
zicky
Lid-
Items
11 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door zicky
-
Ik denk dat het logje bijgevoegd is. Bedankt allesinds al AdwCleanerS0.txt
-
Hallo, vandaag eindelijk tijd gevonden om dit te doen. Ik kom uit op het volgende (vrij klein logje, maar veronderstel dat dit normaal is) Zoek.exe v5.0.0.0 Updated 08-January-2015 Tool run by Ricky on do 08/01/2015 at 20:37:55,05. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-29-081908.log 22111 bytes C:\zoek-results2015-01-04-191808.log 223700 bytes C:\zoek-results2015-01-04-194640.log 16406 bytes ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\tasks\0 deleted C:\Windows\SysNative\tasks\4695 deleted ==== Reset Google Chrome ====================== Nothing found to reset ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4064 folders=1141 330995839 bytes) ==== EOF on do 08/01/2015 at 20:39:10,38 ====================== groetjes
-
het lijkt al in orde van gisteren?? Kan dit. Ik heb toen de eerste stap gedaan van wat je zei. Groetjes
-
Hallo, ik denk dat het zo is dan: Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Ricky on zo 04/01/2015 at 20:23:08,98. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-29-081908.log 22111 bytes C:\zoek-results2015-01-04-191808.log 223700 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ""=- "ApnTBMon"=- "Registry Helper"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\AskPartnerNetwork not found C:\Program Files (x86)\Registry Helper not found C:\Program Files (x86)\globalUpdate not found C:\Users\Ricky\AppData\Roaming\smileyswelove not found C:\Program Files (x86)\9ea25f8e-1335-47ae-b1cb-4803b88f350b not found C:\ProgramData\Registry Helper not found C:\Program Files (x86)\globalUpdate not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-1.job" not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-2.job" not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-3.job" not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5.job" not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-6.job" not found "C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-7.job" not found "C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job" not found "C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job" not found "C:\Windows\tasks\KHKR.job" not found "C:\Users\Ricky\AppData\Roaming\KHKR.exe" not found "C:\Program Files (x86)\MyDrive Connect\DeviceController.dll" deleted "C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll" deleted "C:\Program Files (x86)\MyDrive Connect\DeviceNavManager.dll" deleted "C:\Program Files (x86)\MyDrive Connect\libeay32.dll" deleted "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" deleted "C:\Program Files (x86)\MyDrive Connect\QtCore4.dll" deleted "C:\Program Files (x86)\MyDrive Connect\QtGui4.dll" deleted "C:\Program Files (x86)\MyDrive Connect\QtNetwork4.dll" deleted "C:\Program Files (x86)\MyDrive Connect\QtXml4.dll" deleted "C:\Program Files (x86)\MyDrive Connect\ssleay32.dll" deleted "C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll" deleted "C:\Program Files (x86)\MyDrive Connect\TomTomSupporterCore.dll" deleted "C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll" deleted "C:\Program Files (x86)\MyDrive Connect\Plugins\DeviceNavEthernetManager.dll" deleted "C:\Program Files (x86)\CinPlus-2.4cV04.01" deleted "C:\Program Files (x86)\MyDrive Connect" deleted "C:\Program Files (x86)\MyDrive Connect\Plugins" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-01-04 14:24:57 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2015-01-04 14:24:57 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2015-01-04 14:24:57 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2015-01-04 14:24:57 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2015-01-04 14:24:57 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\Ricky\AppData\Local\Temp ==== 2015-01-04 19:19:12 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Ricky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpovxz1n.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-12-10 14:02:32 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== 2014-12-25 08:26:35 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Ricky\AppData\Roaming ====== 2015-01-04 19:14:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp 2015-01-04 19:14:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-01-04 19:14:19 -------- d-----w- C:\Users\Ricky\AppData\Local\Temp 2015-01-04 19:14:19 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-01-04 19:14:19 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\Ricky ====== ====== C: exe-files == 2015-01-04 14:24:57 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2015-01-04 14:24:57 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2015-01-04 14:24:57 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2015-01-04 14:24:57 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2015-01-04 14:24:57 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2015-01-04 07:23:04 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Ricky\Documents\vlc\Flash_Player_Setup.exe === C: other files == 2015-01-04 14:25:19 1B31B052555D3B81720ACC88456676C6 5996 ----a-w- C:\Qoobox\BackEnv\SetPath.bat ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart" "USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "hkey"="HKLM" "item"="Adobe ARM" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "hkey"="HKLM" "item"="iTunesHelper" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2014-09-13 18:41:50 1139 ----a-w- C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-07-22 20:23:02 2063 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/01/2015 21:55] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/10/2014 06:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/10/2014 06:33] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4695" [wscript.exe C:\Users\Ricky\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/07/2013 21:24] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/07/2013 21:24] ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Ricky\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx[16/11/2012 22:43] MSS+ Extension - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh Skype Click to Call - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl DVDVideoSoft Browser Extension - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Google Wallet - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4062 folders=1141 330989195 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Ricky\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ricky\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 04/01/2015 at 20:46:40,55 ======================
