC2382882BD14BE556D7CA8650C3 4779896 ----a-w- C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CSEGDO9L\spsetup124.exe 2013-12-24 19:37:52 7C7F58F197392947DA70D56DF3C8CF2F 2476224 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\TechnicLauncher (1).exe 2013-12-24 19:37:52 33783404923E3E8E42D3920ED81049D9 215552 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\VideoDownloadConvert.exe 2013-12-24 19:37:52 13D8938D2AAE3F5F1C54B2D47C1C650F 9075640 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Pc\Vuze_Installer[1].exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraftsp.exe 2013-12-24 19:37:51 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraftsp (1).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft.exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft (2).exe 2013-12-24 19:37:51 3389F0C8717E7438BFB0B03498756F27 484992 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\Minecraft (1).exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraft_server.1.6.2.exe 2013-12-24 19:37:51 2BDE345D6D14CDA7E2829193A7B30EC2 6530107 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\minecraft_server.1.6.2 (1).exe 2013-12-24 19:37:50 FDC73AB4FC013B66321A81835B9BD1E7 1307696 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\iLividSetup.exe === C: other files == 2013-12-25 07:48:51 37EB3D1C65580FA8E4C2CC4164273256 1842676 ----a-w- C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\058YH9VA\memtest86-iso.zip 2013-12-24 19:39:44 A6995442FCEDA1A03103C1344C3821A0 8022666 ----a-w- C:\Users\Louise\AppData\Local\Temp\Vuze_5.2.0.0d_win32.zip 2013-12-24 19:37:49 20A1A92497461CCEA986629AAC8F73FF 35078138 ----a-w- C:\Users\Louise\Documents\Louise\Map backup PC\Louise\Kids\1.6_Flows_HD_128x_beta.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcadeMovieService" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" ==== Startup Folders ====================== 2013-06-08 07:54:59 1304 ----a-w- C:\Users\Fleur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2012-08-29 15:21:39 1055 ----a-w- C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 17:59] C:\Windows\tasks\AllmyappsUpdateTask.job --a------ C:\Users\Martijn\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [25-10-2013 10:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\BrowserSafeguard Update Task" [C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\ProgramData 0-6 Months Old ====================== 2013-08-26 18:41:41 -------- d-----w- C:\ProgramData\WindSolutions 2013-08-29 18:35:09 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-12-14 16:30:26 -------- d-----w- C:\ProgramData\Malwarebytes 2013-12-16 17:29:11 -------- d-----w- C:\ProgramData\regid.1992-12.com.symantec 2013-12-16 20:16:59 -------- d-----w- C:\ProgramData\AMD 2013-12-16 20:19:23 -------- d-----w- C:\ProgramData\ATI 2013-12-16 20:23:00 -------- d-----w- C:\ProgramData\HitmanPro 2013-12-17 18:49:37 -------- d-----w- C:\ProgramData\Ralink Driver ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 15:21] ==== Chrome Look ====================== Docs - Fleur - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Fleur - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Fleur - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Fleur - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Fleur - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Gmail - Fleur - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Drive - Martijn - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Martijn - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Martijn - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Martijn - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Gmail - Martijn - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:49165;https=127.0.0.1:49165" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [browserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3043 folders=487 205331324 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fleur\AppData\Local\Temp emptied successfully C:\Users\Martijn\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Louise\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Louise\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 28-12-2013 at 11:32:09,83 ====================== - - - Updated - - - Hoi kweezie wabbit, geen idee wat ik allemaal doe, maar ik hoop dat bijgevoegde log is wat je zoekt. Ik denk overigens dat het probleem van de uitvallende pc verholpen is door dat stekkertje weer vast te maken, want nu draait ie weer uren zonder uit te vallen.
