Ga naar inhoud

65Hans

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    39

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door 65Hans

  1. 65Hans
    Sinds enkele dagen krijg ik onderstaande foutmelding wanneer ik emails wil openen op mijn laptop. Zelfs als ik mijn gebruikersnaam en wachtwoord opnieuw instel. Nochtans is er niets veranderd aan mijn instellingen of paswoorden. Alleen gebruik ik gmail al een tijdje niet meer. Op mijn smartphone openen de mails wel nog. "Voor het account Gmail (*********) kunnen geen berichten verzonden of ontvangen worden. Het downloaden van kopteksten voor de map Postvak IN is niet voltooid. De server heeft de verbinding onverwachts verbroken. Mogelijke oorzaken zijn problemen met de server, netwerkproblemen of te lange inactiviteit. Reactie van server: De IMAP-opdracht kan niet naar de server worden verzonden, vanwege fouten die geen verband houden met het netwerk. Dit kan bijvoorbeeld wijzen op onvoldoende geheugen op het systeem. Server: 'imap.gmail.com' Windows Live Mail-fout-id: 0x800CCC0E Protocol: IMAP Poort: 993 Beveiligd(SSL): Ja Voor het account Telenet (*********02) kunnen geen berichten verzonden of ontvangen worden. Er is een onjuiste gebruikersnaam voor e-mail ingevoerd. De volgende keer dat er berichten worden verzonden of ontvangen, moet een gebruikersnaam en wachtwoord voor dit account worden ingevoerd. Serverfout: 0x800CCC90 Reactie van server: -ERR No POP server defined. Use real server address instead of 127.0.0.1 in your account. Server: 'in.telenet.be' Windows Live Mail-fout-id: 0x800CCC91 Protocol: POP3 Poort: 110 Beveiligd(SSL): Nee"
  2. 65Hans
    Alvast van harte bedankt voor de vlotte hulp. De laptop werkt inmiddels weer even vlot als voorheen. Mvg Hans
  3. 65Hans
    Hieronder het verkregen logbestand. AdwCleanerS0.txt
  4. 65Hans
    Het bekomen zoek log bestand. zoek-results.log
  5. 65Hans
    Hierbij voeg ik het log bestandje. log.txt
  6. 65Hans
    Bedankt voor de vlotte hulp. Nu werkt hij weer normaal. Ik zal er in het vervolg op letten java op tijd te updaten. Doe ik nu nog best een malware scan om eventuele infecties op te sporen? En zo ja, welke kan ik dan best gebruiken? Mvg Hans
  7. 65Hans
    Sorry, Alvast bedankt, mvg
  8. 65Hans
    Tweede poging. log.txt
  9. 65Hans
    Hierbij het logbestand :
  10. 65Hans
    Sedert enkele dagen is mijn laptop extreem traag. Dit ontstond nadat ik hem opstartte nadat de batterij volledig leeg was. Hij start nu wel normaal op, maar bij opstarten google chrome reageert hij niet. Wel met IE, maar het duurt langer dan normaal. En dan blijft de cursor constant draaien alsof hij steeds bezig is met iets op de achtergrond. Ook bij de emails opent hij geen aangeklikte linken. Ook andere programma's reageren heel traag bij openen. De cursor blijft bezig. Ik heb al systeemherstel gedaan, maar dit brengt geen oplossing. Na scannen met AVG komen geen problemen voor. Ook cc-cleaner brengt geen soelaas. Ook afsluiten duurt extreem lang. En de batterij gaat nu slechts een half uur mee, terwijl die het daarvoor nog anderhalf à twee uur uithield. Wat kan hier de oorzaak zijn? Dank bij voorbaat, Mvg Hans
  11. 65Hans
    Ik heb nu google chrome als browser geïnstalleerd en dit verloopt nu heel vlot. Ook bij IE verloopt alles vlot. Het zal dus inderdaad een probleem van firefox geweest zijn. Ik zal voorlopig wel nog niet direct firefox opnieuw installeren. Alvast heel erg bedankt voor de hulp. Mvg Hans
  12. 65Hans
    Ik zal inderdaad een andere browser proberen. Eventueel firefox de-installeren en opnieuw installeren. Nu weet ik toch zeker dat het niet aan malware ligt. Alvast heel erg bedankt voor de moeite. Mvg Hans
  13. 65Hans
    Het probleem is helaas nog niet verholpen. Misschien ligt et aan mozilla firefox zelf?