-
hallo, ik heb windows 7. Sinds ik een programma downloade om van youtube naar mp3 te gaan, begon de miserie. Ik heb nu rsit 64 gedaan. Nu krijg ik dit. Kan iemand me helpen. Ik krijg altijd reclame overal bij. Groetjes Logfile of random's system information tool 1.10 (written by random/random) Run by Ricky at 2015-01-04 16:03:58 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 351 GB (83%) free of 425 GB Total RAM: 8086 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:04:00, on 4/01/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\program files (x86)\cinplus-2.4cv04.01\cinplus-2.4cv04.01-bg.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Ricky.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: e62a1271b6524ab3b4f60ca546d3b4d20065781 - {11111111-1111-1111-1111-110611571181} - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho.dll O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing) O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" O4 - Startup: Dropbox.lnk = Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13982 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-dd3b-ba7cb7d38e59 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\PHotkey\ASLDRSrv.exe" "C:\Program Files (x86)\PHotkey\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "C:\Program Files (x86)\PHotkey\PHotkey.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k bthsvcs "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2015\avgemca.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup taskeng.exe {505A35D9-3495-47B9-97A1-7DF06B4C4C97} "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 ctfmon.exe "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 4860 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" "C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F300 Series#1374524743" -Startup HCSynApi.exe "C:\Program Files (x86)\PHotkey\PVDesktop.exe" "C:\Program Files (x86)\PHotkey\PVDAgent.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\PHotkey\POSD.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7672 CREDAT:267521 /prefetch:2 "C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" "C:\program files (x86)\cinplus-2.4cv04.01\cinplus-2.4cv04.01-bg.exe" /createbg C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe -Embedding taskeng.exe {0D654C1C-BFF0-4557-9666-6CCDDDC7C23D} C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7672 CREDAT:660829 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2385261912-2066926694-2415297712-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2385261912-2066926694-2415297712-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 C:\Windows\system32\igfxsrvc.exe -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXV46ERR\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-1.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-codedownloader.exe# /rawdata=bf97Mc7yPm9PSryoDo4QGgBg1luNTgke2w7A94DuBDdpJ2YYeumkGvCW5bifylVON32wCaMkjcQSxaYXF9BACK1TAznB2g2HBj27SgDCzmV3lbN64YXSBOqIfBemROAgQSb7fBHB+0WCAi4knkrjQJT4vxtold5oQOidjI3jYuWBh3JkKsNaGXGaXqSQVBaLBN5uBeUf8Z+0wfl3FHzU+6LdUQpOBGUB093Znc93fPa6vXyw9mbbL5sSMR3GWjRXI/w2OBZpxAqUSe7UDOEaVuPSfGAguldsbO/CIe7Cx5C4TOfSG9pVKffFQt3G7Y91pUHQ86eMfSI8rNYLz282qFlbyaTINwfSMyAb2Pu8wvMK4UfBY6gJbyU6LBaAHcD/8k51qYn8Ex5febeZw/PwyQHpLSxiQtSVjvf+jaxyVZaUHRFU8d6Sat8B6rMoJNjypE/LOVg3Iy2+ojsE/Ce7gpdayNJWGYTL6EuBFE+dVN1P1RiDhRb5CSuZdNrCU+iore1NBTVZjromxi6naIzR522exwJfN11kqjt7QZOWykCGD/aPGniCv/EwykHNDJL9+uMvbYbWSlNvhJQZOqbhaWVEPtPaEiWSdLzlmx1K1MvyRdwtjuGkjIYiMGoW9/iZWrzg+u74yL+xh6bVjwUvhMa1rJ6r0wSRXT1rGKxEMrMP3elAgAPM+16O5poXmrfGRtgZ009PatrPtb1mKUcIVna7fwjuWPVrvz/SrENadWi93qajY/j1OvIX4BWxFgie7mNtF360T7NBBSv4CY2YtDysvz7dpMBMM156ZZ8RO7SdN8pEXwTv++fXgernGts01jSnx+A8LpZFoMIi6MhkwxOVIbF//YGsWxt+oeQDOf4nUUWJgjppHu+wk/rxokNDkwYQq5hDLWteq2Ig7UykZ3Zk2SV+suy1HuLC3HQDdxfMoq1ApzzKIUadlnFzo7a5hhJ12riv/A2/sXBVlMS+2uePvNjI4GSxEaOXtOnRhvvKCRfHkIg70kd4Ehmjf6HHVgtmusMRpbeQU3WNoMoTOZ0JThMZJ6ankHXj/+7O1AhV9/mMFvHEZTp1dPsUEbbQqE1eQs3gFYx0bNj+D8ByQcdzIw01DO6AedWlg+ZDgClRggGzvbWayUYehYTGyJEBAORCPOv7z4FpZ1Sye0MrVof7nks3YLSWDkbNmTQseCzEZI1v8z2nQDWuO5sqAJYMTnJQj1vIxwBdAdIGNRDmXJwce5RCn/Q8hqdA7W9UT9p6f8qP2e/Nx9WhXd2msx5MiYyt1Fuj9Qfo+AIte0Yp4FtefLWDx7uGGYYQrcJvNO4zAYLauJUfiDeVBSz/cpIEqc14OsXNf3LLqCwPrfmB0J1DtlAFXuGKYWk9KJEv7aS3kSAzV5JUD7/fsuFWkJN410bEoLhFRSxP/UO8zhJX8xz+SLHLo4yBcb4cerPqwf9wAKlMOwQIRYL7uVS85EPR8MNnt9czj6e76Vt07uMaHzKpHgoLwHcSDgXNXXlUTkcexyWtzlQSix81s8Dlytl6# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-2.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-2.exe# /rawdata=Xrj4hUtodUNF57r4hVzJCSnxUrr1MA7KjB5ALtpUs6W5FeOGoaB2t2m2S17se0aMHujfSA+kzszyTu7KjApu04EAusvLjj5wFe3k19T3XViise5dXlF8vV9trh7veXtfzsgARLG0dAELHGO7ZG5/6peVFJBnx5JtUpbIHFc7yA9z/CoNNoNol5R3qBFjvphbMAMyZEuj9lPIDeVGtA6EXN+qYrcHSIU/nsuysJhBXCSJ28QoIARxKex497Zm0uXhojUnKG17jpl8Y1rx+vAD6nyUEJoXUTUqfWlGXjybSUADT9XBDnO5ZkeOEdlVch559zB1OkSRZDvVLR75Gz6ldyJG9zOvtnIhHbZCA3qhe2CuHvQ9dhiELKZdCQ2PCsNCPnDjruUsHWKuSplwXHDWw9nV2SekPtZdvbO9RUxz+ZkESoSEeBewtsskHqg1oLEtK/h8dzzUyqZHvRJiUgxd18lsMUs91v2OBCUx1w/hLWn2nqfXGEZB7Ml+yJqmQAajlWHDUhdcojZXn1Tp8UN2lDIUz/CyjRP+rPjth26BuFUrQYAZsTvuc5QeLBPYh7NV2INA5Pp++Slb3oATOcCq+HErptWm7oZa1WiW9NvLvSBviX/4dhemvHz0bTxQSrzI5uu9yk2N9q7S66laR0bbE4B6hnFOyiz9Hv1Q/OA+luTFrw9Yp2mMs4dCQm9BJrUgDBGBVBNmuGAhKMk7kIQFdlTfO/2Rh1IDNnC5+vjk59povQy7DgOPqNhSWxGaitMqNxS9l7QfnmbIcuHvJ27ZiNtomeOZ1cZ+ogW5sBH92McyHfxeA9+sDgB04PzsR3sNzqx8LJeDlrRuMmbMxCSUJg==# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-3.