  5. LouiseH
    Logfile of random's system information tool 1.09 (written by random/random) Run by Louise at 2013-12-27 14:07:41 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 150 GB (66%) free of 228 GB Total RAM: 3541 MB (46% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:07:48, on 27-12-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16750) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Louise.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49187;https=127.0.0.1:49187 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - (no file) O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [browserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11922 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx taskeng.exe {C0669829-E970-495E-A864-11D53AF5866A} C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe" /s "Symantec Endpoint Protection" /m "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\sms.dll" /prefetch:1 C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe" /prefetch:1 C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e48ce50b-4a35-4128-b3de-a037fa5517df -SystemEventPortName:HostProcess-db83fb66-5d81-4ece-9d37-512138835915 -IoCancelEventPortName:HostProcess-67f1f2a8-142a-4122-98b4-272e3872e39d -NonStateChangingEventPortName:HostProcess-afd24223-af87-4110-9d1f-a78c47781462 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f25d8874-bb66-4475-95b9-ff46c127a7fa -DeviceGroupId:WpdFsGroup C:\Windows\system32\wbem\unsecapp.exe -Embedding "taskhost.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" "C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe" /u /c /a /s "UserSession" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Internet Explorer\IEXPLORE.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5000 CREDAT:267521 /prefetch:2 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe -Embedding "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5000 CREDAT:1905980 /prefetch:2 taskeng.exe {80AC6DA2-D29C-4A55-8EFF-6E8F51E58251} "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3738499137-2101096346-1165907778-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3738499137-2101096346-1165907778-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532 wmiadap.exe /F /T /R "C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXPUQHYG\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AllmyappsUpdateTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Vulnerability Protection - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-21 387040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BrowserSafeguard"=C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [2013-11-12 574464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20473504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-10-08 766208] C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 "DisableLockWorkstation"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-27 14:07:41 ----D---- C:\rsit 2013-12-27 14:07:41 ----D---- C:\Program Files\trend micro 2013-12-25 09:01:58 ----D---- C:\Program Files\Speccy 2013-12-24 23:06:58 ----D---- C:\Program Files (x86)\Browsersafeguard 2013-12-17 19:49:38 ----A---- C:\Windows\SYSWOW64\RaCoInst.dat 2013-12-17 19:49:38 ----A---- C:\Windows\system32\drivers\netr28x.sys 2013-12-17 19:49:37 ----D---- C:\ProgramData\Ralink Driver 2013-12-17 19:48:31 ----D---- C:\Users\Louise\AppData\Roaming\InstallShield 2013-12-17 19:00:37 ----D---- C:\PatchMyPCUpdates 2013-12-16 21:37:10 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys 2013-12-16 21:23:00 ----D---- C:\ProgramData\HitmanPro 2013-12-16 21:19:23 ----D---- C:\ProgramData\ATI 