  14. 65Hans
    Emsisoft Anti-Malware - Versie 9.0 Laatste Update: 11/11/2014 17:54:17 Gebruikersaccount: Hans-PC\Hans Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, E:\, Q:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 11/11/2014 17:57:09 Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Ontdekt: Setting.NoFolderOptions (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Ontdekt: Setting.DisableTaskMgr (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Ontdekt: Setting.DisableRegistryTools (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Ontdekt: Setting.NoRun (A) Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir Ontdekt: Adware.Generic.1027643 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir Ontdekt: Adware.Generic.1027643 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir Ontdekt: Adware.Generic.1022920 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir Ontdekt: Trojan.Generic.11531027 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir Ontdekt: Gen:Variant.Adware.BHO.Agent.4 ( C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Ontdekt: Gen:Adware.Heur.im9@gniZLef ( Gescand: 370017 Gevonden: 14 Scan geëindigd: 11/11/2014 20:24:20 Scantijd: 2:27:11 Mvg Hans - - - Updated - - - 2e maal dit logbestand, nu na quarantaine. Emsisoft Anti-Malware - Versie 9.0 Laatste Update: 11/11/2014 17:54:17 Gebruikersaccount: Hans-PC\Hans Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, E:\, Q:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 11/11/2014 17:57:09 Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Ontdekt: Setting.NoFolderOptions (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Ontdekt: Setting.DisableTaskMgr (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Ontdekt: Setting.DisableRegistryTools (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Ontdekt: Setting.NoRun (A) Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A) C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir Ontdekt: Adware.Generic.1027643 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir Ontdekt: Adware.Generic.1027643 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir Ontdekt: Adware.Generic.1022920 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir Ontdekt: Trojan.Generic.11531027 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir Ontdekt: Gen:Variant.Adware.BHO.Agent.4 ( C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Ontdekt: Gen:Adware.Heur.im9@gniZLef ( Gescand: 370017 Gevonden: 14 Scan geëindigd: 11/11/2014 20:24:20 Scantijd: 2:27:11 C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll In quarantaine geplaatst Gen:Adware.Heur.im9@gniZLef ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir In quarantaine geplaatst Gen:Variant.Adware.BHO.Agent.4 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir In quarantaine geplaatst Trojan.Generic.11531027 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir In quarantaine geplaatst Adware.Generic.1022920 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir In quarantaine geplaatst Adware.Generic.1027643 ( C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir In quarantaine geplaatst Adware.Generic.1027643 ( Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN In quarantaine geplaatst Setting.NoRun (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS In quarantaine geplaatst Setting.DisableRegistryTools (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR In quarantaine geplaatst Setting.DisableTaskMgr (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS In quarantaine geplaatst Setting.NoFolderOptions (A) In quarantaine geplaatst 13
  15. 65Hans
    Het lijkt opgelost. Mijn startpagina is wel gewijzigd naar google. De filmpjes werken weer normaal. Toch lukt het nog niet op Yelo tv te bekijken. Die blijft flikkeren. Ook het typen blijft met vertraging. mvg Hans
  16. 65Hans
    Hieronder het bekomen logbestandje : Zoek.exe v5.0.0.0 Updated 10-November-2014 Tool run by Hans on di 11/11/2014 at 8:01:54,64. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hans\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-11-06-201958.log 431 bytes C:\zoek-results2014-11-08-175522.log 38081 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\prefs.js: user_pref("browser.startup.homepage", "http://www.nieuwsblad.be/"); Added to C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default\prefs.js: Added to C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Deleting Files \ Folders ====================== C:\Users\Hans\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Hans\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-06 20:06:04 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-03 17:59:45 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-03 17:59:45 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-11-03 17:59:45 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-03 17:59:45 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-03 17:59:45 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-11-03 17:59:45 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-03 17:59:45 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-03 17:59:45 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-03 17:59:45 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-03 17:59:44 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-03 17:59:43 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-03 17:59:43 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-03 17:59:43 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-11-03 17:59:43 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-03 17:59:42 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-03 17:59:41 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-03 17:59:41 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-11-03 17:59:41 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-11-03 17:59:40 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-03 17:59:40 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-03 17:59:40 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-03 17:59:40 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-03 17:59:40 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-03 17:59:40 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-03 17:59:40 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-03 17:59:07 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll 2014-11-03 17:59:07 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll 2014-11-03 17:59:07 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll 2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-11-03 17:59:02 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL 2014-11-03 17:59:02 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL 2014-11-03 17:59:02 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL 2014-11-03 17:59:02 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL 2014-11-03 17:59:02 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL 2014-11-03 17:58:45 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-11-03 17:58:44 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll 2014-11-03 17:58:44 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-11-03 17:58:44 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2014-11-03 17:58:44 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-11-03 17:58:28 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-11-03 17:57:18 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-11-03 17:57:13 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-03 17:59:45 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-03 17:59:45 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-11-03 17:59:45 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-03 17:59:45 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-03 17:59:43 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-11-03 17:59:43 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-03 17:59:42 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-03 