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-3.exe# /rawdata=aZLEepZDqeAIeK7QgZRnirp9xBwnzeeSXnZKOcYo1vyULsUcaPWCoJvy2Lh9UuAB5UC/GUb7/rMD7/SnXTum5EEcblrtNngTofibISgbXI64oiEuCO4mTGEmDXI8qGlHg/1jSYNuosifPZl2CXjHe5XmudAmzosX8U+xsQnmuGAnjEltHBsHXGBxw4TF/rDchy4Z2Ovd4MIHXxGOr4gczdXSPfN1GvPrjerW4U9FdbmOWYgjAiKU6GR8aoiTTD4Ft0zJBkgYWqm/yU/JOKY/vzVoTDfCEV70WwxqdfcKqSvjT1vfYkabnCR7HsXP2LFMknq1K12w1Bes1fUmKO5kRR7VDnthTcXORMgyce9/ngSzqFoPANGjE3Na/DfyTBAf6bDMMxXOhwYA9jWLZd+8P/hx/E0dwYTtEs8bBG5tuK715By1PKZFzSWNTMQf6x4yYISN543usDHBepONZhibCx9rARUv8ToWqjsTqxkoNLjuDFThYFLQDmLs5Y/pA3qYKwj4ft671Plnav1sfCPJggFxhVDiKiqwKOfSZC6fts9Zss76aJIfygAzCpH8oGfK9jJYlfuSV/tDHtizU79uOCyzzjabQTSEhh1kZZLOV6YZE7R1++srGNHNpvdCiQB949lcN5DCEryUdPt9QWa7LHIVnTMsd5pj7/4m1rDYL6qQKgnXLMTeMt63BhkAZ5h2sTWFp1j3yVnNaS85NYR1P6/VnRZRcGCt9+Qk5QGYBbf88jIkhNd8vh0fc0lzLh+5oGb4sR7Xx1lPc4tT8AZF+51BCgQKh4eugUCYXKejcLQk0LbPrjbGvGsx56RU7RFrbCu9mjBU31b1ynsU2jbXOg7CSqDF3XEs1JuQlxwQjE6XyKxx+jpqDx91OHluz3/H/EEwNFapAhGfdU03u7al06dVOf+2gx7BtHpVRUZc0QfZxewpbC7TFCWfgw8WOrzfcs9E4/iD4T/pA7FBs+s/RXl7O0xwb0Z8aB4rxwi6XFF7ZG+hG/7hwnlfztDtEvw/nXo/YL/LxBT4EYmg/9a1DEci/39MIje0pWwOyNQnOgwmguoWhSf3uFiubiQcfGHuMJLcj10NURGK8aUprP3+bw8N174U9AeJP0eooAPbKvfxo2wlXrNWsvR89hGapY4z/zThf4iudMWuLiSF7VMPL7xNPTv5WzbU6wjA63Cs1YR0oiufpaWQb5VuQJCzchKaVU3zfEd5NtnIvsRJavcUmYvpvbJle9g44H41PZ2mVCuxaoRqNJ5kO1+tH4VcADzLojwBKL0DH08qorz2+/lOv1TrVzLSz885IRHrZOmHyt99FDq2wuSOf9RY8LsPaSsm5JGumEFkAseuj/AWVdHeEGJ8WQOBusCJjZFg4Xup2MYLSHlczRg9np0l3w4hIhVYJlBFx2Uy0kRL38wupliRDRExGE/9K1EN5jDLX5eQ5O9Ch8EQuTs8rglxqQkQWn5hx2DFkq/8+tNsGVw2wcqJVfmRnbS+gV7JdaMXgE95zhAOWAYMUXeHsISLLmry2bT7ilGGiN0rhR/bC9rH9onQH98whzOdk5dd8N5oBQA+8W956UwpMWXlXLhwt2fp1Nuf6g3O5DLcF2xJhFolpt/wb29uE09LlR/0AI/KNKbjYx8hWyVxHO3ITfTPowtuYJOUNNBslgVCi8hF3EHfzwQ8mA3pz5VqvS2zeQ832oKOa0lHCUaSE06nit9jSdv1IwpKK0fHGHwPWOL7XK3r7o3GM/JQMHwfFipcg7UtRo9t74tykrJCrW5wxIC++FG8Q2jeahEUzlscj6RXCks9SDhWUvblkM92R1fHg6TYZdiZlYyBLAP3Vquz9g+pcivassH9m/8fi1aCKfv4hAZ/jl/PW5cSLvMcXjZdVqup9oU9hxJgEs6pNxFNuzlyNsMQrD11Sjd+Xp7a9qoiO+v7/XoaJAkxWrGReVc0o5hRfCtyI/m3DO6wIuvzfQPPSOr/3soaxGgebOiBAdcYe+v595easdoqa49ugPwvf0cR7HEjchhC/o9wBq9ceZjm2ltFgPiP# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-5.exe# /rawdata=cTVdxtz6mBofEF2/ns5JLb4JzjvHHgOWhzP6pf2U0GvPlikwEOk7WXhSv0UfmMSuN+kKjGR3+3vNxuxZYcSScvJax70XJtpzMoj27eXEvnuRfOGcShaQ7z8qFpALZvXAue5oLxTp20CYpFIVfJuVperqTv7/6xBHa1Wm1l9VRCSTETVue0NgDqo0IIc5zUEOlMKaNC0c4kGAWTucn5FwH+KFMCmk8nP3h5D4VL6fc/FGKRzYO7kaIGsDHIcy8MYSZh2Rk8R8K7Gn2zseCn3QGFFrhJReq9XeF7XX9SJ2whdUH2UReVP4POS5X8ISDzH2keNQY2qkEXe8uLfi/7az5XtZl7zrUHNabsC0+DUN6oNe/hggrWT/0tyK8/guxuAJbddFnQvvqDYr3xY9+EPDus4SE0L0Ejbi2sNQUg3m1g09bHWf0OHKRT48k+nos8kgg4BNxZyf4u7Ta2ehwJl6ghjSdEHSu3+cWygCwPDbcg8XDcanHKjLBFk3NwQ6Nawrj7QeH6dserEM3l+NZnE/2NyRTVpD4w5lvKKVJK6KyvhE5Ic1MorzPTEM/97v813h3ehlT7kmUGUzddyZqNV0NOo2InneLwx9NwRKKmlNoq8XJyqVCkXSRc4DY7TV3iavZc7aLWxWfPTgDiGgPZAkQQqOsKW1uu0rJKbQy8PvyAFUMSTPAicpEKMTsh0ZAfsV9GJNTcJA2GLJCq7++QMRIYbbpR2URhtQRfwou1UEPeUjn3XeBAFez9smoR2zw3NJDPB1BpVPLDaePx7EZpkxok4ztOK/OjJ469KZn/udWLHjz46rvMS59GAA7tKxhIGDLrhA7z7NdGHrJp5tCZOlS183V1LE1PEIXWmfjdSm/ETq9fxAN61mInrJ203Mg+PI+qLpyOVADNdbr179hn5npIaoPivcFBQfTZSpV8ZeuUqv9dyfvzVI1Bukl7gQUWn6vcsyvVx0gkBMp2xuT9zcX3iOdoRoB8OWqMngIY6Q21cbkb70Oo5dVhHGR1eThuWC# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5_user.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-5.exe# /rawdata=cTVdxtz6mBofEF2/ns5JLb4JzjvHHgOWhzP6pf2U0GvPlikwEOk7WXhSv0UfmMSuN+kKjGR3+3vNxuxZYcSScvJax70XJtpzMoj27eXEvnuRfOGcShaQ7z8qFpALZvXAue5oLxTp20CYpFIVfJuVperqTv7/6xBHa1Wm1l9VRCSTETVue0NgDqo0IIc5zUEOlMKaNC0c4kGAWTucn5FwH+KFMCmk8nP3h5D4VL6fc/FGKRzYO7kaIGsDHIcy8MYSZh2Rk8R8K7Gn2zseCn3QGFFrhJReq9XeF7XX9SJ2whdUH2UReVP4POS5X8ISDzH2keNQY2qkEXe8uLfi/7az5XtZl7zrUHNabsC0+DUN6oNe/hggrWT/0tyK8/guxuAJbddFnQvvqDYr3xY9+EPDus4SE0L0Ejbi2sNQUg3m1g09bHWf0OHKRT48k+nos8kgg4BNxZyf4u7Ta2ehwJl6ghjSdEHSu3+cWygCwPDbcg8XDcanHKjLBFk3NwQ6Nawrj7QeH6dserEM3l+NZnE/2NyRTVpD4w5lvKKVJK6KyvhE5Ic1MorzPTEM/97v813h3ehlT7kmUGUzddyZqNV0NOo2InneLwx9NwRKKmlNoq8XJyqVCkXSRc4DY7TV3iavZc7aLWxWfPTgDiGgPZAkQQqOsKW1uu0rJKbQy8PvyAFUMSTPAicpEKMTsh0ZAfsV9GJNTcJA2GLJCq7++QMRIYbbpR2URhtQRfwou1UEPeUjn3XeBAFez9smoR2zw3NJDPB1BpVPLDaePx7EZpkxok4ztOK/OjJ469KZn/udWLHjz46rvMS59GAA7tKxhIGDLrhA7z7NdGHrJp5tCZOlSzdtJXZ5a8Tm0yikeM5SpW+7HavwLuagYK57rBlir2EonrHNJd1Zb+RBK6cTofNBEoGZ9tPwJcxRrU9pKlkJ5nSXK7NnhiQOByrseFDSIx4e33xm+K/y4urzsxwSkAZ5FV6OAzqeRnVd35uPci2PRAe4uE4zppQkWlUkus9oa0QT# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-6.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-6.exe# /rawdata=MraXtmNZJ87RB1KZWEPBKR6xBESXmUKattL2/RQwFQatKkzb20K1j2FWXRnk1zJws+ZGYBJXHj8oaJ6zd5z+hMK1o6T1jP9B4eOuX5aljnnWTX9ckHgrSF2eztIjoApKJeMITnTbJ37jD5pbQGs53Adi0Q/Exshks/V/DBktNjlQyXFSIJppUa9qYIFpMs1xNi8eue4MeUlbjuONIuSeLkmUXRbd1VnEBXkvEPYKZPQIZofmZV/rGSU/FJiFeu0wtvPLnoTcup/WFfYifuzKd3CEWIIwQ12Q+UbHHzmMeHiyXCmhWJ48yxgVR0z7Wr/qR+OPrvVmtmfszoNnJmemwD+f38bs5YovnGY4W6kcT3jYG/izcLZfojizn138Jw8caENs07Vn0/GUCXGrzedY27RDuTA7ZW29lza2RjGV6o0OwtrS3V+1C0a8Nr1H6a0wMuLlUYJvWLfv02pSPmWALKUR/sPgHupe6EOL51OQA5uuZA/AuosY9JRhbWqM6/2bEl15Nu+OuUrGY16tNBLh2KMEexuSla6xatmJZAyKjLTgWCKmSaP0WcUgABLuFOvzwPUUxAVvEW7soKPx6top7T9JHZvzUhsu/UbhJ660LLy1/7EoJ6coD5hq1rgF9mAumvtBRjhxra/gblTfM2mQ3698pOzoAtMFY3WaVD9BSb2Re1CtTWMLj1/IOjq1pxmv/cx6vpjY/HjNJ+00CYKiy/mKKTViiwndFIbb3Nj8YCrJlsoWxg8612m7L+4HHZLlytEq75rKDA3GUn4CEaiUlgMUwDV7S7viu2w/9UPFxVuWfPVq9hLFWIgcS1yi8mkhlA0ZNB2pBgIya5Mc3M47p0189n4qkJ2glTo0b0TozucdEqnhzO7Ckjf2hxBy+A+36ZyqibbMwrQq5nDMNi4mkq068pWMUGTpLq2sPOFafd42FYqL1mZlYyT6jm0ttYvXF10u/T+b+oDzygNSnMST0N7lQWw/VPcTMYhZ1KZV0iJc7V5ZHQ78guR6YWwb38VsQstG8akKExEDRK3iYQ+zu2YSZkbVKfURVFlKrUuwIj7ihLVG5s6vqoJ+9IeKsVDeOpWEaSdz9dPFWDmQOBd7XdXM3cavEvAEJUIJwp4n2g2FUZDI6qvPtbW8bjlnkCuYs/7NLT+0Qj+MSasPSVQamGjPTVLSdQsjcIgxO3siQkkoeZOObFdr1RbpkYnbQL84B8AGkOJWR+IWnaqOKmxmNdGWhQ1CYkefOZeohKyKQ8bJ6wnaHakyfV+yPUz9UInZQzOBkw8pnveDTae4dXhb09jyRD06SCjD6fQqkd3eDSWRxn/RFKgHrDp/0XTllEhhbfw9U7jkQ/r/59C/pvG81lNtb1sToB95exw0jQ6MV98LaoXRipa3OyN5FgoD4TioA3peGCbaNjiBfendahDXdl1E7MM/kEwg+xnQpCjMqoJZFCpSnpUc1u+S0OuYEev1JA3qMGpDpzxmTqYbCtp/F4yaPjTNAgODsu+LFn96PsAowoKDGeQcM4wm+36R190tcXkf2Zqw5ah6sXU4boJW9Ys39Ss/UNpuxuW6jFv9qIzIWKV9Zu4ik8T6ei3o9p95Ylg/ME0VfyqrOwDjqH9o9w6QHjQJOV1XK5F0OhEEgbB3Rw3ghmnGiH8ttLNlXuMFUtc7CxJ1Z9nXwZEKTehBJJ5jy2mHlHxXf/EpPSFf+zJVj/w/yoQKTuZ+6cyf91v1y41GLeNjWieeytKezPGEQCkBOFlz9aL5Q9H08kK/iEZTI2TAXSO8DJ7NSddEvzvoaWDODyds8p0Wmtuc1Oy9FDoSBezQqOtDeCwLwZc1yCM+N4LT2aMhGYLSea0BpZ8X74vNUB829jhLLTXvhsT+QBOVIbF//YGsWxt+oeQDOf4nUUWJgjppHu+wk/rxokNDkwYQq5hDLWteq2Ig7UykZ3Zk2SV+suy1HuLC3HQDdxfMoq1ApzzKIUadlnFzo7a5hhJ12riv/A2/sXBVlMS+2uePvNjI4GSxEaOXtOnRhvvKCRfHkIg70kd4Ehmjf6HHVgtmusMRpbeQU3WNoMoTOZ0JThMZJ6ankHXj/+7O1AhV9/mMFvHEZTp1dPsUEbbQqE1eQs3gFYx0bNj+D8ByQcdzIw01DO6AedWlg+ZDgClRggGzvbWayUYehYTGyJEBAORCPOv7z4FpZ1Sye0MrVof7nks3YLSWDkbNmTQseCwR4th0c7VlWBEcO7XeYQUSxSzg2PoCn5jWAIAkzVXJolzrCJ3rtmgh8nKsrAkSEG70TEVnumo5pYzLdWzJiLFXHoL3Vu+TSgS3jTvlScXdRYAsJ9/alkh52gYqE/2axNBMEYsBQOtgWnwD4f0PuELai2a0kBNHOeuRxrRHf+2gGDkyzeNG/1khWGlyKJa0UMQt+skQ6P1nhgoeVgwXnxqq/NxbrFes4lBrACasqKievl4jJM9AoQjNBmjBjJleNaZybfQnV3A/+jevOrKsLR26/PfPXu5wujwVx9XWw9LAGv8VTOLse/HXJcaksA3QgZ5rS1o1FfxzaZswYUFPSH6F# C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-7.