Ga naar inhoud

cindyk

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    9

  • Registratiedatum

  • Laatst bezocht

cindyk's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. cindyk
    Hartstikke bedankt voor alle hulp!! Blij dat het nu gefixt is!! Was zonder jou hulp nooit gelukt!
  2. cindyk
    [ATTACH]31025[/ATTACH] zoek-results.log
  3. cindyk
    gelukt! Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Cindy on wo 26-03-2014 at 11:53:53,40. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cindy\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-25-230646.log 327 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\BitComet deleted successfully C:\PROGRA~2\onlinetracks deleted successfully C:\PROGRA~2\YouWave_Android deleted successfully C:\Program Files\BitComet deleted successfully C:\Program Files\mcafee deleted successfully C:\PROGRA~3\boost_interprocess deleted successfully C:\PROGRA~3\PCDr deleted successfully C:\PROGRA~3\SupportSoft deleted successfully C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} deleted successfully C:\Users\Cindy\AppData\Local\Dell Edoc Viewer deleted successfully C:\Users\Cindy\AppData\Local\SupportSoft deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_CLASSES_ROOT\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SpyHunter 4 Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsgScanner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EsgScanner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\esgiguard deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CINDY-PC"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\50COupoons not found c:\progra~3\filtel~1 not found C:\ProgramData\UTUbEroAdBlockker not found C:\ProgramData\JoniCouppone not found C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} not found "C:\Users\Cindy\AppData\Roaming\Computer.exe" not found C:\Program Files\Enigma Software Group deleted C:\sh4ldr deleted C:\ProgramData\DownSave deleted C:\PROGRA~3\ocianfbjdoijlgcpfkekmhejgjppfdho deleted C:\Users\Cindy\AppData\LocalLow\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted C:\Users\Cindy\AppData\LocalLow\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted C:\Users\Cindy\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Users\Cindy\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\PROGRA~3\cea2cad3caee4f45 deleted C:\PROGRA~2\SopCast deleted C:\PROGRA~3\InstallMate deleted C:\Users\Cindy\AppData\Local\CRE deleted C:\Users\Cindy\AppData\LocalLow\uTorrentControl_v2 deleted C:\Users\Cindy\Downloads\Mannenharten Movie NL 2013 BluRay 1080p x264 NL Subs.exe deleted "C:\windows\SysNative\drivers\EsgScanner.sys" deleted "C:\Users\Cindy\AppData\Local\0x35t381ja6w6cmcd2r" deleted "C:\Users\Cindy\AppData\Local\300v0hrfj2i4" deleted "C:\ProgramData\0x35t381ja6w6cmcd2r" deleted "C:\ProgramData\300v0hrfj2i4" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\gamiipnagaakobenbkakbpgeaeacglbm.crx" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\update.xml" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Cindy\AppData\Local\Temp ==== 2014-03-21 13:24:44 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Cindy\AppData\Local\Temp\ESGScanner.sys 2014-03-21 12:49:15 5C28E508C83A3B0DDBB224B04B1418B9 47329360 ----a-w- C:\Users\Cindy\AppData\Local\Temp\SHSetup.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-03-25 19:42:14 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-03-25 19:41:30 EF3B71BD5920BD4C02302AFBABE210A6 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-03-25 19:41:30 92008BFC4A409AD92DFBB50AF392AECC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-03-25 19:41:30 5F779F8A5599F2DDA479157088E3836E 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2014-03-25 23:14:24 6C545E3CD7F69DB54554D61AD5A4A483 3120 ----a-w- C:\Windows\Sysnative\Tasks\{229C6AAE-9962-4CFC-8B67-4E104EAB5D96} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-25 20:07:08 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-03-14 11:31:33 -------- d-----w- C:\PROGRA~2\Anvisoft ======= C: ===== 2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Cindy\AppData\Roaming ====== 2014-03-21 13:24:36 -------- d-----w- C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-03-09 02:53:22 -------- d-----w- C:\Users\Cindy\AppData\Local\Microsoft Games ====== C:\Users\Cindy ====== 2014-03-25 