2013-12-16 21:18:46 ----D---- C:\Program Files (x86)\AMD AVT 2013-12-16 21:18:40 ----D---- C:\Program Files\AMD 2013-12-16 21:18:40 ----D---- C:\Program Files (x86)\AMD 2013-12-16 21:18:31 ----D---- C:\Program Files\Common Files\ATI Technologies 2013-12-16 21:16:59 ----D---- C:\ProgramData\AMD 2013-12-16 21:01:07 ----D---- C:\ProgramData\Package Cache 2013-12-16 20:58:40 ----D---- C:\AMD 2013-12-16 20:53:52 ----D---- C:\Program Files\ATI Technologies 2013-12-16 20:28:17 ----A---- C:\Windows\system32\RaCoInstx.dll 2013-12-16 20:28:17 ----A---- C:\Windows\system32\RaCoInst.dat 2013-12-16 18:29:51 ----D---- C:\Program Files\Common Files\Symantec Shared 2013-12-16 18:29:51 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS 2013-12-16 18:29:27 ----A---- C:\Windows\SYSWOW64\sysferThunk.dll 2013-12-16 18:29:27 ----A---- C:\Windows\SYSWOW64\sysfer.dll 2013-12-16 18:29:27 ----A---- C:\Windows\SYSWOW64\SymVPN.dll 2013-12-16 18:29:27 ----A---- C:\Windows\SYSWOW64\snacnp.dll 2013-12-16 18:29:27 ----A---- C:\Windows\SYSWOW64\FwsVpn.dll 2013-12-16 18:29:27 ----A---- C:\Windows\system32\sysferThunk.dll 2013-12-16 18:29:27 ----A---- C:\Windows\system32\sysfer.dll 2013-12-16 18:29:27 ----A---- C:\Windows\system32\SymVPN.dll 2013-12-16 18:29:27 ----A---- C:\Windows\system32\FwsVpn.dll 2013-12-16 18:29:27 ----A---- C:\Windows\system32\drivers\WGX64.SYS 2013-12-16 18:29:27 ----A---- C:\Windows\system32\drivers\SysPlant.sys 2013-12-16 18:29:11 ----D---- C:\ProgramData\regid.1992-12.com.symantec 2013-12-16 18:29:06 ----D---- C:\Windows\system32\drivers\SEP 2013-12-16 18:05:26 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2013-12-16 18:05:26 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-16 18:05:25 ----A---- C:\Windows\SYSWOW64\wmp.dll 2013-12-16 18:05:24 ----A---- C:\Windows\system32\wmp.dll 2013-12-16 18:03:09 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-12-16 18:03:08 ----A---- C:\Windows\system32\ieui.dll 2013-12-16 18:03:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-12-16 18:03:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-12-16 18:03:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-12-16 18:03:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-12-16 18:03:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-12-16 18:03:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-16 18:03:07 ----A---- C:\Windows\system32\iesysprep.dll 2013-12-16 18:03:07 ----A---- C:\Windows\system32\iesetup.dll 2013-12-16 18:03:07 ----A---- C:\Windows\system32\iernonce.dll 2013-12-16 18:03:07 ----A---- C:\Windows\system32\ie4uinit.exe 2013-12-16 18:03:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-12-16 18:03:06 ----A---- C:\Windows\system32\msfeeds.dll 2013-12-16 18:03:06 ----A---- C:\Windows\system32\iertutil.dll 2013-12-16 18:03:05 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-12-16 18:03:05 ----A---- C:\Windows\system32\jscript.dll 2013-12-16 18:03:04 ----A---- C:\Windows\system32\jscript9.dll 2013-12-16 18:03:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-12-16 18:03:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-12-16 18:03:02 ----A---- C:\Windows\system32\urlmon.dll 2013-12-16 18:03:01 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-12-16 18:03:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-12-16 18:03:01 ----A---- C:\Windows\system32\jsproxy.dll 2013-12-16 18:03:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-12-16 18:03:00 ----A---- C:\Windows\system32\wininet.dll 2013-12-16 18:02:55 ----A---- C:\Windows\system32\ieframe.dll 2013-12-16 18:02:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-12-16 18:02:49 ----A---- C:\Windows\system32\mshtml.dll 2013-12-16 17:57:02 ----D---- C:\Users\Louise\AppData\Roaming\Skype 2013-12-14 18:16:03 ----RD---- C:\Program Files (x86)\Skype 2013-12-14 17:56:41 ----D---- C:\PMPCUpdateRepository 2013-12-14 17:53:52 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2013-12-14 17:53:52 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-14 17:53:49 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-12-14 17:53:49 ----A---- C:\Windows\system32\tzres.dll 2013-12-14 17:52:52 ----A---- C:\Windows\SYSWOW64\msieftp.dll 2013-12-14 17:52:52 ----A---- C:\Windows\system32\msieftp.dll 2013-12-14 17:50:14 ----A---- C:\Windows\system32\win32k.sys 2013-12-14 17:46:23 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2013-12-14 17:46:23 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-14 17:30:32 ----D---- C:\Users\Louise\AppData\Roaming\Malwarebytes 2013-12-14 17:30:26 ----D---- C:\ProgramData\Malwarebytes 2013-12-14 17:30:25 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-12-14 17:30:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-14 17:01:18 ----A---- C:\Windows\system32\drivers\RTL8192cu.sys 2013-12-14 16:12:04 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-14 16:12:04 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-14 16:11:33 ----A---- C:\Windows\SYSWOW64\wscript.exe 2013-12-14 16:11:33 ----A---- C:\Windows\system32\scrrun.dll 2013-12-14 16:11:33 ----A---- C:\Windows\system32\cscript.exe 2013-12-14 16:11:32 ----A---- C:\Windows\SYSWOW64\scrrun.dll 2013-12-14 16:11:32 ----A---- C:\Windows\SYSWOW64\cscript.exe 2013-12-14 16:11:32 ----A---- C:\Windows\system32\wscript.exe 2013-12-14 13:51:53 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-12-14 13:51:48 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-12-14 13:51:48 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-12-14 13:51:48 ----A---- C:\Windows\SYSWOW64\java.exe 2013-12-14 13:42:30 ----A---- C:\Windows\system32\snacnp.dll 2013-12-14 13:41:58 ----D---- C:\Program Files\Symantec 2013-12-14 13:31:43 ----D---- C:\Windows\ccleaner 2013-12-09 21:26:07 ----A---- C:\Windows\SYSWOW64\nshwfp.dll 2013-12-09 21:26:07 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL 2013-12-09 21:26:07 ----A---- C:\Windows\system32\nshwfp.dll 2013-12-09 21:26:07 ----A---- C:\Windows\system32\IKEEXT.DLL 2013-12-09 21:26:07 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2013-12-09 19:31:27 ----A---- C:\Windows\system32\crypt32.dll 2013-12-09 19:31:26 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-12-09 19:31:09 ----A---- C:\Windows\system32\drivers\afd.sys 2013-12-09 19:31:05 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll 2013-12-09 19:31:05 ----A---- C:\Windows\SYSWOW64\authui.dll 2013-12-09 19:31:05 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2013-12-09 19:31:05 ----A---- C:\Windows\system32\credui.dll 2013-12-09 19:31:05 ----A---- C:\Windows\system32\authui.dll 2013-12-09 19:31:04 ----A---- C:\Windows\SYSWOW64\credui.dll 2013-12-09 19:30:41 ----A---- C:\Windows\SYSWOW64\schannel.dll 2013-12-09 19:30:41 ----A---- C:\Windows\system32\schannel.dll 2013-12-09 19:30:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2013-12-09 19:30:41 ----A---- C:\Windows\system32\drivers\cng.sys 2013-12-09 19:30:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2013-12-09 19:30:40 ----A---- C:\Windows\SYSWOW64\secur32.dll 2013-12-09 19:30:40 ----A---- C:\Windows\system32\sspicli.dll 2013-12-09 19:30:40 ----A---- C:\Windows\system32\lsasrv.dll 2013-12-09 19:30:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2013-12-09 19:30:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2013-12-09 