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-7.exe# /rawdata=e1iJnC4WoGST5ZHQuWRDnL5rnlUowbVXJLwf6V4nPaTTh9+uA4u72KrIzCCqfcR70SYsUjhaRBbKvo7b0cRAnhfdOrBLNrTNp7r1z1fJTB82E24lhaRPKxUPX1dFaDcEfheGjTOt0J3CXvmn9Ur1vjd8N9T9YnfgxJApYMPJ5cVfgb6xdkAU42vDSrSAS9uC1CmVrJMZGX1KIoZCSEYEtp9KTf358hsUEphTAV6ZbGMgdFlDvI1Iv+EVsDtIgcGym0HxRFU1Tvql60kaY8d9EFpYWI+g2o9YHu68uaCUcT5DMmp422lTkKSa876vnojNmPO0xnoOV/3uYaMtNjSkrouT/1cxMy0QXjjsgf7eT4CbzZSPDZOWtsqcx+VpidZI/ibcKjRwnKAhrgcAD0D+h8dhm2grZiIEpUIAwK9Qf3brfebeuaziYHmbPHsUndVWai7aeMVOQ4K8BzkUl93P1R8Z8qPUDAvlQvzmlrbjdXgWNVAPmTMbxUWqMa14PpYDbI9WPocTgIHT04VBBcr0eT7WmOEuYVauZZsR9opLcXQIsof3LEDS44l92Jsl/2ddzl9m+PA0/HSWwtg+jMsuZHPuwtxztaFvG71tV15BdLoy6pPS5Mn2q/ZkFWAXZWFjQqv+TeW8DBjFVDU7rcDdwrwl6Nvan/C4WQc3mkGBUuhouSCIh3yyLfLL6J4zSwMBy/J3h0zrH8FoW/3YNPgTL0SppVHeqM3ANnpfaf6S3OXggMBjygyWattVsqN+QTzyu9ECtGxztEggjvJcbCKlssEpr/4bVyZkl+etv6xP3nwsVof0zq7V3l9jxgAgr/IKXC49lHvFDUfikXt5ommk7YUNP19VYD7ZkZ47HV76fGSczq7MiTlZFVq1y+ySy55wdfC3+X+0negE5X5du+KlvRig0Bm/CDJmBoy4iNyEhyNUF3or6BPtEKzTecUCpr8m0aX547q1BkIMbb79bUQW3sQe1qbaysfvlyLdUnaubb2TFE5IHFK3Qi/EaHDpE/DzDlbc+GIEBICxoL1HNc4YXfkQHRr0v0YNEwI0/R0ciaoBd/Bruo4i+cH3Oi6D7USm70Cix7cR1fUm0EnB0nBVH4IrYutzEWPnSldZPv9UD0EZGSyu54ltNWfN54A9UP3DKtn2yNR0lyps+lNVvw05BFk7SNKZFUSCn+FMaR4uXsQ0dhI+vVYtoR4JBwE3TRZ7hD086r0L7z+s0eXlBIzQ8CPGkTRZeAXQz1T9HQfCZ23qPrXhcZldgb8gyjMd79DsKPBAfWdhXyb7TC6MTlbC9v2z75Dc5Rw4iDsswYk6T47yKXPUjKVUPcnSCuA9gNKWF5JLr9uZhU+yyESuM1asSS8ZVOvtCu5oYhHNPt3ve9WcMJcdPhijCtKQegcFUXrUU/pNSjdpFI8274h2tXOTPsKMZkNgdXI+S+slii6PLsMO4G+Q0UqoUm+kqnimV9wv9+w6LCI7upwWh/zjfYEA2dX3wau8Avln017ALDmVHC47WCOHNmaKy/zDu6VdFUZ9ibCGFGJGgkajAWyfUaepon79s/6y0UkOjU3e6k4xHW+v+kbVVP0aRFgw72YW2CEmvDbir7T/9en66PYRPOWtawL+gtTbdU0A0vAt+IDUYCDxWD07xH+rfmOdhnTUxNZxycaw9u+O8Y2S6UHPiNmSfl/hX8EPsJt711nvhSvnfuK+LdtQyv7b6kyJF+bgd/wRL89zljUwbNgF9O+Ju7xh2N3QRIKEYTXs9ZbnkEl66nC3NrZf567FnjEGpJNYIV0OXq0/RgZ4fo3ANcNDczZGGynr2+OptQbdHTLVLpqpwQPnX0DWEnXmtSdDKkoAN1SDv/DvT03j3diFp1UitrUBILcb58slVxmxl6N/0lTn6HtIh5uBEcUv4WiXTSNwr9j3VwIlcEMK373HJdhGEV7mUth/lFK0h3t6Lb/fGzkBxMyLiBDgAnq5Yn3cc26zb110MKDKjJkGkrdzoN3cmKab/7yNNC01j9SmJLWngcKV/yvJcct+6f7dUxYjbXDGBryQQFzxYztLiHqsXuPqQClhi0UqQmqwTwDht8ojdschlkmPmArT/TERdX9niFxfTs1haKGhbG93tty8kmvNwFUc7TN0AKiKcbBJPBQNRVyF4GeM5q/TMD2RkiUek9q0/BwicmfcOxPqjsu+uv6E/nXP/9Ou3pr1Bxr3w+kJ22k8ZkcS92LK86WfdXetZI0ZyGI6LVuW/MMlHorOKDy2aIdfFhPXYNCwfgHmRuxpKziIgBulITDEik1Iac2Nj2flyV5aQxhpDkmqwlthPDOvFrwY07yclbqWZK48w/RyVfczlJKILkyzvBItGDlqPcY/3aZuMmQxtIule/teOECokAu11Q==# C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe# C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /c# C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /ua /installsource scheduler# C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c# C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler# C:\Windows\tasks\KHKR.job - C:\Users\Ricky\AppData\Roaming\KHKR.exe# /infocmdline=wgy+RD80jTaPkodSVYs23GEIJUj4nZUdAxzZBfy4rEG0ONyR6t2uMR3JHU5Rf+LzzB3qgQ4QzeWkjUeAjSO9Ur5eomzXKobLq6W8KwIFrc5EMwZ0Xvp5UD1RDNkTPtTcje+TU1CFFTOcRR6R7rN5uzANWT/+4b8qeTvuhcsCk4AIOLXt5VsjSTBKMjUjdtaCrMsdLAsBDLFYvQL+R/lOlhQgSyRtsR2bTTjPeVNXzXoRwyrYuDTJqaQX1jkE9iD7rfWqKdW5BC/JnYIaSXn4UToEAP965QoGGhtjep9QsNu5ovsmJZPQdpl4t3Yx5uDGFdMxFd0q4yK4PNcjkFP8z1Hd5wDBLsWEfqHsPhFZNm/dn5/X/oO8pckD3UhktknbrIzbczmltaPH1jgI19HHNDIkWzwZZF9INhIoX1qWtxnIn7xA4htMheY1XjOYiq8I1uPLz+xVFsyh1Zy6IKubkN0WaUjaGupDa5lvJkPuaKfFaaRBfv+wPZOuQGofunv/# ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] CinPlus-2.4cV04.01 - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho64.dll [2015-01-04 867816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-11-04 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] CinPlus-2.4cV04.01 - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho.dll [2015-01-04 702440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-10 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-11-04 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-10 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-11-04 256456] {4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-11-04 194504] {4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-12 170264] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-12 398104] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-12 440600] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-23 2884880] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2014-08-22 1792376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440] "Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-05 291608] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192] "Registry Helper"=C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-01-06 429056] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-04 15:29:48 ----SHD---- C:\$RECYCLE.BIN 2015-01-04 15:24:57 ----A---- C:\Windows\zip.exe 2015-01-04 15:24:57 ----A---- C:\Windows\SWSC.exe 2015-01-04 15:24:57 ----A---- C:\Windows\SWREG.exe 2015-01-04 15:24:57 ----A---- C:\Windows\sed.exe 2015-01-04 15:24:57 ----A---- C:\Windows\PEV.exe 2015-01-04 15:24:57 ----A---- C:\Windows\NIRCMD.exe 2015-01-04 15:24:57 ----A---- C:\Windows\MBR.exe 2015-01-04 15:24:57 ----A---- C:\Windows\grep.exe 2015-01-04 15:24:53 ----SD---- C:\ComboFix 2015-01-04 15:24:06 ----D---- C:\Qoobox 2015-01-04 15:23:49 ----D---- C:\Windows\erdnt 2015-01-04 08:23:19 ----D---- C:\Program Files (x86)\VideoLAN 2015-01-04 08:23:07 ----D---- C:\Users\Ricky\AppData\Roaming\smileyswelove 2015-01-04 08:23:02 ----D---- C:\Program Files (x86)\9ea25f8e-1335-47ae-b1cb-4803b88f350b 2015-01-04 08:23:00 ----A---- C:\Users\Ricky\AppData\Roaming\KHKR.exe 2015-01-04 08:22:56 ----D---- C:\ProgramData\Registry Helper 2015-01-04 08:22:44 ----D---- C:\Program Files (x86)\globalUpdate 2015-01-04 08:22:43 ----D---- C:\Program Files (x86)\CinPlus-2.4cV04.01 2014-12-18 10:43:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-18 10:43:33 ----A---- C:\Windows\system32\ieUnatt.exe 2014-12-11 05:22:14 ----D---- C:\Windows\system32\appraiser 2014-12-11 05:00:31 ----A---- C:\Windows\SYSWOW64\mf.dll 2014-12-11 05:00:30 ----A---- C:\Windows\system32\mf.dll 2014-12-10 15:02:52 ----A---- C:\Windows\system32\appraiser.dll 2014-12-10 15:02:52 ----A---- C:\Windows\system32\aitstatic.exe 2014-12-10 15:02:52 ----A---- C:\Windows\system32\aepic.dll 