17:59:41 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-11-03 17:59:41 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-03 17:59:41 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-03 17:59:41 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-03 17:59:41 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-03 17:59:40 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-03 17:59:39 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-03 17:59:39 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-11-03 17:59:39 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-11-03 17:59:39 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-03 17:59:38 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-03 17:59:38 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-03 17:59:38 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-11-03 17:59:37 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-03 17:59:37 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-03 17:59:37 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-03 17:59:36 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-03 17:59:36 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-11-03 17:59:35 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-03 17:59:07 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll 2014-11-03 17:59:07 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll 2014-11-03 17:59:07 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll 2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\Sysnative\locale.nls 2014-11-03 17:59:02 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL 2014-11-03 17:59:02 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL 2014-11-03 17:59:02 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL 2014-11-03 17:59:02 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL 2014-11-03 17:59:02 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL 2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-11-03 17:58:45 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-11-03 17:58:45 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-11-03 17:58:44 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll 2014-11-03 17:58:44 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-11-03 17:58:44 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-11-03 17:58:44 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll 2014-11-03 17:58:28 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll 2014-11-03 17:57:18 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-11-03 17:57:13 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-10 17:01:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-10 17:00:31 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-10 17:00:31 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-10 17:00:31 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-11-06 20:05:24 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Hans\AppData\Roaming ====== 2014-11-10 19:13:25 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieUserList 2014-11-10 19:13:19 -------- d-sh--w- C:\Users\Hans\AppData\Local\EmieUserList 2014-11-10 19:13:19 -------- d-sh--w- C:\Users\Hans\AppData\Local\EmieSiteList 2014-11-08 17:52:18 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-11-08 17:52:18 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-11-08 17:52:18 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-11-08 17:52:18 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-11-08 17:52:18 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-11-08 17:52:17 -------- d-----w- C:\Users\Hans\AppData\Local\Temp 2014-11-03 18:27:15 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieSiteList 2014-10-21 17:04:08 -------- d-----w- C:\Users\Hans\AppData\Roaming\Oracle ====== C:\Users\Hans ====== 2014-11-10 16:59:10 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Hans\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-09 07:47:49 92B980C37F4C56498C65265BE033E42D 2145792 ----a-w- C:\Users\Hans\Downloads\adwcleaner_4.100.exe 2014-11-06 20:05:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe 2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe 2014-10-29 21:23:45 7F8A0E628D3561287725FD1C77D1D773 2603176 ----a-w- C:\Users\Hans\Downloads\AdobeDownloadAssistant.exe ====== C: exe-files == 2014-11-10 16:59:10 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Hans\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-09 07:47:49 92B980C37F4C56498C65265BE033E42D 2145792 ----a-w- C:\Users\Hans\Downloads\adwcleaner_4.100.exe 2014-11-06 20:05:53 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-06 20:05:53 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-06 20:05:53 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-06 20:05:30 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-06 20:05:30 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-06 20:05:30 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-06 20:05:30 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-06 20:05:30 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-06 20:05:30 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-06 20:05:30 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-06 20:05:30 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-06 20:05:30 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-06 20:05:30 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-06 20:05:30 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-06 20:05:30 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-06 20:05:30 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-06 20:05:30 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-06 20:05:29 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-06 20:05:29 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-06 20:05:29 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-06 20:05:29 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-06 20:05:29 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-06 20:05:29 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-06 20:05:29 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe 2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe === C: other files == 2014-11-10 19:16:04 EAEEA223DD0C5672DDDF88D14506E098 456886 ----a-w- C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YXHPT8ND\silverlightmediaelement[1].zip 2014-11-10 19:15:27 81092F7AF3400291C02CAB6E54D61B71 172220 ----a-w- C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9TTCWC43\RegisterDevice[1].zip 2014-11-10 17:01:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-10 17:00:31 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-10 17:00:31 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-11-10 17:00:31 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-11-06 20:05:30 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 " "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" "IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray" "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Ashampoo WinOptimizer Live-Tuner2"="C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe -TRAY" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dell DataSafe Online" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Dell\\Dell Datasafe Online\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell Webcam Central] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dell Webcam Central" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell Webcam\\Dell Webcam Central\\WebcamDell2.exe\" /mode2" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellStage" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Desktop Disc Tool" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Roxio\\OEM\\Roxio Burn\\RoxioBurnLauncher.