19:30:39 ----A---- C:\Windows\system32\sspisrv.dll 2013-12-09 19:30:39 ----A---- C:\Windows\system32\secur32.dll 2013-12-09 19:30:39 ----A---- C:\Windows\system32\ncrypt.dll 2013-12-09 19:30:39 ----A---- C:\Windows\system32\lsass.exe 2013-12-09 19:30:28 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2013-12-09 19:30:28 ----A---- C:\Windows\system32\gdi32.dll ======List of files/folders modified in the last 1 month====== 2013-12-27 14:07:41 ----RD---- C:\Program Files 2013-12-27 14:04:05 ----D---- C:\Users\Louise\AppData\Roaming\Dropbox 2013-12-27 14:03:36 ----D---- C:\Windows\Temp 2013-12-27 14:03:35 ----D---- C:\Windows\system32\config 2013-12-27 14:00:11 ----SHD---- C:\System Volume Information 2013-12-25 13:42:43 ----D---- C:\Windows\Microsoft.NET 2013-12-25 13:42:41 ----RSD---- C:\Windows\assembly 2013-12-25 10:43:25 ----D---- C:\Windows\System32 2013-12-25 10:43:25 ----D---- C:\Windows\inf 2013-12-25 10:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-25 08:42:46 ----D---- C:\Program Files (x86)\Common Files 2013-12-25 08:39:46 ----D---- C:\Windows 2013-12-24 23:20:52 ----D---- C:\Windows\system32\MRT 2013-12-24 23:20:43 ----D---- C:\Windows\debug 2013-12-24 23:20:32 ----A---- C:\Windows\system32\MRT.exe 2013-12-24 23:20:22 ----SHD---- C:\Windows\Installer 2013-12-24 23:16:49 ----D---- C:\Windows\SysWOW64 2013-12-24 23:16:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-12-24 23:06:59 ----D---- C:\Windows\system32\Tasks 2013-12-24 23:06:58 ----RD---- C:\Program Files (x86) 2013-12-24 22:53:59 ----D---- C:\Windows\Prefetch 2013-12-24 22:38:39 ----D---- C:\Users\Louise\AppData\Roaming\Azureus 2013-12-17 19:52:41 ----D---- C:\Program Files (x86)\Google 2013-12-17 19:52:39 ----D---- C:\Windows\Tasks 2013-12-17 19:50:02 ----D---- C:\Windows\system32\catroot 2013-12-17 19:49:56 ----D---- C:\Windows\system32\drivers 2013-12-17 19:49:52 ----D---- C:\Windows\system32\DriverStore 2013-12-17 19:49:37 ----HD---- C:\ProgramData 2013-12-17 19:49:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2013-12-17 19:44:02 ----D---- C:\Windows\system32\catroot2 2013-12-17 19:20:27 ----D---- C:\ProgramData\Microsoft Help 2013-12-17 19:18:17 ----D---- C:\Program Files (x86)\Microsoft Office 2013-12-17 19:13:49 ----D---- C:\Program Files\Common Files\Microsoft Shared 2013-12-17 19:13:48 ----D---- C:\Windows\SoftwareDistribution 2013-12-16 23:18:38 ----D---- C:\Program Files (x86)\Acer 2013-12-16 23:16:16 ----D---- C:\ProgramData\CyberLink 2013-12-16 21:18:40 ----SD---- C:\Users\Louise\AppData\Roaming\Microsoft 2013-12-16 21:18:31 ----D---- C:\Program Files\Common Files 2013-12-16 21:16:33 ----D---- C:\Program Files (x86)\ATI Technologies 2013-12-16 21:04:56 ----D---- C:\Windows\SYSWOW64\en-US 2013-12-16 21:04:56 ----D---- C:\Windows\system32\en-US 2013-12-16 18:47:34 ----D---- C:\Windows\system32\NDF 2013-12-16 18:38:57 ----D---- C:\Windows\Panther 2013-12-16 18:12:47 ----D---- C:\Windows\winsxs 2013-12-16 18:10:45 ----D---- C:\Program Files\Windows Media Player 2013-12-16 18:10:45 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-16 18:10:45 ----D---- C:\Program Files (x86)\Internet Explorer 2013-12-16 18:10:44 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-12-16 18:10:44 ----D---- C:\Windows\system32\nl-NL 2013-12-16 18:10:44 ----D---- C:\Program Files\Internet Explorer 2013-12-14 18:30:52 ----D---- C:\Program Files\CCleaner 2013-12-14 18:16:10 ----D---- C:\ProgramData\Skype 2013-12-14 18:03:26 ----D---- C:\Users\Louise\AppData\Roaming\Adobe 2013-12-14 17:59:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-12-14 17:23:36 ----D---- C:\Windows\Logs 2013-12-14 