2014-12-10 15:02:52 ----A---- C:\Windows\system32\aeinv.dll 2014-12-10 15:02:50 ----A---- C:\Windows\system32\invagent.dll 2014-12-10 15:02:48 ----A---- C:\Windows\system32\generaltel.dll 2014-12-10 15:02:47 ----A---- C:\Windows\system32\devinv.dll 2014-12-10 15:02:46 ----A---- C:\Windows\system32\aepdu.dll 2014-12-10 15:02:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-12-10 15:02:33 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-12-10 15:02:32 ----A---- C:\Windows\system32\drivers\tdx.sys 2014-12-10 15:02:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-12-10 15:02:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-12-10 15:02:21 ----A---- C:\Windows\system32\iernonce.dll 2014-12-10 15:02:21 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-12-10 15:02:21 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-12-10 15:02:21 ----A---- C:\Windows\system32\ie4uinit.exe 2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-12-10 15:02:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-12-10 15:02:19 ----A---- C:\Windows\system32\urlmon.dll 2014-12-10 15:02:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 15:02:19 ----A---- C:\Windows\system32\iedkcs32.dll 2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-12-10 15:02:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 15:02:18 ----A---- C:\Windows\system32\msfeeds.dll 2014-12-10 15:02:18 ----A---- C:\Windows\system32\dxtrans.dll 2014-12-10 15:02:17 ----A---- C:\Windows\system32\iesetup.dll 2014-12-10 15:02:17 ----A---- C:\Windows\system32\iertutil.dll 2014-12-10 15:02:17 ----A---- C:\Windows\system32\ieapfltr.dll 2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-12-10 15:02:16 ----A---- C:\Windows\system32\jsproxy.dll 2014-12-10 15:02:15 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-12-10 15:02:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-12-10 15:02:15 ----A---- C:\Windows\system32\dxtmsft.dll 2014-12-10 15:02:14 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-12-10 15:02:14 ----A---- C:\Windows\system32\mshtmled.dll 2014-12-10 15:02:14 ----A---- C:\Windows\system32\ieui.dll 2014-12-10 15:02:14 ----A---- C:\Windows\system32\ieframe.dll 2014-12-10 15:02:13 ----A---- C:\Windows\system32\vbscript.dll 2014-12-10 15:02:13 ----A---- C:\Windows\system32\jscript9diag.dll 2014-12-10 15:02:13 ----A---- C:\Windows\system32\jscript9.dll 2014-12-10 15:02:12 ----A---- C:\Windows\system32\wininet.dll 2014-12-10 15:02:12 ----A---- C:\Windows\system32\msrating.dll 2014-12-10 15:02:12 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-12-10 15:02:11 ----A---- C:\Windows\system32\mshtml.dll 2014-12-10 15:01:09 ----A---- C:\Windows\system32\charmap.exe 2014-12-10 15:01:08 ----A---- C:\Windows\SYSWOW64\charmap.exe 2014-12-10 15:01:07 ----A---- C:\Windows\system32\WsmSvc.dll 2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll 2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll 2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll 2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll 2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe 2014-12-10 15:01:06 ----A---- C:\Windows\system32\WsmWmiPl.dll 2014-12-10 15:01:06 ----A---- C:\Windows\system32\WsmAuto.dll 2014-12-10 15:01:06 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 15:01:06 ----A---- C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 15:01:03 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-12-10 15:01:03 ----A---- C:\Windows\system32\tzres.dll ======List of files/folders modified in the last 1 month====== 2015-01-04 16:03:59 ----D---- C:\Program Files\trend micro 2015-01-04 16:02:30 ----D---- C:\Windows\Temp 2015-01-04 15:48:06 ----D---- C:\Windows\system32\config 2015-01-04 15:38:29 ----D---- C:\Users\Ricky\AppData\Roaming\BitTorrent 2015-01-04 15:35:21 ----A---- C:\Windows\SYSWOW64\log.txt 2015-01-04 15:34:39 ----D---- C:\Users\Ricky\AppData\Roaming\Dropbox 2015-01-04 15:32:00 ----D---- C:\Windows 2015-01-04 15:30:50 ----D---- C:\Windows\inf 2015-01-04 15:30:08 ----D---- C:\Windows\system32\NDF 2015-01-04 15:24:07 ----D---- C:\Windows\system32\drivers 2015-01-04 14:55:16 ----SHD---- C:\System Volume Information 2015-01-04 14:50:55 ----D---- C:\Windows\system32\wbem 2015-01-04 14:49:40 ----HD---- C:\Config.Msi 2015-01-04 14:49:39 ----D---- C:\Windows\Tasks 2015-01-04 14:49:39 ----D---- C:\Windows\SysWOW64 2015-01-04 14:49:39 ----D---- C:\Windows\system32\catroot2 2015-01-04 14:49:38 ----D---- C:\Windows\registration 2015-01-04 14:24:21 ----D---- C:\Program Files (x86) 2015-01-04 14:23:28 ----SHD---- C:\Windows\Installer 2015-01-04 14:22:36 ----D---- C:\Windows\debug 2015-01-04 14:15:54 ----D---- C:\ProgramData\MFAData 2015-01-04 14:15:48 ----D---- C:\Windows\System32 2015-01-04 14:15:48 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-04 14:12:02 ----D---- C:\Windows\Prefetch 2015-01-04 08:23:56 ----D---- C:\Windows\system32\Tasks 2015-01-04 08:23:12 ----D---- C:\Program Files (x86)\Apple Software Update 2015-01-04 08:22:56 ----HD---- C:\ProgramData 2015-01-02 21:55:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-12-25 10:49:14 ----D---- C:\Users\Ricky\AppData\Roaming\Skype 2014-12-25 10:17:11 ----D---- C:\ProgramData\Skype 2014-12-25 10:17:09 ----RD---- C:\Program Files (x86)\Skype 2014-12-19 09:50:35 ----D---- C:\Windows\winsxs 2014-12-13 18:00:14 ----D---- C:\Windows\rescache 2014-12-11 05:22:14 ----SD---- C:\Windows\system32\CompatTel 2014-12-11 05:22:14 ----SD---- C:\ProgramData\Microsoft 2014-12-11 05:22:14 ----D---- C:\Windows\AppCompat 2014-12-11 05:22:13 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-12-11 05:22:13 ----D---- C:\Windows\SYSWOW64\en-US 2014-12-11 05:22:13 ----D---- C:\Windows\system32\nl-NL 2014-12-11 05:22:13 ----D---- C:\Windows\PolicyDefinitions 2014-12-11 05:22:13 ----D---- C:\Program Files\Internet Explorer 2014-12-11 05:22:12 ----D---- C:\Windows\system32\en-US 2014-12-11 05:22:12 ----D---- C:\Program Files (x86)\Internet Explorer 2014-12-11 05:07:02 ----D---- C:\Windows\system32\MRT 2014-12-11 05:02:33 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-02 46368] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720] R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-06 14652768] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-01-05 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-02-23 423696] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-18 104968] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-12-16 277784] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800] R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-04 68608] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912] S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 267440] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-01-12 274200] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-04 68608] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-11-03 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