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroLauncher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroLauncher" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nero\\SyncUP\\NeroLauncher.exe 900" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OfficeSyncProcess" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stage Remote] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Stage Remote" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Dell\\Stage Remote\\StageRemote.exe -Quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/11/2014 20:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Hans-PC-Hans" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default - Undetermined - %ProfilePath%\extensions\trash ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Docs - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Chrome In-App Payments service - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Preferences "urls_to_restore_on_startup": [ "http://www.google.com" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nieuwsblad.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nieuwsblad.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Hans\AppData\Local\Mozilla\Firefox\Profiles\h4jta6h1.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=133 folders=62 135988638 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Hans\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 11/11/2014 at 9:20:16,82 ======================
  17. 65Hans
    Ik heb zojuist IE geprobeerd en daar doet het probleem zich niet voor. Het lijkt dus enkel een probleem te zijn met mozilla firefox. Helpt dit? Mvg, Hans
  18. 65Hans
    Ik heb na de malware scan de laptop opnieuw opgestart, maar het probleem is nog niet opgelost. Mvg, Hans - - - Updated - - - Het probleem is begonnen nadat mijn dochter, op mijn laptop, op instagram en facebook foto's gedownload heeft. Ikzelf gebruik nooit instagram en fb. Misschien ligt daar ergens de oorzaak? Mvg, Hans
  19. 65Hans
    Dit is het log bestandje na de malware scan : Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Scan Date: 10/11/2014 Scan Time: 18:01:45 Logfile: MBAM scanlog.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.10.07 Rootkit Database: v2014.11.10.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Hans Scan Type: Threat Scan Result: Completed Objects Scanned: 371732 Time Elapsed: 14 min, 33 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 2 PUP.Optional.Melondrea.A, HKLM\SOFTWARE\WOW6432NODE\melondrea, Quarantined, [839c8cae522a57dff2ade38218ebaa56], PUP.Optional.Melondrea.A, HKU\S-1-5-21-3875126257-2785778885-3603230970-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\melondrea, Quarantined, [52cd2614dd9f5fd7217d194c867dc63a], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.MindSpark.A, C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\MapsGalaxy_39, Quarantined, [a57a3901b5c7dc5ac8bad039a063669a], Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Mvg Hans
  20. 65Hans
    Wat raad jij aan als anti-virus en malware bestrijding? Mvg Hans
  21. 65Hans
    Jammer genoeg is er nog geen verbetering merkbaar. Als ik een videobeeld wil afspelen, verdwijnt het van het ogenblik dat ik erop ga met de cursor. Ik kan het dan wel afspelen, maar het blijft zwart en nu en dan zie ik het beeld in een flits opflakkeren. Ook het typen blijft met vertraging. Het lijkt mij hetzelfde fenomeen als met de flikkerende beelden. Mvg Hans
  22. 65Hans
    Onderstaand logje is het resultaat van de adwcleaner. Ik kreeg wel een waarschuwing van AVG dat het om malware zou gaan. # AdwCleaner v4.100 - Rapport aangemaakt 09/11/2014 op 08:55:43 # DB v2014-11-07.1 # Laatste Update 08/11/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Hans - HANS-PC # Gestart vanuit : C:\Users\Hans\Downloads\adwcleaner_4.100.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\Extensions\Avg@toolbar ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Superfish Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v33.0.3 (x86 nl) -\\ Google Chrome v [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : hphibigbodkkohoglgfkddblldpfohjl [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kincjchfokkeneeofpeefomkikfkiedl [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc ************************* AdwCleaner[R0].txt - [1566 octets] - [06/03/2014 18:29:09] AdwCleaner[R1].txt - [1759 octets] - [11/03/2014 21:12:32] AdwCleaner[R2].txt - [5965 octets] - [09/11/2014 08:49:03] AdwCleaner[s0].txt - [1606 octets] - [06/03/2014 18:37:30] AdwCleaner[s1].txt - [1791 octets] - [11/03/2014 21:13:39] AdwCleaner[s2].txt - [5956 octets] - [09/11/2014 08:55:43] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [6016 octets] ##########
  23. 65Hans
    Sorry, ik was blijkbaar te snel tevreden. Hieronder het logje : Zoek.exe v5.0.0.0 Updated 06-November-2014 Tool run by Hans on za 08/11/2014 at 18:29:32,64. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hans\Downloads\zoek(2).exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-11-06-201958.log 431 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util melondrea deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater3.2.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater3.2.0 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default user.js not found ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com"); ---- FireFox user.js and prefs.js backups ---- prefs_20140811_1844_.backup ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20140811_1844_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_0214c"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\melondrea not found "C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe" not found C:\ProgramData\AVG Security Toolbar deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\Package Cache deleted C:\Users\Hans\Downloads\avg_free_stb_all_2015_5315_cnet.exe deleted C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\searchplugins\avg-secure-search.xml deleted C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\extensions\trash\39ffxtbr@MapsGalaxy_39.com deleted "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\3.2.0" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Hans\AppData\Local\Temp ==== ====== Java Cache ===== 2014-11-06 20:08:04 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-12420fbf 2014-11-06 20:07:53 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-186a753c 2014-11-06 20:07:53 DF0FFD480B89B5A571EA66201E0E36E6 424 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-11-06 20:07:52 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-239091d5 2014-11-06 20:07:53 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-591feb33 ====== C:\Windows\SysWOW64 ===== 2014-11-06 20:06:04 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-03 17:59:45 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-03 17:59:45 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-11-03 17:59:45 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-03 17:59:45 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-03 17:59:45 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-11-03 17:59:45 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-03 17:59:45 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-03 17:59:45 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-03 17:59:45 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-03 17:59:44 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-03 17:59:43 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-03 17:59:43 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-03 17:59:43 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-11-03 17:59:43 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-03 17:59:42 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-03 17:59:41 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-03 17:59:41 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-11-03 17:59:41 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-11-03 17:59:40 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-03 17:59:40 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-03 17:59:40 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-03 