20:06:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Cindy\Downloads\RSITx64.exe 2014-03-25 19:39:57 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Cindy\Downloads\mbam-setup-2.0.0.1000.exe 2014-03-22 15:11:59 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (2).exe 2014-03-21 12:49:05 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Cindy\Downloads\SpyHunter-Installer.exe 2014-03-21 12:38:33 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (1).exe 2014-03-14 11:35:49 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Cindy\Downloads\JRT.exe 2014-03-14 11:35:41 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner.exe 2014-03-14 11:30:46 28439C70930F79686EA27924CAFAFF1A 1381864 ----a-w- C:\Users\Cindy\Downloads\AnviUnIns.exe 2014-03-09 11:10:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst ====== C: exe-files == === C: other files == 2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"="C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "adblock pro"="C:\Program Files (x86)\Adblock Pro\abpmain.exe -m" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" "STToasterLauncher"="C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe" "20131224"="C:\Program Files\AVAST Software\Avast\setup\emupdate\4e90784d-6117-436e-8071-ad5552bbca8a.exe /check" "Launcher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\FILTEL~1\\FILTEL~2.DLL" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellComms] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellComms" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell\\DellComms\\bin\\sprtcmd.exe\" /P DellComms" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupportCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellSupportCenter" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter" ==== Startup Folders ====================== 2010-09-28 23:12:00 829 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk 2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2010-09-28 23:12:00 829 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk 2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{0CA5549F-A442-40B2-870D-8E1570E0F515}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" ]Downloading "C:\Windows\SysNative\tasks\{50420F0B-4848-0EA7-E14B-1F50CF08F162}" [C:\Users\Cindy\AppData\Roaming\adobe\acrobat\10.0\forms\lawynpt.exe] "C:\Windows\SysNative\tasks\{730B3EC6-48EE-490F-9AC3-F620BFB00032}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.120/en/go/help.faq.installer?LastError=1618] "C:\Windows\SysNative\tasks\{AFDD0997-E364-49D2-B3BC-D1C38383AF12}" ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"] "C:\Windows\SysNative\tasks\{D2497C30-31FD-4A98-B2C2-8B4F00059DFA}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-02-2014 14:37] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10-10-2011 17:09] UTUbEroAdBlockker - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm Skype Click to Call - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl uTorrentBar_NL - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb uTorrentControl_v2 - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda UTUbEroAdBlockker - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm Skype Click to Call - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chrome Fix ====================== C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {62E2CB12-1D8A-463B-BE20-673039477F6E} Bing Url="http://www.bing.com/search?FORM=DLCBDF&PC=MDDC&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6E598DAC-23B3-4126-B44E-B36AAD02AF04} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6E598DAC-23B3-4126-B44E-B36AAD02AF04} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9A4BF4A-BA35-29C0-36A3-7BE82BE1FB2A} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-5902107913 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2452 folders=503 112129130 bytes) ==== Empty Temp Folders ====================== C:\Users\Cindy\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Cindy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda" deleted "C:\Users\Cindy\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\K73XLLJC\club777.com" not found ==== EOF on wo 26-03-2014 at 12:40:42,72 ====================== - - - Updated - - - [ATTACH]30939[/ATTACH] dit keer met attachement zoek-results.log
  4. cindyk
    Er gebeurde verder niets meer... Ik zal het nog wel eens proberen en nu langer wachten.