16:23:28 ----D---- C:\Program Files\Google 2013-12-14 16:20:34 ----D---- C:\Program Files\Acer 2013-12-14 16:17:20 ----D---- C:\ProgramData\Symantec 2013-12-14 15:09:47 ----SD---- C:\ProgramData\Microsoft 2013-12-14 13:51:59 ----D---- C:\ProgramData\Oracle 2013-12-14 13:51:48 ----D---- C:\Program Files (x86)\Java 2013-12-10 17:21:25 ----D---- C:\Windows\Minidump 2013-12-09 21:16:01 ----D---- C:\Windows\SYSWOW64\wbem 2013-12-09 21:16:01 ----D---- C:\Windows\system32\wfp 2013-12-09 21:16:01 ----D---- C:\Windows\system32\wbem 2013-12-09 21:15:59 ----D---- C:\Program Files\Windows Journal 2013-12-09 21:12:48 ----RSD---- C:\Windows\Fonts 2013-12-09 21:12:48 ----RD---- C:\Users 2013-12-09 21:12:48 ----D---- C:\Windows\system32\drivers\etc 2013-12-09 21:12:48 ----D---- C:\Windows\servicing 2013-12-09 21:12:48 ----D---- C:\Windows\ehome 2013-12-09 21:12:48 ----D---- C:\Windows\Cursors 2013-12-09 21:12:48 ----D---- C:\Windows\AppPatch 2013-12-09 21:12:48 ----D---- C:\Windows\addins 2013-12-09 21:12:48 ----D---- C:\Program Files\Windows Sidebar 2013-12-09 21:12:48 ----D---- C:\Program Files\Windows Portable Devices 2013-12-09 21:12:48 ----D---- C:\Program Files\Windows Mail 2013-12-09 21:12:48 ----D---- C:\Program Files\Windows Defender 2013-12-09 21:12:48 ----D---- C:\Program Files\EgisTec IPS 2013-12-09 21:12:48 ----D---- C:\Program Files\DVD Maker 2013-12-09 21:12:48 ----D---- C:\Program Files\Common Files\System 2013-12-09 21:12:48 ----D---- C:\Program Files\Common Files\Services 2013-12-09 21:12:48 ----D---- C:\Program Files\Common Files\McAfeeFPDetect 2013-12-09 21:12:48 ----D---- C:\Program Files (x86)\Windows Sidebar 2013-12-09 21:12:48 ----D---- C:\Program Files (x86)\Windows Portable Devices 2013-12-09 21:12:48 ----D---- C:\Program Files (x86)\Windows Mail 2013-12-09 21:12:47 ----D---- C:\Program Files (x86)\EgisTec MyWinLocker 2013-12-09 21:12:47 ----D---- C:\Program Files (x86)\EgisTec IPS 2013-12-09 21:12:38 ----D---- C:\Windows\SYSWOW64\drivers 2013-12-09 21:12:37 ----RSD---- C:\Windows\Media 2013-12-09 21:12:37 ----D---- C:\Windows\system32\migwiz 2013-12-09 21:12:37 ----D---- C:\Windows\system32\drivers\UMDF 2013-12-09 21:12:37 ----D---- C:\Windows\system32\drivers\nl-NL 2013-12-09 21:12:37 ----D---- C:\Windows\rescache 2013-12-09 21:12:37 ----D---- C:\Windows\nl-NL 2013-12-09 21:12:37 ----D---- C:\Windows\L2Schemas 2013-12-09 21:12:37 ----D---- C:\Windows\IME 2013-12-09 21:12:36 ----D---- C:\Windows\Downloaded Program Files 2013-12-09 21:12:36 ----AD---- C:\Windows\DeployWinRE2 2013-12-09 21:12:27 ----D---- C:\Program Files\Windows Photo Viewer 2013-12-09 21:12:23 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2013-12-09 21:12:23 ----D---- C:\Program Files (x86)\Windows Defender 2013-12-09 21:11:30 ----D---- C:\Windows\SYSWOW64\Wat 2013-12-09 21:11:29 ----D---- C:\Windows\system32\Wat 2013-12-09 21:11:27 ----D---- C:\Windows\system32\spp 2013-12-09 21:11:27 ----D---- C:\Windows\system32\restore 2013-12-09 21:11:26 ----HD---- C:\Windows\system32\GroupPolicy 2013-12-09 21:11:25 ----D---- C:\Windows\system32\CodeIntegrity 2013-12-09 21:11:08 ----D---- C:\Windows\fi 2013-12-09 21:11:08 ----D---- C:\Windows\eu 2013-12-09 21:11:08 ----D---- C:\Windows\es 2013-12-09 21:11:08 ----D---- C:\Windows\en 2013-12-09 21:11:08 ----D---- C:\Windows\el 2013-12-09 21:11:06 ----D---- C:\Windows\diagnostics 2013-12-09 21:11:06 ----D---- C:\Windows\de 2013-12-09 21:11:06 ----D---- C:\Windows\da 2013-12-09 21:11:05 ----D---- C:\Windows\cs 2013-12-09 21:11:05 ----D---- C:\Windows\CheckSur 2013-12-09 21:11:05 ----D---- C:\Windows\ca 2013-12-09 21:11:05 ----D---- C:\Windows\Branding 2013-12-09 21:11:05 ----D---- C:\Windows\Boot 2013-12-09 21:11:05 ----D---- C:\Windows\bg 2013-12-09 21:10:53 ----D---- C:\Windows\ar 2013-12-09 21:10:53 ----D---- C:\Windows\AppCompat 2013-12-09 21:10:42 ----D---- C:\Users\Louise\AppData\Roaming\WindSolutions 2013-12-09 21:10:39 ----D---- C:\Users\Louise\AppData\Roaming\WildTangent 2013-12-09 21:10:39 ----D---- C:\Users\Louise\AppData\Roaming\SmartPCFix 2013-12-09 21:10:33 ----D---- C:\ProgramData\WildTangent 2013-12-09 21:10:33 ----D---- C:\ProgramData\Temp 2013-12-09 21:10:33 ----D---- C:\ProgramData\oem 2013-12-09 21:10:33 ----D---- C:\ProgramData\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2} 2013-12-09 21:10:24 ----D---- C:\ProgramData\Hewlett-Packard 2013-12-09 21:10:24 ----D---- C:\ProgramData\CLSK 2013-12-09 21:10:18 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-12-09 21:10:17 ----D---- C:\Program Files\Windows NT 2013-12-09 21:10:16 ----D---- C:\Program Files\Windows Live 2013-12-09 21:10:16 ----D---- C:\Program Files\Preload 2013-12-09 21:10:16 ----D---- C:\Program Files\Microsoft Silverlight 2013-12-09 21:10:14 ----D---- C:\Program Files\Microsoft Games 2013-12-09 21:10:13 ----D---- C:\Program Files\iTunes 2013-12-09 21:10:12 ----D---- C:\Program Files\iPod 2013-12-09 21:10:09 ----D---- C:\Program Files\Common Files\Apple 2013-12-09 21:10:08 ----D---- C:\Program Files\Bonjour 2013-12-09 21:10:07 ----D---- C:\Program Files\Accessory Store 2013-12-09 21:10:06 ----D---- C:\Program Files (x86)\WinZip 2013-12-09 21:10:05 ----D---- C:\Program Files (x86)\Windows NT 2013-12-09 21:10:04 ----D---- C:\Program Files (x86)\Windows Live 2013-12-09 21:10:00 ----D---- C:\Program Files (x86)\Vuze 2013-12-09 21:09:59 ----D---- C:\Program Files (x86)\QuickTime 2013-12-09 21:09:45 ----D---- C:\Program Files (x86)\MSBuild 2013-12-09 21:09:44 ----D---- C:\Program Files (x86)\Microsoft.NET 2013-12-09 21:09:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-12-09 21:09:38 ----D---- C:\Program Files (x86)\iTunes 2013-12-09 21:09:33 ----D---- C:\Program Files (x86)\EgisTec Shredder 2013-12-09 21:09:33 ----D---- C:\Program Files (x86)\EgisTec MyWinLockerSuite 2013-12-09 21:09:33 ----D---- C:\Program Files (x86)\Cyberlink 2013-12-09 21:09:25 ----D---- C:\Program Files (x86)\Bonjour 2013-12-09 21:09:24 ----D---- C:\Program Files (x86)\Apple Software Update 2013-12-09 21:09:15 ----D---- C:\Program Files (x86)\Acer Games 2013-12-09 21:09:14 ----D---- C:\Program Files (x86)\ABN AMRO e.dentifier2 2013-12-09 21:09:04 ----HD---- C:\OEM 2013-12-09 21:09:01 ----SHD---- C:\$Recycle.Bin 2013-12-09 21:09:01 ----D---- C:\CIMTEMP 2013-12-09 21:06:58 ----D---- C:\Windows\registration 2013-12-09 20:42:14 ----RHD---- C:\MSOCache ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [2013-10-21 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [2013-10-21 1147480] R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [2013-12-03 1526488] R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [2013-10-21 169048] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-12-16 484952] R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20131224.011\IDSvia64.sys [2013-12-13 521944] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-22 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-22 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-22 62776] R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [2013-10-21 797272] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [2013-10-21 36952] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [2013-10-21 224856] R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [2013-10-21 437336] R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2013-12-16 