17:59:40 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-03 17:59:40 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-03 17:59:40 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-03 17:59:40 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-03 17:59:07 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll 2014-11-03 17:59:07 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll 2014-11-03 17:59:07 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll 2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-11-03 17:59:02 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL 2014-11-03 17:59:02 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL 2014-11-03 17:59:02 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL 2014-11-03 17:59:02 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL 2014-11-03 17:59:02 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL 2014-11-03 17:58:45 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-11-03 17:58:44 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll 2014-11-03 17:58:44 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-11-03 17:58:44 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2014-11-03 17:58:44 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-11-03 17:58:28 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-11-03 17:57:18 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-11-03 17:57:13 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-03 17:59:45 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-03 17:59:45 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-11-03 17:59:45 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-03 17:59:45 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-03 17:59:43 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-11-03 17:59:43 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-03 17:59:42 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-03 17:59:41 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-11-03 17:59:41 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-03 17:59:41 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-03 17:59:41 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-03 17:59:41 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-03 17:59:40 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-03 17:59:39 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-03 17:59:39 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-11-03 17:59:39 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-11-03 17:59:39 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-03 17:59:38 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-03 17:59:38 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-03 17:59:38 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-11-03 17:59:37 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-03 17:59:37 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-03 17:59:37 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-03 17:59:36 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-03 17:59:36 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-11-03 17:59:35 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-03 17:59:07 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll 2014-11-03 17:59:07 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll 2014-11-03 17:59:07 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll 2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\Sysnative\locale.nls 2014-11-03 17:59:02 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL 2014-11-03 17:59:02 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL 2014-11-03 17:59:02 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL 2014-11-03 17:59:02 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL 2014-11-03 17:59:02 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL 2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-11-03 17:58:45 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-11-03 17:58:45 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-11-03 17:58:44 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll 2014-11-03 17:58:44 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-11-03 17:58:44 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-11-03 17:58:44 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll 2014-11-03 17:58:28 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll 2014-11-03 17:57:18 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-11-03 17:57:13 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2014-10-11 16:00:07 68430AD3FB0FADBFA5D1677617D1E1F5 50976 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-11-06 20:05:24 -------- d-----w- C:\PROGRA~2\Java 2014-10-11 16:00:02 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp 2014-10-11 15:48:32 -------- d-----w- C:\PROGRA~2\AVG ======= C: ===== ====== C:\Users\Hans\AppData\Roaming ====== 2014-11-03 18:27:15 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieSiteList 2014-10-21 17:04:08 -------- d-----w- C:\Users\Hans\AppData\Roaming\Oracle 2014-10-11 16:00:13 -------- d-----w- C:\Users\Hans\AppData\Local\AVG Web TuneUp 2014-10-11 16:00:10 -------- d-----w- C:\Users\Hans\AppData\Locallow\AVG Web TuneUp 2014-10-11 16:00:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp 2014-10-11 15:51:18 -------- d-----w- C:\Users\Hans\AppData\Roaming\AVG2015 2014-10-11 15:50:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2014-10-11 15:50:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2014-10-11 15:48:33 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2014-10-11 15:44:26 -------- d-----w- C:\Users\Hans\AppData\Local\Avg2015 ====== C:\Users\Hans ====== 2014-11-06 20:05:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe 2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe 2014-10-29 21:23:45 7F8A0E628D3561287725FD1C77D1D773 2603176 ----a-w- C:\Users\Hans\Downloads\AdobeDownloadAssistant.exe 2014-10-11 16:00:02 -------- d-----w- C:\ProgramData\AVG Web TuneUp 2014-10-11 15:50:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-10-11 15:49:37 -------- d-----w- C:\ProgramData\AVG2015 ====== C: exe-files == 2014-11-06 20:05:53 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-06 20:05:53 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-06 20:05:53 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-06 20:05:30 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-06 20:05:30 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-06 20:05:30 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-06 20:05:30 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-06 20:05:30 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-06 20:05:30 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-06 20:05:30 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-06 20:05:30 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-06 20:05:30 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-06 20:05:30 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-06 20:05:30 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-06 20:05:30 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-06 20:05:30 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-06 20:05:30 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-06 20:05:29 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-06 20:05:29 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-06 20:05:29 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-06 20:05:29 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-06 20:05:29 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-06 20:05:29 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-06 20:05:29 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe 2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe 2014-11-03 17:59:45 6B9FDB34A5A490FF6A7EDE280062626A 810680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-11-03 17:59:45 54C9747BB0A64F4D9D401E4648363386 