  5. cindyk
    [ATTACH]30924[/ATTACH] Is dit gelukt zo?Was niet zeker of dit nu het correcte bestand was.. zoek-results.log
  6. cindyk
    dit was de derde log: Logfile of random's system information tool 1.09 (written by random/random) Run by Cindy at 2014-03-25 21:07:08 Microsoft Windows 7 Home Premium System drive C: has 17 GB (4%) free of 462 GB Total RAM: 3893 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:07:30, on 25-3-2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Cindy\AppData\Roaming\Spotify\spotify.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Cindy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: 50COupoons - {6125F634-B791-FAD7-37AB-4DD442B996AB} - C:\ProgramData\50COupoons\H.dll (file missing) O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [adblock pro] C:\Program Files (x86)\Adblock Pro\abpmain.exe -m O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [CINDY-PC] C:\Users\Cindy\AppData\Roaming\Computer.exe O4 - HKCU\..\Run: [FLV Player] C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKCU\..\Run: [spotify] "C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [superAdBlocker] C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user') O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://download.easetuner.com/download/SOPCORE.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\filtel~1\filtel~1.dll O20 - Winlogon Notify: !SABWinLogon - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14692 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,1024 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,1024 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs winlogon.exe C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\Dell\DellDock\DockLogin.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\system32\WLANExt.exe 1994288 \??\C:\Windows\system32\conhost.exe "157977866111775347501798107762-1613403880-47395920-972513570-1092533151672747475 "C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "taskhost.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" taskeng.exe {FD481FC1-7D3D-4729-A6F3-692BAE6C9EF0} "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted WLIDSvcM.exe 2552 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe" C:\Windows\System32\vds.exe "C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe" C:\Users\Cindy" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Dell\QuickSet\quickset.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe" /Tray "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Users\Cindy\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Windows\System32\StikyNot.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.0.30419628\1676592362" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.1.2021579296\1434860776" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.2.542815304\563324301" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.3.1008003653\334972277" /prefetch:673131151 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4020.4.1781795359\339798199" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5584.0.1223941425\2090735637" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="5584.1.1986000939\906779822" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.3.1314190728\1169959252" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.4.635957269\1774358208" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.5.487647131\1414373492" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5584.6.832600596\1193772356" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.7.1645662224\1193919128" /prefetch:673131151 C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Cindy\Desktop\malware log.txt consent.exe 948 532 00000000039568D0 taskhost.exe $(Arg0) C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 "C:\Users\Cindy\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38F11BDF-6689-0014-9E53-3B17F0DD7428}] UTUbEroAdBlockker - C:\ProgramData\UTUbEroAdBlockker\C.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB}] 50COupoons - C:\ProgramData\50COupoons\H.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-17 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6A53A30-719A-2682-59DF-10A2FB37B57B}] JoniCouppone - C:\ProgramData\JoniCouppone\lKLJX_.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB}] 50COupoons - C:\ProgramData\50COupoons\H.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-17 1143168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-17 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-17 1143168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-08 2122536] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-14 10144288] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-08 166424] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-08 391192] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-08 413720] "QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-04-06 3203440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-09-23 4240760] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] "Mega Manager"=C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe [2010-11-03 2113024] "BitComet"=C:\Program Files\BitComet\BitComet.exe /tray [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608] "CINDY-PC"=C:\Users\Cindy\AppData\Roaming\Computer.exe [] "FLV Player"=C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [] "Spotify"=C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe [2014-01-16 6118400] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520] "Spotify Web Helper"=C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-16 1171968] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-11 39408] "Copy"=C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe [2014-02-10 15501968] "uTorrent"=C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-16 900440] "SuperAdBlocker"=C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe [2007-08-01 1564672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms] C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe /P DellComms [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-10-15 498160] "Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-30 421888] "RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "adblock pro"=C:\Program Files (x86)\Adblock Pro\abpmain.exe -m [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-03-22 3767608] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe""=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [] "Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2010-05-21 165184] "STToasterLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [2010-05-21 122176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~3\FILTEL~1\FILTEL~2.