-
inderdaad, stond een heel deel niet bij, sorry Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Ricky on wo 29/01/2014 at 9:02:26,07. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 29/01/2014 9:04:42 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\iMesh Applications deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\Google deleted successfully C:\ProgramData\Babylon deleted successfully C:\Users\Ricky\AppData\Roaming\PerformerSoft deleted successfully C:\Users\Ricky\AppData\Roaming\TP deleted successfully C:\Users\Ricky\AppData\Roaming\Uhvah deleted successfully C:\Users\Ricky\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.3.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.3.0 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Speed Analysis 2 deleted C:\Program Files (x86)\SeeSimilar02 deleted C:\Program Files (x86)\7Go Games deleted C:\ProgramData\Tarma Installer deleted C:\Users\Ricky\AppData\Roaming\DefaultTab deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\TB deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\DefaultTab deleted C:\PROGRA~2\BittorrentBar_NL deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~2\Conduit deleted C:\Users\Ricky\AppData\Roaming\7go deleted C:\Users\Ricky\AppData\Roaming\speedanalysis.ico deleted C:\Users\Ricky\AppData\Roaming\SpeedAnalysis2 deleted C:\Users\Ricky\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Ricky\AppData\Roaming\Babylon deleted C:\Users\Ricky\AppData\Roaming\File Scout deleted C:\Users\Ricky\AppData\Roaming\SeeSimilar02 deleted C:\Users\Ricky\AppData\Roaming\OpenCandy deleted C:\ProgramData\Partner deleted C:\ProgramData\IBUpdaterService deleted C:\ProgramData\AVG Secure Search deleted C:\ProgramData\YTD Video Downloader deleted C:\Users\Ricky\AppData\Local\CRE deleted C:\Users\Ricky\AppData\Local\AVG Secure Search deleted C:\Users\Ricky\AppData\Local\Conduit deleted C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Ricky\Downloads\avg_free_stb_all_2013_2677_cnet.exe deleted C:\Users\Ricky\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Ricky\Downloads\SoftonicDownloader_voor_flv-player.exe deleted C:\Users\Ricky\AppData\LocalLow\AVG Secure Search deleted C:\Users\Ricky\AppData\LocalLow\IAC deleted C:\Users\Ricky\AppData\LocalLow\BittorrentBar_NL deleted C:\Users\Ricky\AppData\LocalLow\Conduit deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted C:\windows\SysNative\tasks\DTReg deleted C:\Windows\Syswow64\sho9137.tmp deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted C:\Users\Ricky\Desktop\SpeedAnalysis.lnk deleted C:\Users\Ricky\AppData\Roaming\Mozilla\Extensions\7go@7go.com deleted C:\Users\Ricky\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com deleted C:\Users\Ricky\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com deleted "C:\Users\Ricky\AppData\Roaming\Achit\aqqaz.acu" deleted "C:\Users\Ricky\AppData\Roaming\Omceic\doew.tmp" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.3.0\SiteSafety.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll" deleted "C:\Users\Ricky\AppData\Roaming\Achit" deleted "C:\Users\Ricky\AppData\Roaming\Omceic" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.3.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.3.0" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ricky\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-01-16 08:20:33 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2014-01-16 08:20:34 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-01-16 08:20:34 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-01-16 08:20:34 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-01-16 08:20:34 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-01-16 08:20:34 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-01-16 08:20:34 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-01-16 08:20:34 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-01-16 08:20:32 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys ====== C:\Windows\Tasks ====== 2014-01-28 13:11:06 4BE02F39FFA2F4D585F39C1B8DF393A5 3128 ----a-w- C:\Windows\Sysnative\Tasks\{35080113-BB22-47E9-90EB-131BB88D85F2} 2014-01-28 08:32:21 DD68C1D24CCDC3A11EC99FF10DF971C5 3200 ----a-w- C:\Windows\Sysnative\Tasks\0 2014-01-28 08:32:21 D7A11A081F5FCBB5DC2611989F32BC6C 3296 ----a-w- C:\Windows\Sysnative\Tasks\4695 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-28 13:21:50 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-01-21 15:12:21 -------- d-----w- C:\PROGRA~2\Spotydl ======= C: ===== ====== C:\Users\Ricky\AppData\Roaming ====== 2014-01-21 15:12:25 -------- d-----w- C:\Users\Ricky\AppData\Roaming\Spotydl 2014-01-21 13:48:03 -------- d-----w- C:\Users\Ricky\AppData\Local\Spotify 2014-01-21 13:42:28 -------- d-----w- C:\Users\Ricky\AppData\Roaming\Spotify ====== C:\Users\Ricky ====== 2014-01-28 13:21:33 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ricky\Downloads\RSITx64.exe 2014-01-21 15:12:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl 2014-01-21 13:42:12 1CC1965A58472E2D8B6F5E640F895A89 127080 ----a-w- C:\Users\Ricky\Downloads\SpotifySetup.exe ====== C: exe-files == 2014-01-28 13:24:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZR8RZ8X\RSITx64.exe 2014-01-28 13:21:50 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ricky.exe 2014-01-28 13:21:33 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ricky\Downloads\RSITx64.exe 2014-01-28 09:23:03 8A78C2569DDC58FA24D9BB9EC7820917 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2385261912-2066926694-2415297712-1000\$INXMN4D.exe 2014-01-28 09:22:17 4BB60AC1146126EF1B5F68E1FCD2BC5E 1283072 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2385261912-2066926694-2415297712-1000\$RNXMN4D.