jonati
-
Items
306 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door jonati
-
Geen pop-ups meer, en veel sneller! Thx!
-
Zoek.exe v5.0.0.0 Updated 17-February-2014 Tool run by Danny on ma 17-02-2014 at 21:39:08,35. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danny\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-15-191457.log 34986 bytes ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{dfd5512a-7995-4d84-8c50-9505292f1a22}"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Re-markit not found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3739 folders=294 331992067 bytes) ==== EOF on ma 17-02-2014 at 21:41:18,98 ======================
-
Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Danny on za 15-02-2014 at 19:48:37,81. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danny\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 15-2-2014 19:53:09 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\GUMB9F9.tmp deleted successfully C:\ProgramData\Oracle deleted successfully C:\Users\Danny\AppData\Local\cache deleted successfully C:\Users\Danny\AppData\Local\genienext deleted successfully C:\Users\Danny\AppData\Local\softthinks deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- ==== Deleting Files \ Folders ====================== C:\Users\Danny\.android deleted C:\ProgramData\Package Cache deleted C:\Users\Danny\AppData\Local\Mobogenie deleted C:\Users\Danny\AppData\Local\SwvUpdater deleted C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\Danny\Documents\Mobogenie deleted "C:\Users\Danny\daemonprocess.txt" deleted "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" deleted "C:\Program Files (x86)\Mobogenie\DCR.dll" deleted "C:\Program Files (x86)\Mobogenie\Device.dll" deleted "C:\Program Files (x86)\Mobogenie\libeay32.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcp100.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcr100.dll" deleted "C:\Program Files (x86)\Mobogenie\QtCore4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtGui4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtNetwork4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtSql4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtWebKit4.dll" deleted "C:\Program Files (x86)\Mobogenie\ssleay32.dll" deleted "C:\PROGRA~2\Mobogenie\DaemonProcess.exe" deleted "C:\PROGRA~2\Mobogenie\DCR.dll" deleted "C:\PROGRA~2\Mobogenie\Device.dll" deleted "C:\PROGRA~2\Mobogenie\libeay32.dll" deleted "C:\PROGRA~2\Mobogenie\msvcp100.dll" deleted "C:\PROGRA~2\Mobogenie\msvcr100.dll" deleted "C:\PROGRA~2\Mobogenie\QtCore4.dll" deleted "C:\PROGRA~2\Mobogenie\QtGui4.dll" deleted "C:\PROGRA~2\Mobogenie\QtNetwork4.dll" deleted "C:\PROGRA~2\Mobogenie\QtSql4.dll" deleted "C:\PROGRA~2\Mobogenie\QtWebKit4.dll" deleted "C:\PROGRA~2\Mobogenie\ssleay32.dll" deleted "C:\Program Files (x86)\Mobogenie" deleted "C:\PROGRA~2\Mobogenie" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Danny\AppData\Local\Temp ==== ====== Java Cache ===== 2014-01-18 15:19:01 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6619ee07-61e2e637 2014-01-18 15:19:01 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-25d35ef7 ====== C:\WINDOWS\SysWOW64 ===== 2014-02-12 20:10:16 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\WINDOWS\SysWOW64\javaws.exe 2014-02-12 20:10:14 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\WINDOWS\SysWOW64\javaw.exe 2014-02-12 20:10:14 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-02-12 20:10:14 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\WINDOWS\SysWOW64\java.exe 2014-02-12 19:39:45 9EA661DB9B393F46046D6181A3DDC4AD 2804528 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-12 19:39:43 BEFC9EE0724E53E004A6316C20931F99 2142936 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-02-12 19:39:42 A6A82DE8976069DBA0256AE5327110B5 1371312 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2014-02-12 19:39:41 2E6C68B92DFB0A95771F6DD7A4179FFE 13925888 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-02-12 19:39:39 E0C156E4380CE5C64CFBF2650895038D 18642504 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-02-12 19:39:38 D11A05032C28EE7588C135ECF7B49E81 1204968 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2014-02-12 19:39:38 72B3380DA5EA53028501F3B94E421FBB 2295808 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2014-02-12 19:39:37 15DF7EF29273464E6112E7A131537BCD 669344 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-02-12 19:39:36 7FA3046AC2751A408899EFD331FE1980 479744 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-02-12 19:39:35 C85EA737B20BEDC46CBA748DCE115184 433664 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2014-02-12 19:39:35 92124EF7B1BF5492EFCA17B3A208E4F4 663680 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-12 19:39:34 FF73CDC3F09904D82B0CCC1CA750CD02 218112 ----a-w- C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-12 19:39:34 6A7D239E3A3B90818B9BFE7B7CCD4BFC 584192 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-02-12 19:39:33 CF4C3815E577C7DC32BB8DB90F0B34C1 552624 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-12 19:39:33 48B8013201B1846F893A83606248A8CC 336384 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-02-12 19:39:33 06730D9C233B01E2F99C1BE2461629F7 980480 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll 2014-02-12 19:39:32 ECD4A3F754224C954D3D19B6ECBFE5AA 513536 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2014-02-12 19:39:32 4E556E5490191ED9B771576D9221A461 273920 ----a-w- C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-12 