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-04-01 269824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000D7}"=C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLL [2006-11-07 77824] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-03-25 21:07:08 ----D---- C:\rsit 2014-03-25 21:07:08 ----D---- C:\Program Files\trend micro 2014-03-25 20:42:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-03-25 20:41:30 ----D---- C:\ProgramData\Malwarebytes 2014-03-25 20:41:30 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-03-21 14:25:24 ----A---- C:\autoexec.bat 2014-03-21 14:24:44 ----A---- C:\Windows\system32\drivers\EsgScanner.sys 2014-03-21 14:24:34 ----D---- C:\sh4ldr 2014-03-21 14:24:34 ----D---- C:\Program Files\Enigma Software Group 2014-03-21 13:51:14 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-03-21 13:30:48 ----D---- C:\zoek_backup 2014-03-14 15:09:30 ----D---- C:\Windows\F8BA8B13856D4DFBA28F7EC868142453.TMP 2014-03-14 12:36:07 ----D---- C:\AdwCleaner 2014-03-14 12:31:33 ----D---- C:\Program Files (x86)\Anvisoft ======List of files/folders modified in the last 1 month====== 2014-03-25 21:07:24 ----D---- C:\Windows\Temp 2014-03-25 21:07:08 ----RD---- C:\Program Files 2014-03-25 21:05:35 ----D---- C:\Windows\Prefetch 2014-03-25 21:05:30 ----D---- C:\Users\Cindy\AppData\Roaming\uTorrent 2014-03-25 21:03:16 ----D---- C:\Users\Cindy\AppData\Roaming\Spotify 2014-03-25 21:01:12 ----D---- C:\Windows\system32\config 2014-03-25 20:59:21 ----D---- C:\Users\Cindy\AppData\Roaming\Skype 2014-03-25 20:59:18 ----D---- C:\Users\Cindy\AppData\Roaming\Copy 2014-03-25 20:57:54 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup 2014-03-25 20:57:37 ----D---- C:\Windows\SysWOW64 2014-03-25 20:57:01 ----A---- C:\Windows\SYSWOW64\log.txt 2014-03-25 20:56:34 ----D---- C:\Windows\system32\drivers 2014-03-25 20:56:34 ----D---- C:\Windows\Logs 2014-03-25 20:55:16 ----D---- C:\ProgramData\DownSave 2014-03-25 20:41:30 ----RD---- C:\Program Files (x86) 2014-03-25 20:41:30 ----HD---- C:\ProgramData 2014-03-25 20:32:00 ----D---- C:\Windows\system32\Tasks 2014-03-25 12:04:21 ----SHD---- C:\System Volume Information 2014-03-25 02:07:37 ----D---- C:\Windows\System32 2014-03-25 02:07:37 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-03-24 12:28:10 ----D---- C:\Windows\system32\catroot2 2014-03-21 14:24:52 ----SHD---- C:\Windows\Installer 2014-03-21 13:51:14 ----D---- C:\Windows 2014-03-18 12:21:57 ----D---- C:\Windows\system32\MRT 2014-03-18 12:18:39 ----A---- C:\Windows\system32\MRT.exe 2014-03-14 10:56:43 ----D---- C:\Program Files\Adblock Pro 2014-03-14 10:49:42 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-14 10:49:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 10:11:33 ----D---- C:\ProgramData\Microsoft Help 2014-03-11 23:49:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-03-09 12:32:55 ----D---- C:\Users\Cindy\AppData\Roaming\Belastingdienst 2014-03-09 03:45:58 ----D---- C:\Windows\system32\NDF 2014-03-02 01:21:04 ----D---- C:\ProgramData\cea2cad3caee4f45 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-17 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-17 207904] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-17 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-17 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-17 421704] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-17 78648] R3 BCM43XX;DW WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-02-03 3058168] R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2010-02-02 20984] R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-01 10322848] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-14 2345760] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-04 271872] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-03-05 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-03-25 119512] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-03-05 63192] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-07 321584] S1 SABDIFSV;SABDIFSV; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABDIFSV.SYS [2005-09-21 5632] S1 SAB***IL;SAB***IL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAB***IL.sys [2007-02-20 32256] S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-17 80184] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 14872] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-02-16 74240] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792] S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [2005-03-21 4096] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-09-29 41472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-17 50344] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-03-05 1809720] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-03-05 857912] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 SABSVC;Super Ad Blocker Service; C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE [2005-08-31 65536] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-01-09 1025408] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-08 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928] S3 GoToAssist;GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe [2010-09-29 16680] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-08 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-16 194032] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-09 1255736] -----------------EOF-----------------