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart" "USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "hkey"="HKLM" "item"="Adobe ARM" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "hkey"="HKLM" "item"="iTunesHelper" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2013-07-22 20:23:02 2063 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2013-07-10 18:07:40 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/01/2014 14:50] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2012 20:13] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2012 20:13] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4695" [wscript.exe C:\Users\Ricky\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "seesimilar02@SeeSimilar.com"="C:\Users\Ricky\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "seesimilar02@SeeSimilar.com"="C:\Users\Ricky\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dgjkhjdcljddbedokogakmmdjgnbeanf - C:\Users\Ricky\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx[] fegpgkakakkgjlnfdfoghgoohkbcejpm - C:\Users\Ricky\AppData\Roaming\SeeSimilar02\SeeSimilar.crx[] gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Ricky\AppData\Roaming\7go\7go.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 12:14] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Ricky\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Ricky\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Ricky\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx[16/11/2012 22:43] Video-Saver - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\capekcnhbegaapfdadcjikcnnebplepa Speed Analysis 2 - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf SeeSimilar 2 - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegpgkakakkgjlnfdfoghgoohkbcejpm 7Go Games - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi DefaultTab - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Skype Click to Call - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl BittorrentBar_NL - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn AVG Secure Search - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof DVDVideoSoft Browser Extension - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Card number - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Chrome Fix ====================== C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgjkhjdcljddbedokogakmmdjgnbeanf_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegpgkakakkgjlnfdfoghgoohkbcejpm deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fegpgkakakkgjlnfdfoghgoohkbcejpm_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fegpgkakakkgjlnfdfoghgoohkbcejpm deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjajpkikblccgefaibcafkfbanllpefi_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndgonipadfipmlmdfofnjnhhlgojnjdn_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ndgonipadfipmlmdfofnjnhhlgojnjdn_0 deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage deleted successfully C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\capekcnhbegaapfdadcjikcnnebplepa deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Mozilla\Firefox\Extensions\speedanalysis02@SpeedAnalysis.com deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Mozilla\Firefox\Extensions\7go@7go.com deleted successfully HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Mozilla\Firefox\Extensions\seesimilar02@SeeSimilar.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\speedanalysis02@SpeedAnalysis.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\7go@7go.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\seesimilar02@SeeSimilar.com deleted successfully
-
Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Ricky on wo 29/01/2014 at 9:02:26,07. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 9:04:08,71 ===== --- Create Environment Variables 9:04:09,40 --- Create System Restore Point 9:04:19,87 --- Checking Input 9:04:44,00 --- AU AppData Check 9:04:48,65 --- Remove From Windows Installer 9:04:53,59 --- Empty Folders Check 9:06:51,23 --- IE Startpage Check 9:06:59,57 --- Program Files DB Check 9:07:25,23 --- C:\Users\Default\AppData\Roaming DB Check 9:08:02,70 --- C:\Users\Default User\AppData\Roaming DB Check 9:08:02,70 --- C:\Users\Ricky\AppData\Roaming DB Check 9:08:02,70 --- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 9:08:02,70 --- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 9:08:02,70 --- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 9:08:02,70 --- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 9:08:02,70 --- C:\Users\Ricky DB Check 9:09:36,01 --- C:\ProgramData DB Check 9:09:48,41 --- C:\Users\Default\AppData\Local DB Check 9:09:49,41 --- C:\Users\Default User\AppData\Local DB Check 9:09:49,41 --- C:\Users\Ricky\AppData\Local DB Check 9:09:49,41 --- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 9:09:49,41 --- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 9:09:49,41 --- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 9:09:49,41 --- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 9:09:49,41 --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 9:10:50,64 --- C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 9:10:56,99 --- Tasks DB Check 9:11:00,41 --- Downloads DB Check 9:11:03,36 --- C:\Users\Ricky\AppData\LocalLow DB Check 9:11:06,90 --- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 9:11:06,90 --- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 9:11:06,90 --- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 9:11:06,90 --- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 9:11:06,90 --- Tasks2 DB Check 9:11:52,68 --- Documents DB Check 9:12:06,82 --- C:\Users\Public\Desktop DB Check 9:12:10,34 --- C:\Users\Ricky\Desktop DB Check 9:12:12,70 --- Services DB Check 9:12:20,64 --- FF prefs.js DB Check 9:12:50,19 --- Del by CLSID 9:12:51,45 --- Delete Services 9:13:19,25 --- Registry Fix x64 9:13:30,86 --- Delete files\folders 9:13:30,88 --- Create Backups 9:13:31,03 --- Recently Created 9:14:41,16 --- StartUp Information 9:17:10,59 --- Firefox Extensions 9:17:24,18 --- Chrome Look 9:17:24,46
-
het is toch dat grote venster waar onderaan "scan and fix stuff", en "other stuff" en zo staat
-
het lukt me niet deze te plakken in het grote venster. Ben wel als administrator gestart. Ik kopieer de tekst, maar kan dus in het grote venster niets plakken?? Hoe zou dit komen?