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-11-03 17:59:43 F9F310F9FB7F294F00ABDD03453D8CEE 812736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-11-03 17:59:43 649E8F572EC0D929F4EED13A53AC0475 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-11-03 17:59:43 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-11-03 17:59:41 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\System32\mstsc.exe 2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe === C: other files == 2014-11-06 20:05:30 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\System32\win32k.sys 2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 " "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" "IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray" "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Ashampoo WinOptimizer Live-Tuner2"="C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe -TRAY" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dell DataSafe Online" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Dell\\Dell Datasafe Online\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell Webcam Central] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dell Webcam Central" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell Webcam\\Dell Webcam Central\\WebcamDell2.exe\" /mode2" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellStage" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Desktop Disc Tool" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Roxio\\OEM\\Roxio Burn\\RoxioBurnLauncher.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroLauncher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroLauncher" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nero\\SyncUP\\NeroLauncher.exe 900" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OfficeSyncProcess" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stage Remote] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Stage Remote" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Dell\\Stage Remote\\StageRemote.exe -Quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/11/2014 20:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Hans-PC-Hans" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default - AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar - Undetermined - %ProfilePath%\extensions\trash ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Docs - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Chrome In-App Payments service - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Preferences "urls_to_restore_on_startup": [ "http://www.google.com" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {520BA545-8C7B-440A-B42C-0B4285CC150E} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1001\Software\Microsoft\Internet Explorer\SearchScopes\{520BA545-8C7B-440A-B42C-0B4285CC150E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GNSEQLC will be deleted at reboot C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYQ1POG3 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Hans\AppData\Local\Mozilla\Firefox\Profiles\h4jta6h1.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=132 folders=62 131351001 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Hans\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GNSEQLC" not found "C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYQ1POG3" not found ==== EOF on za 08/11/2014 at 18:55:22,46 ======================
  24. 65Hans
    Zoek.exe v5.0.0.0 Updated 05-November-2014 Tool run by Hans on do 06/11/2014 at 21:11:12,50. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hans\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 21:19:34,20 ===== --- Create Environment Variables 21:19:35,48 --- Create System Restore Point 21:19:43,25 --- Checking Input 21:20:00,97 --- AU AppData Check 21:20:16,06 --- Remove From Windows Installer 21:20:21,15 --- IE Startpage Check 21:22:01,97 --- Program Files DB Check 21:22:36,32 --- C:\Users\Default\AppData\Roaming DB Check 21:23:17,47 --- C:\Users\Default User\AppData\Roaming DB Check 21:23:17,47 --- C:\Users\Hans\AppData\Roaming DB Check 21:23:17,47 --- C:\Users\UpdatusUser\AppData\Roaming DB Check 21:23:17,47 --- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 21:23:17,47 --- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 21:23:17,47 --- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 21:23:17,47 --- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 21:23:17,47 --- C:\Users\Hans DB Check 21:25:33,59 Dit is het logbestandje verkregen na uitvoeren van zoek.exe Mvg Hans
  25. 65Hans
    Bedankt voor de snelle reactie. Hieronder plak ik het logbestand : Logfile of random's system information tool 1.10 (written by random/random) Run by Hans at 2014-11-05 17:43:20 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 374 GB (75%) free of 496 GB Total RAM: 8086 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:43:26, on 5/11/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17344) Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe C:\Program Files\trend micro\Hans.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/4 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: melondrea - {16f059cb-3d3f-4ecc-b426-bafa47233676} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=8d6bf4b7419e47d091b98db09ba750c9-a29479a5f9abbaa4510fc7eb5da3625d49050837 /CMPID=0214c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3875126257-2785778885-3603230970-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3875126257-2785778885-3603230970-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Hans\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{50386D0B-B314-4371-8BD4-C30125981BBB}: NameServer = 0.0.0.0 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Update melondrea - Unknown owner - C:\Program Files (x86)\melondrea\updatemelondrea.exe (file missing) O23 - Service: Util melondrea - Unknown owner - C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Ashampoo LiveTuner 2 Service (WO_LiveService2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe -- End of file - 16616 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8be0-c4041c92421b /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\nvvsvc.exe "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 16950496 \??\C:\Windows\system32\conhost.exe "712278395-693484866988349778-41604475415221640301321670126-920892879346513325 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\AVG\AVG2015\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3 "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray "C:\Program Files\Dell\QuickSet\quickset.exe" "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe" -TRAY "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Hans "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 \??\C:\Windows\system32\conhost.exe "4838588971797762884-306756941-623362018202614344660503806-114616168-1295995023 C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe" "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" WLIDSvcM.exe 4284 "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" ctfmon.exe "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2015\avgemca.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe" "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\servicing\TrustedInstaller.exe "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding taskeng.exe {13CC611C-C68D-41B8-9B0B-B999FB32BB48} "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe" taskeng.exe {4C6A2DD4-4B65-46AE-B3C9-C811CF528D3B} "C:\Program Files\My Dell\uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.pc-helpforum.be/f387/traag-opstarten-browser-flikkerende-beelden-73806-new/" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4076.1f3cc8a0.234373683 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4076 "\\.