  7. cindyk
    Het tweede programma was iets anders dan je omschreef, ik kon de dingen waar jij het overhad als pup enzo niet vinden. Daarnaast bestond er geen snelle scan maar een hyperscan. Die heb ik gedaan. Kon op het eind ook niets verwijderen maar alleen in quarantaine zetten. Het volgende log heb ik toen gekopieerd want er kwam geen automatische log na het opstarten: Malwarebytes Anti-Malware Malwarebytes : Free Anti-Malware Scandatum: 25-3-2014 Scantijd: 20:54:55 Logbestand: malware log.txt Beheerder: Ja Versie: 2.00.0.1000 Malwaredatabase: v2014.03.25.07 Rootkitdatabase: v2014.03.18.01 Licentie: Proef Malwarebescherming: Ingeschakeld Kwaadaardige Website Bescherming: Ingeschakeld Chameleon: Uitgeschakeld Besturingssysteem: Windows 7 Processor: x64 Bestandssysteem: NTFS Gebruiker: Cindy Scantype: Hyperscan Resultaat: Voltooid Objecten Gescand: 199310 Verstreken Tijd: 6 m, 31 s Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Uitgeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Shuriken: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registersleutels: 13 PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DowonSave.DowonSave, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DowonSave.DowonSave.5.2, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DowonSave.DowonSave, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DowonSave.DowonSave.5.2, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1836166144-1085114356-520303975-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1836166144-1085114356-520303975-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A4C358C7-C883-A763-63E3-754ECCB7A136}, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{A4C358C7-C883-A763-63E3-754ECCB7A136}\INPROCSERVER32, , [f289a95e1e5d999d5fe765dc9e63ec14], Registerwaardes: 2 PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|TelevisionFanatic Home Page Guard 64 bit, "C:\PROGRA~2\TELEVI~2\bar\1.bin\AppIntegrator64.exe", , [3942d334daa1bd79f1be1c682cd723dd] PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BringMeSports Home Page Guard 64 bit, "C:\PROGRA~2\BRINGM~2\bar\1.bin\AppIntegrator64.exe", , [423948bfe69595a1832c731108fb18e8] Registerdata: 0 (No malicious items detected) Mappen: 4 PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT2865317, , [6417b94eceadc96d176cef5df30f44bc], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT2865317\xpi, , [6417b94eceadc96d176cef5df30f44bc], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468, , [512a9077a7d445f1dfa43319ea1828d8], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\xpi, , [512a9077a7d445f1dfa43319ea1828d8], Bestanden: 10 PUP.Optional.MultiPlug.A, C:\ProgramData\DownSave\M7x5.x64.dll, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.MultiPlug.A, C:\ProgramData\DownSave\M7x5.dll, , [f289a95e1e5d999d5fe765dc9e63ec14], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT2865317\CT2865317.xpi, , [6417b94eceadc96d176cef5df30f44bc], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT2865317\manifest.json, , [6417b94eceadc96d176cef5df30f44bc], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT2865317\xpi\install.rdf, , [6417b94eceadc96d176cef5df30f44bc], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\conduitStatistics.csf, , [512a9077a7d445f1dfa43319ea1828d8], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\CT3220468.xpi, , [512a9077a7d445f1dfa43319ea1828d8], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\initData.json, , [512a9077a7d445f1dfa43319ea1828d8], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\manifest.json, , [512a9077a7d445f1dfa43319ea1828d8], PUP.Optional.Conduit.A, C:\Users\Cindy\AppData\Local\Temp\CT3220468\xpi\install.rdf, , [512a9077a7d445f1dfa43319ea1828d8], Fysieke Sectoren: 0 (No malicious items detected) (end) - - - Updated - - - en dit is het laatste log: Logfile of random's system information tool 1.09 (written by random/random) Run by Cindy at 2014-03-25 21:07:08 Microsoft Windows 7 Home Premium System drive C: has 17 GB (4%) free of 462 GB Total RAM: 3893 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:07:30, on 25-3-2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Cindy\AppData\Roaming\Spotify\spotify.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Cindy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: 50COupoons - {6125F634-B791-FAD7-37AB-4DD442B996AB} - C:\ProgramData\50COupoons\H.dll (file missing) O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [adblock pro] C:\Program Files (x86)\Adblock Pro\abpmain.exe -m O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [CINDY-PC] C:\Users\Cindy\AppData\Roaming\Computer.exe O4 - HKCU\..\Run: [FLV Player] C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKCU\..\Run: [spotify] "C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [superAdBlocker] C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user') O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://download.easetuner.com/download/SOPCORE.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\filtel~1\filtel~1.dll O20 - Winlogon Notify: !SABWinLogon - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14692 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,1024 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,1024 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs winlogon.exe C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\Dell\DellDock\DockLogin.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\system32\WLANExt.exe 1994288 \??\C:\Windows\system32\conhost.exe "157977866111775347501798107762-1613403880-47395920-972513570-1092533151672747475 "C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "taskhost.