-
hallo, het lijkt me dat je dit bedoelt. Ik heb wel gemerkt dat er enkele niet meer bijstonden, van die je gezegd had dat ik die moest aanklikken bij hijackthis. kan je dit eens bekijken? alvast bedankt Logfile of random's system information tool 1.09 (written by random/random) Run by Ricky at 2014-01-28 14:24:15 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 361 GB (85%) free of 425 GB Total RAM: 8086 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:24:17, on 28/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Ricky.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12113 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=a51ccd66-a416-450b-a6f5-a94cdbafa654 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\43287745-4c68-4a23-99f8-023ba3fdd078-24c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\PHotkey\ASLDRSrv.exe" "C:\Program Files (x86)\PHotkey\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\PHotkey\PHotkey.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe" C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "-1306917359-1613192082398586230-3277035854788461296182228801209178178821099294 "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3436 C:\Windows\system32\wbem\unsecapp.exe -Embedding taskeng.exe {89F5E29E-115A-41E5-BAFB-FC3B6FDE39FA} "C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe" "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\svchost.exe -k HPService "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\servicing\TrustedInstaller.exe "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding HCSynApi.exe "C:\Program Files (x86)\PHotkey\PVDesktop.exe" "C:\Program Files (x86)\PHotkey\PVDAgent.exe" "C:\Program Files (x86)\PHotkey\POSD.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F300 Series#1374524743" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Internet Explorer\iexplore.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6468 CREDAT:1185045 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_38_ActiveX.exe -Embedding C:\Windows\splwow64.exe 12288 C:\Windows\system32\PrintIsolationHost.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6468 CREDAT:2692410 /prefetch:2 "C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZR8RZ8X\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}] 7Go Games - C:\Program Files (x86)\7Go Games\ScriptHost64.dll [2013-07-30 382272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-12 170264] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-12 398104] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-12 440600] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-23 2884880] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440] "Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-05 291608] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-01-09 2486296] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-01-06 429056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-28 14:21:50 ----D---- C:\Program Files\trend micro 2014-01-28 14:21:49 ----D---- C:\rsit 2014-01-28 09:37:16 ----D---- C:\Windows\Migration 2014-01-21 16:12:25 ----D---- C:\Users\Ricky\AppData\Roaming\Spotydl 2014-01-21 16:12:21 ----D---- C:\Program Files (x86)\Spotydl 2014-01-21 14:42:28 ----D---- C:\Users\Ricky\AppData\Roaming\Spotify 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-16 09:20:34 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-16 09:20:33 ----A---- C:\Windows\system32\win32k.sys 2014-01-16 09:20:32 ----A---- C:\Windows\system32\drivers\netio.sys ======List of files/folders modified in the last 1 month====== 2014-01-28 14:24:06 ----D---- C:\Windows\Prefetch 2014-01-28 14:21:50 ----RD---- C:\Program Files 2014-01-28 14:17:54 ----D---- C:\Windows\Temp 2014-01-28 14:17:54 ----A---- C:\Windows\SYSWOW64\log.txt 2014-01-28 14:15:55 ----D---- C:\Windows\system32\config 2014-01-28 14:13:46 ----D---- C:\Program Files (x86)\Speed Analysis 2 2014-01-28 14:13:46 ----D---- C:\Program Files (x86)\SeeSimilar02 2014-01-28 14:13:46 ----D---- C:\Program Files (x86)\7Go Games 2014-01-28 14:11:06 ----D---- C:\Windows\system32\Tasks 2014-01-28 14:02:40 ----D---- C:\Program Files (x86) 2014-01-28 13:42:37 ----D---- C:\Windows 2014-01-28 13:42:23 ----HD---- C:\Config.Msi 2014-01-28 09:52:01 ----D---- C:\Windows\Microsoft.NET 2014-01-28 09:41:32 ----SHD---- C:\Windows\Installer 2014-01-28 09:40:32 ----RSD---- C:\Windows\assembly 2014-01-28 09:39:31 ----D---- C:\Windows\System32 2014-01-28 09:39:31 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-28 09:39:30 ----D---- C:\Windows\inf 2014-01-28 09:38:58 ----D---- C:\Windows\SysWOW64 2014-01-28 09:38:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-01-28 09:37:25 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-28 09:37:24 ----D---- C:\Windows\system32\en-US 2014-01-28 09:37:16 ----SD---- C:\ProgramData\Microsoft 2014-01-28 09:36:14 ----SHD---- C:\System Volume Information 2014-01-28 09:32:56 ----D---- C:\Windows\Tasks 2014-01-28 09:32:03 ----D---- C:\ProgramData\Tarma Installer 2014-01-28 09:00:53 ----D---- C:\Users\Ricky\AppData\Roaming\BitTorrent 2014-01-28 09:00:51 ----D---- C:\Windows\Panther 2014-01-28 09:00:51 ----D---- C:\Windows\Logs 2014-01-28 09:00:51 ----D---- C:\Windows\debug 2014-01-28 08:49:41 ----D---- C:\ProgramData\MFAData 2014-01-25 19:42:40 ----D---- C:\Users\Ricky\AppData\Roaming\Skype 2014-01-24 14:50:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-21 14:28:51 ----D---- C:\Users\Ricky\AppData\Roaming\Dropbox 2014-01-20 14:56:50 ----D---- C:\Windows\system32\NDF 2014-01-18 17:19:19 ----D---- C:\Windows\system32\catroot2 2014-01-17 10:28:45 ----D---- C:\Windows\winsxs 2014-01-17 10:25:42 ----D---- C:\Windows\system32\drivers 2014-01-17 10:25:41 ----D---- C:\Windows\system32\DriverStore 2014-01-17 09:15:59 ----D---- C:\Windows\system32\MRT 2014-01-17 09:11:26 ----A---- C:\Windows\system32\MRT.exe 2014-01-16 09:20:29 ----D---- C:\Windows\system32\catroot 2014-01-09 17:29:43 ----D---- C:\Program Files (x86)\AVG Secure Search ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-02 46368] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720] R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-06 14652768] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-01-05 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-02-23 423696] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-18 104968] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-12-16 277784] R2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800] R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-01-09 1771544] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-31 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-24 257928] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-01-12 274200] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-31 136176] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Ricky\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-07-10 107520] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
-
hallo allemaal, zoals ik hier gelezen had, moest ik via zoek.exe een logbestand zien te vinden, dit zou het moeten zijn Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 10:26:55, on 28/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Ricky\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll O2 - BHO: SeeSimilar02 - {93488930-185C-4CED-AFEB-0FD4930F8423} - C:\Program Files (x86)\SeeSimilar02\ScriptHost.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Ricky\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing) O2 - BHO: 7Go Games - {FF103732-4528-4322-AA8B-F7849AB7776B} - C:\Program Files (x86)\7Go Games\ScriptHost.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader 64] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon64.exe O4 - HKLM\..\Run: [MyImageConverter_8j Browser Plugin Loader 64] C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon64.exe O4 - HKLM\..\RunOnce: [VideoDownloadConverter_4zbar Uninstall] rundll32 C:\PROGRA~2\4ZUNIN~1.DLL,O -3 uninstalltype=IE O4 - HKLM\..\RunOnce: [MyImageConverter_8jbar Uninstall] rundll32 C:\PROGRA~2\8JUNIN~1.DLL,O -3 uninstalltype=IE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Ricky\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing) O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Ricky\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14223 bytes Kan iemand hieraan uit, of weet iemand wat ik moet doen? alvast bedankt

OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!