\pipe\gecko-crash-server-pipe.4076" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --proxy-stub-channel=Flash5208.5716AAA0.13705 --host-broker-channel=Flash5208.5716AAA0.20859 --host-pid=5208 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --channel=7344.001AF6C4.769024795 --proxy-stub-channel=Flash5208.5716AAA0.13705 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" --host-npapi-version=27 --type=renderer "C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544 "C:\Users\Hans\Downloads\RSITx64(1).exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default prefs.js - "browser.startup.homepage" - "http://www.nieuwsblad.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.189 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon My Image Garden "Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.189 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.DEU nppdf32.FRA nppdf32.JPN WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\extensions\ avg@toolbar trash C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\searchplugins\ avg-secure-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}] melondrea [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-02-19 6611048] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-05 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-05 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-05 416024] "FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-17 686704] "IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-11-01 1935120] "QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2011-01-25 4479648] "IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [] "NVHotkey"=C:\Windows\system32\nvHotkey.dll [2011-11-04 540992] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768] "Ashampoo WinOptimizer Live-Tuner2"=C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe [2014-06-16 3516808] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_0214c"=C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=8d6bf4b7419e47d091b98db09ba750c9-a29479a5f9abbaa4510fc7eb5da3625d49050837 /CMPID=0214c [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [2010-08-26 1117528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2011-04-13 503942] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2012-02-01 2195824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [2010-11-17 514544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [2012-08-21 67496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2011-06-28 2022976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112] "AccuWeatherWidget"=C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2012-02-01 968048] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048] "IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168] "Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-09-05 3593744] "vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-10-14 2662424] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll [2013-03-14 14232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-07-20 390144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-03 19:08:04 ----D---- C:\ProgramData\Package Cache 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-11-03 18:59:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-03 18:59:45 ----A---- C:\Windows\system32\iernonce.dll 2014-11-03 18:59:45 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-03 18:59:45 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-03 18:59:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-11-03 18:59:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-11-03 18:59:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-11-03 18:59:43 ----A---- C:\Windows\system32\urlmon.dll 2014-11-03 18:59:43 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-03 18:59:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-11-03 18:59:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-03 18:59:42 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-11-03 18:59:41 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-03 18:59:41 ----A---- C:\Windows\system32\iesetup.dll 2014-11-03 18:59:41 ----A---- C:\Windows\system32\iertutil.dll 2014-11-03 18:59:41 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-11-03 18:59:40 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-03 18:59:39 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-03 18:59:39 ----A---- C:\Windows\system32\ieui.dll 2014-11-03 18:59:39 ----A---- C:\Windows\system32\ieframe.dll 2014-11-03 18:59:39 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-03 18:59:38 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-03 18:59:38 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-03 18:59:38 ----A---- C:\Windows\system32\jscript9.dll 2014-11-03 18:59:38 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-03 18:59:37 ----A---- C:\Windows\system32\wininet.dll 2014-11-03 18:59:37 ----A---- C:\Windows\system32\vbscript.dll 2014-11-03 18:59:37 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-03 18:59:36 ----A---- C:\Windows\system32\msrating.dll 2014-11-03 18:59:36 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-03 18:59:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-03 18:59:35 ----A---- C:\Windows\system32\mshtml.dll 2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\mscories.dll 2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\mscorier.dll 2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\dfshim.dll 2014-11-03 18:59:07 ----A---- C:\Windows\system32\mscories.dll 2014-11-03 18:59:07 ----A---- C:\Windows\system32\mscorier.dll 2014-11-03 18:59:07 ----A---- C:\Windows\system32\dfshim.dll 2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDYAK.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDTAT.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDRU1.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDRU.DLL 2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDBASH.DLL 2014-11-03 18:58:53 ----A---- C:\Windows\system32\win32k.sys 2014-11-03 18:58:45 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-11-03 18:58:45 ----A---- C:\Windows\system32\termsrv.dll 2014-11-03 18:58:45 ----A---- C:\Windows\system32\mstscax.dll 2014-11-03 18:58:45 ----A---- C:\Windows\system32\mstsc.exe 2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\winsta.dll 2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2014-11-03 18:58:44 ----A---- C:\Windows\system32\winsta.dll 2014-11-03 18:58:44 ----A---- C:\Windows\system32\winlogon.exe 2014-11-03 18:58:44 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-03 18:58:44 ----A---- C:\Windows\system32\rdpcorekmts.dll 2014-11-03 18:58:44 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-11-03 18:58:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-11-03 18:58:44 ----A---- C:\Windows\system32\credssp.dll 2014-11-03 18:58:28 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-11-03 18:58:28 ----A---- C:\Windows\system32\msi.dll 2014-11-03 18:57:18 ----A---- C:\Windows\SYSWOW64\rastls.dll 2014-11-03 18:57:18 ----A---- C:\Windows\system32\rastls.dll 2014-11-03 18:57:13 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-03 18:57:13 ----A---- C:\Windows\system32\packager.dll 2014-10-30 21:08:40 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-10-21 18:04:08 ----D---- C:\Users\Hans\AppData\Roaming\Oracle 2014-10-21 18:02:52 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\java.exe 2014-10-21 18:02:42 ----D---- C:\Program Files (x86)\Java 2014-10-11 17:00:10 ----D---- C:\ProgramData\AVG Security Toolbar 2014-10-11 17:00:07 ----A---- C:\Windows\system32\drivers\avgtpx64.sys 2014-10-11 17:00:05 ----D---- C:\ProgramData\AVG Secure Search 2014-10-11 17:00:02 ----D---- C:\ProgramData\AVG Web TuneUp 2014-10-11 17:00:02 ----D---- C:\Program Files (x86)\AVG Web TuneUp 2014-10-11 16:51:18 ----D---- C:\Users\Hans\AppData\Roaming\AVG2015 2014-10-11 16:49:37 ----HD---- C:\$AVG 2014-10-11 16:49:37 ----D---- C:\ProgramData\AVG2015 2014-10-11 16:48:32 ----D---- C:\Program Files (x86)\AVG 2014-10-06 20:11:36 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll 2014-10-06 20:11:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-10-06 20:09:52 ----A---- C:\Windows\SYSWOW64\infocardapi.dll 2014-10-06 20:09:51 ----A---- C:\Windows\SYSWOW64\icardagt.exe 2014-10-06 20:09:51 ----A---- C:\Windows\system32\infocardapi.dll 2014-10-06 20:09:51 ----A---- C:\Windows\system32\icardagt.exe 2014-10-06 20:09:49 ----A---- C:\Windows\SYSWOW64\icardres.dll 2014-10-06 20:09:49 ----A---- C:\Windows\system32\icardres.dll 2014-10-06 20:09:39 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe 2014-10-06 20:09:39 ----A---- C:\Windows\system32\TsWpfWrp.exe 2014-10-06 20:07:09 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-10-06 20:07:09 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-10-06 20:07:05 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-10-06 20:07:05 ----A---- C:\Windows\system32\tzres.dll 2014-10-06 20:06:56 ----A---- C:\Windows\SYSWOW64\msihnd.dll 2014-10-06 20:06:56 ----A---- C:\Windows\SYSWOW64\authui.dll 2014-10-06 20:06:56 ----A---- C:\Windows\system32\msihnd.dll 2014-10-06 20:06:56 ----A---- C:\Windows\system32\consent.exe 2014-10-06 20:06:56 ----A---- C:\Windows\system32\authui.dll 2014-10-06 20:06:45 ----A---- C:\Windows\system32\qdvd.dll 2014-10-06 20:06:44 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-10-06 20:06:44 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2014-10-06 20:06:44 ----A---- C:\Windows\system32\shell32.dll 2014-10-06 20:06:43 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-10-06 20:06:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-10-06 20:06:43 ----A---- C:\Windows\system32\d3d10warp.dll 2014-10-06 20:06:42 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-10-06 20:06:42 ----A---- C:\Windows\system32\gdi32.dll 2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-10-06 20:06:40 ----A---- C:\Windows\system32\lsasrv.dll 2014-10-06 20:06:40 ----A---- C:\Windows\system32\kerberos.dll 2014-10-06 20:04:54 ----A---- C:\Windows\system32\rpcrt4.dll 2014-10-06 20:04:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll ======List of files/folders modified in the last 1 month====== 2014-11-05 17:43:23 ----D---- C:\Program Files\trend micro 2014-11-05 17:41:46 ----D---- C:\Windows\Temp 2014-11-05 17:38:12 ----D---- C:\ProgramData\MFAData 2014-11-05 17:35:40 ----D---- C:\Windows\system32\config 2014-11-05 17:34:29 ----A---- C:\Windows\SYSWOW64\log.txt 2014-11-05 17:32:25 ----D---- C:\Windows\inf 2014-11-05 17:31:55 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup 2014-11-05 17:31:14 ----D---- C:\Windows 2014-11-05 17:31:13 ----D---- C:\ProgramData\NVIDIA 2014-11-04 20:20:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-11-04 19:35:24 ----SHD---- C:\Config.Msi 2014-11-04 19:30:43 ----SHD---- C:\System Volume Information 2014-11-04 19:19:27 ----SHD---- C:\Windows\Installer 2014-11-04 19:19:27 ----D---- C:\Program Files (x86)\Adobe 2014-11-04 19:18:52 ----RD---- C:\Program Files (x86) 2014-11-04 19:18:06 ----D---- C:\Users\Hans\AppData\Roaming\Adobe 2014-11-03 20:59:29 ----D---- C:\Windows\Microsoft.NET 2014-11-03 20:58:55 ----RSD---- C:\Windows\assembly 2014-11-03 19:56:31 ----D---- C:\ProgramData\CanonIJPLM 2014-11-03 19:51:42 ----D---- C:\Windows\winsxs 2014-11-03 19:41:14 ----RSD---- C:\Windows\Fonts 2014-11-03 19:41:05 ----D---- C:\Windows\System32 2014-11-03 19:40:10 ----D---- C:\Windows\SysWOW64 2014-11-03 19:32:43 ----D---- C:\Windows\debug 2014-11-03 19:17:07 ----D---- C:\Program Files\Internet Explorer 2014-11-03 19:17:06 ----D---- C:\Windows\SYSWOW64\en-US 2014-11-03 19:17:06 ----D---- C:\Windows\system32\en-US 2014-11-03 19:17:06 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-03 19:17:05 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-11-03 19:17:05 ----D---- C:\Windows\system32\nl-NL 2014-11-03 19:17:05 ----D---- C:\Windows\system32\drivers 2014-11-03 19:10:54 ----D---- C:\ProgramData\Microsoft Help 2014-11-03 19:09:18 ----D---- C:\ProgramData\Adobe 2014-11-03 19:08:04 ----HD---- C:\ProgramData 2014-11-03 19:05:35 ----D---- C:\Windows\system32\MRT 2014-11-03 19:00:21 ----A---- C:\Windows\system32\MRT.exe 2014-11-03 18:58:56 ----D---- C:\Windows\system32\catroot 2014-11-03 18:58:02 ----D---- C:\Windows\system32\catroot2 2014-11-02 09:07:51 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-10-31 16:23:02 ----SD---- C:\Users\Hans\AppData\Roaming\Microsoft 2014-10-31 16:16:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-29 22:51:49 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2014-10-29 22:51:38 ----D---- C:\Windows\system32\DriverStore 2014-10-21 18:03:11 ----D---- C:\ProgramData\Oracle 2014-10-14 19:01:38 ----D---- C:\ProgramData\Sonic 2014-10-11 17:01:09 ----D---- C:\Windows\system32\Tasks 2014-10-11 17:01:08 ----D---- C:\Windows\Tasks 2014-10-11 17:00:04 ----D---- C:\Program Files (x86)\Common Files 2014-10-11 16:43:10 ----D---- C:\ProgramData\McAfee 2014-10-11 16:43:10 ----D---- C:\Program Files\Common Files 2014-10-11 16:43:05 ----D---- C:\Program Files\McAfee 2014-10-11 16:43:05 ----D---- C:\Program Files 2014-10-11 16:36:50 ----DC---- C:\Windows\system32\DRVSTORE 2014-10-06 21:47:19 ----D---- C:\Windows\ehome 2014-10-06 21:47:11 ----D---- C:\Windows\PolicyDefinitions 2014-10-06 20:22:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-01-13 439320] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-24 247576] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-20 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-07-02 270616] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-10-11 50976] R1 NEOFLTR_803_30619;Juniper Networks TDI Filter Driver (NEOFLTR_803_30619); \??\C:\Windows\system32\Drivers\NEOFLTR_803_30619.SYS [2014-04-09 108344] R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 LiveTuner2PM;Ashampoo LiveTuner 2 Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [2014-03-20 14320] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtuele adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072] R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-20 12287456] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-19 2748520] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 8615936] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992] R3 qicflt;upper Device Filter Driver; C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2013-01-30 46720] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-10-19 195072] S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 158976] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168] S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-16 291648] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-09-05 1459872] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-09-05 3364368] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-09-05 293448] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe [2009-08-24 544768] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-11-01 1518352] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-12-21 325656] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NOBU;Dell DataSafe Online; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-08-26 2823000] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-11-04 1640768] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-11-01 844560] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2012-02-16 1695040] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-10-11 1843736] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-04-10 166912] S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S2 Update melondrea;Update melondrea; C:\Program Files (x86)\melondrea\updatemelondrea.exe [] S2 Util melondrea;Util melondrea; C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-04 267440] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 GoToAssist;GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe [2013-03-14 13720] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-30 114288] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-20 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- Mvg Hans
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.