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" taskeng.exe {FD481FC1-7D3D-4729-A6F3-692BAE6C9EF0} "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted WLIDSvcM.exe 2552 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe" C:\Windows\System32\vds.exe "C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe" C:\Users\Cindy" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Dell\QuickSet\quickset.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe" /Tray "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Users\Cindy\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Windows\System32\StikyNot.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.0.30419628\1676592362" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.1.2021579296\1434860776" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.2.542815304\563324301" /prefetch:673131151 "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.3.1008003653\334972277" /prefetch:673131151 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4020.4.1781795359\339798199" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5584.0.1223941425\2090735637" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="5584.1.1986000939\906779822" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.3.1314190728\1169959252" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.4.635957269\1774358208" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.5.487647131\1414373492" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5584.6.832600596\1193772356" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R7_Stable_Control/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5584.7.1645662224\1193919128" /prefetch:673131151 C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Cindy\Desktop\malware log.txt consent.exe 948 532 00000000039568D0 taskhost.exe $(Arg0) C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 "C:\Users\Cindy\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38F11BDF-6689-0014-9E53-3B17F0DD7428}] UTUbEroAdBlockker - C:\ProgramData\UTUbEroAdBlockker\C.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB}] 50COupoons - C:\ProgramData\50COupoons\H.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-17 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6A53A30-719A-2682-59DF-10A2FB37B57B}] JoniCouppone - C:\ProgramData\JoniCouppone\lKLJX_.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB}] 50COupoons - C:\ProgramData\50COupoons\H.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-17 1143168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-17 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-17 1143168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-08 2122536] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-14 10144288] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-08 166424] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-08 391192] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-08 413720] "QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-04-06 3203440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-09-23 4240760] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] "Mega Manager"=C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe [2010-11-03 2113024] "BitComet"=C:\Program Files\BitComet\BitComet.exe /tray [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608] "CINDY-PC"=C:\Users\Cindy\AppData\Roaming\Computer.exe [] "FLV Player"=C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [] "Spotify"=C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe [2014-01-16 6118400] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520] "Spotify Web Helper"=C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-16 1171968] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-11 39408] "Copy"=C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe [2014-02-10 15501968] "uTorrent"=C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-16 900440] "SuperAdBlocker"=C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe [2007-08-01 1564672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms] C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe /P DellComms [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-10-15 498160] "Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-30 421888] "RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "adblock pro"=C:\Program Files (x86)\Adblock Pro\abpmain.exe -m [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-03-22 3767608] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe""=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [] "Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2010-05-21 165184] "STToasterLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [2010-05-21 122176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~3\FILTEL~1\FILTEL~2.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-04-01 269824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000D7}"=C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLL [2006-11-07 77824] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-03-25 21:07:08 ----D---- C:\rsit 2014-03-25 21:07:08 ----D---- C:\Program Files\trend micro 2014-03-25 20:42:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-03-25 20:41:30 ----D---- C:\ProgramData\Malwarebytes 2014-03-25 20:41:30 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-03-25 20:41:30 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-03-21 14:25:24 ----A---- C:\autoexec.bat 2014-03-21 14:24:44 ----A---- C:\Windows\system32\drivers\EsgScanner.sys 2014-03-21 14:24:34 ----D---- C:\sh4ldr 2014-03-21 14:24:34 ----D---- C:\Program Files\Enigma Software Group 2014-03-21 13:51:14 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-03-21 13:30:48 ----D---- C:\zoek_backup 2014-03-14 15:09:30 ----D---- C:\Windows\F8BA8B13856D4DFBA28F7EC868142453.TMP 2014-03-14 12:36:07 ----D---- C:\AdwCleaner 2014-03-14 12:31:33 ----D---- C:\Program Files (x86)\Anvisoft ======List of files/folders modified in the last 1 month====== 2014-03-25 21:07:24 ----D---- C:\Windows\Temp 