155352] R1 Teefer2;Symantec Endpoint Protection Firewall; C:\Windows\system32\DRIVERS\Teefer.sys [2013-10-21 92456] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512] R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 87168] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-10-08 12534784] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-10-08 619008] R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 188544] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-16 137648] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20131224.025\ENG64.SYS [2013-11-13 126040] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20131224.025\EX64.SYS [2013-11-13 2099288] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-12-16 177752] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672] S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2012-04-20 196440] S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2013-12-16 32512] S3 Linksys_adapter_H;Linksys Adapter Network Driver; C:\Windows\system32\DRIVERS\AE2500w764.sys [2011-03-29 1254464] S3 netr28ux;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RTL8192cu;EDUP Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-03-26 626720] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672] S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [2013-10-21 34800] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-09 65640] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-10-08 239616] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-08 344064] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-10-21 144368] R3 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2013-10-21 2377984] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 257416] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [2013-10-21 334736] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1255736] S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
  6. LouiseH
    Hoi ik heb de pc net opengeschroeft omdat ik hem stofvrij wilde maken. Ik zag niet echt stof, dus dat is het denk ik niet. Ik zag wel de van, daar bungelde een streng met gekleurde draadjes uit met een klein wit stekkertje eraan. Dat stekkertje zat los. Een soort van stekkertje met 4 gaatjes waar pinnetjes in kunnen. Ik heb dat nu vastgemaakt, want ik zag iets waar juist 4 pinnetje uitstaken, zou dat het kunnen zijn ?? Als ik nu Speccy draai zie ik temperaturen van rond 20 bij processor staan, vanmorgen liep dat tegen de 60 ?? Maar toen stond de pc langer aan. - - - Updated - - - http://speccy.piriform.com/results/k7UmhMYNJ5I6Bd2uhcGKeYF - - - Updated - - - http://speccy.piriform.com/results/k7UmhMYNJ5I6Bd2uhcGKeYF
  7. LouiseH
    Hoi ik heb een acer aspire desktop. Nog niet zo heel oud, nog net geen 2 jaar. Nu valt ie steeds zomaar spontaan uit. Als ik dan de pc weer aan wil zetten, lijkt het alsof hij wil opstarten maar na een paar seconden stopt alles weer en doet ie niets. Na langere tijd wachten lukt het wel weer om hem aan te krijgen. Dan kan ik er weer even op werken, maar ook dan valt ie na een tijdje weer uit. Als de pc weer opstart zegt ie dat Windows niet correct is afgesloten (zo'n scherm met veilige modus opstarten enz). Ik zag hier op het forum iets over Speccy. dat heb ik inmiddels gedownload. Maar wat kan ik daar nu uit opmaken ? Datgene wat ik zie, zegt mij niet zoveel. Zag ook iets over memtest86 terug, is dat net zoiets als Speccy ? Memtest86 is een winzip bestand en ik weet niet hoe ik dat dan werkend moet krijgen. Hopelijk kan iemand mij verder op weg helpen. Groetjes Louise
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.