2014-03-25 21:07:08 ----RD---- C:\Program Files 2014-03-25 21:05:35 ----D---- C:\Windows\Prefetch 2014-03-25 21:05:30 ----D---- C:\Users\Cindy\AppData\Roaming\uTorrent 2014-03-25 21:03:16 ----D---- C:\Users\Cindy\AppData\Roaming\Spotify 2014-03-25 21:01:12 ----D---- C:\Windows\system32\config 2014-03-25 20:59:21 ----D---- C:\Users\Cindy\AppData\Roaming\Skype 2014-03-25 20:59:18 ----D---- C:\Users\Cindy\AppData\Roaming\Copy 2014-03-25 20:57:54 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup 2014-03-25 20:57:37 ----D---- C:\Windows\SysWOW64 2014-03-25 20:57:01 ----A---- C:\Windows\SYSWOW64\log.txt 2014-03-25 20:56:34 ----D---- C:\Windows\system32\drivers 2014-03-25 20:56:34 ----D---- C:\Windows\Logs 2014-03-25 20:55:16 ----D---- C:\ProgramData\DownSave 2014-03-25 20:41:30 ----RD---- C:\Program Files (x86) 2014-03-25 20:41:30 ----HD---- C:\ProgramData 2014-03-25 20:32:00 ----D---- C:\Windows\system32\Tasks 2014-03-25 12:04:21 ----SHD---- C:\System Volume Information 2014-03-25 02:07:37 ----D---- C:\Windows\System32 2014-03-25 02:07:37 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-03-24 12:28:10 ----D---- C:\Windows\system32\catroot2 2014-03-21 14:24:52 ----SHD---- C:\Windows\Installer 2014-03-21 13:51:14 ----D---- C:\Windows 2014-03-18 12:21:57 ----D---- C:\Windows\system32\MRT 2014-03-18 12:18:39 ----A---- C:\Windows\system32\MRT.exe 2014-03-14 10:56:43 ----D---- C:\Program Files\Adblock Pro 2014-03-14 10:49:42 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-14 10:49:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 10:11:33 ----D---- C:\ProgramData\Microsoft Help 2014-03-11 23:49:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-03-09 12:32:55 ----D---- C:\Users\Cindy\AppData\Roaming\Belastingdienst 2014-03-09 03:45:58 ----D---- C:\Windows\system32\NDF 2014-03-02 01:21:04 ----D---- C:\ProgramData\cea2cad3caee4f45 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-17 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-17 207904] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-17 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-17 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-17 421704] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-17 78648] R3 BCM43XX;DW WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-02-03 3058168] R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2010-02-02 20984] R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-01 10322848] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-14 2345760] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-04 271872] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-03-05 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-03-25 119512] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-03-05 63192] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-07 321584] S1 SABDIFSV;SABDIFSV; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABDIFSV.SYS [2005-09-21 5632] S1 SAB***IL;SAB***IL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAB***IL.sys [2007-02-20 32256] S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-17 80184] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 14872] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-02-16 74240] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792] S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [2005-03-21 4096] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-09-29 41472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-17 50344] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-03-05 1809720] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-03-05 857912] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 SABSVC;Super Ad Blocker Service; C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE [2005-08-31 65536] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-01-09 1025408] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-08 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928] S3 GoToAssist;GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe [2010-09-29 16680] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-08 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-16 194032] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-09 1255736] -----------------EOF-----------------
  8. cindyk
    dit is het eerste log: # AdwCleaner v3.022 - Report created 25/03/2014 at 20:31:58 # Updated 13/03/2014 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Cindy - CINDY-PC # Running from : C:\Users\Cindy\Downloads\adwcleaner (2).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\boost_interprocess File Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage File Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal File Deleted : C:\Windows\System32\Tasks\SpyHunter4Startup ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : search_url Deleted : suggest_url Deleted : keyword ************************* AdwCleaner[R0].txt - [20148 octets] - [14/03/2014 12:36:11] AdwCleaner[R1].txt - [988 octets] - [14/03/2014 15:14:35] AdwCleaner[R2].txt - [1645 octets] - [21/03/2014 13:39:45] AdwCleaner[R3].txt - [1542 octets] - [22/03/2014 16:13:06] AdwCleaner[R4].txt - [1602 octets] - [25/03/2014 20:30:40] AdwCleaner[s0].txt - [19590 octets] - [14/03/2014 12:40:48] AdwCleaner[s1].txt - [993 octets] - [14/03/2014 15:15:51] AdwCleaner[s2].txt - [1478 octets] - [25/03/2014 20:31:58] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1538 octets] ##########
  9. cindyk
    Hai, Ik heb al een geruimte tijd een of ander virus. Hierdoor verschijnen heel veel dingen in groene lettertjes, openen sommige pagina's niet en komt er in plaats daarvan reclame en op sites waar je iets kan kopen, krijg ik continue balkjes met reclame. Ik heb al geprobeerd de extension uit te zetten, maar dit kan niet eens. Ik wil er graag van af maar ben zelf nogal een leek wat betreft dit soort dingen. Kan iemand mij hierbij helpen? Groetjes Cindy
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.