19:38:42 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-12 19:38:41 94443607F11CA635408A89F598C16DDD 835584 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-12 19:38:38 F0769848C6438AF1FF45E495219222B7 444928 ----a-w- C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-12 19:38:15 7D30E75C5C0FEAA40B79775C92C6AF23 628736 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-12 19:38:15 5D2A65C08953962327A21A51B5FC2089 1020928 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-12 19:38:15 5A37BBFA3A43556806DE5DDAD682766B 105984 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-12 19:37:42 419E037A7BAE52E665F89FB22FCC5D87 4961792 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-12 19:37:41 E31D12A9F5F358D60B8B34A1949DCE45 11702272 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-02-12 19:37:40 D5B5184F8C258D2C3AC70E3799C7A4BF 830976 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-12 19:37:39 46C6D8A6B4DEBBB55B6DA6B92C100599 1202888 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2014-02-12 19:37:39 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-12 19:37:18 C9C0B562C7AA50A672766AAC8112DF05 3936256 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-12 19:37:17 2754B116D797255B6A2F2F5DB1760238 2071552 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-12 19:37:16 77854ABDFA570601755D9D63F1F890DA 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-12 19:34:16 5254A52E0F354BC7955E309C4166CE0A 1317376 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-12 19:34:12 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-12 19:34:12 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-12 19:34:11 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-12 19:34:11 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-12 19:34:11 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-12 19:34:10 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-12 19:34:09 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-12 19:34:08 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-12 19:34:07 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-12 19:34:07 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-12 19:34:06 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-12 19:34:05 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-12 19:34:03 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-12 19:34:02 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\WINDOWS\SysWOW64\msrating.dll 2014-02-12 19:34:02 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-02-12 19:34:02 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-12 19:34:02 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-05 17:25:28 ED8ED1CE6CAB56103230E2097763DC2B 695808 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-05 17:25:27 B6D28E8DC13F9EAF8B74BDB4F3DD9781 174592 ----a-w- C:\WINDOWS\SysWOW64\WSClient.dll 2014-02-05 17:25:26 73D0837E97CD7368BCA7DE4E373B8503 103936 ----a-w- C:\WINDOWS\SysWOW64\OEMLicense.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-02-12 19:39:48 5F9799975EAB95431BF78428B26B4FF6 21196664 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-02-12 19:39:46 32370AF583EC8B24D790E1B9201D6811 3210528 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2014-02-12 19:39:45 013BB1B12833CD646175312307768F93 18577920 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2014-02-12 19:39:43 CA336E6ABF539A6D14DA3C49DDD24696 2131120 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-02-12 19:39:43 3E7B2C9026986C821E507A3319EA1D80 1928144 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2014-02-12 19:39:41 9FF95D589B5626852CECA2444C5C5A58 2617344 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2014-02-12 19:39:40 D33E2A482C47ABFDD80185DD9C8C06F1 1399176 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2014-02-12 19:39:40 728D3349FAB251B0265EFA55C67DCA2D 1503232 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2014-02-12 19:39:38 EF276593AD1BDF5A99032F62D6272848 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2014-02-12 19:39:38 1A1B60D269F745C021F69564B5906AD0 1374384 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll 2014-02-12 19:39:38 0E0796E3413D38A396B1C1591CE2B72E 4191232 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-02-12 19:39:37 FCB3BD54917D36FE79DFDF0ED7ACBEBB 764856 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2014-02-12 19:39:37 F242938F69AA25B8ECD0D9E342799802 637952 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2014-02-12 19:39:37 D65B1C952AEB864C2BAC7A770B17ECCE 282112 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2014-02-12 19:39:37 A6207A88B596F726DE558425F3B7E592 263168 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2014-02-12 19:39:37 39435F4007F1CEDEF04356892B18D174 202240 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll 2014-02-12 19:39:36 B9FC41CEC711DC0E1BFE927EEDC49176 745336 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2014-02-12 19:39:36 78AB9F5DC27E317F0B34C45D54ABB6B2 32088 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll 2014-02-12 19:39:36 660891FFB1B22FF39AADB3F45CE15D45 470016 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2014-02-12 19:39:36 40B228D05DB02F4A5F2452600999F53F 809872 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2014-02-12 19:39:36 2EAF0A1F9E4DF34862CC5A2B5437E450 744448 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2014-02-12 19:39:35 E18E9C9EBCFCA456B74BB6A80B1DB226 1415680 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2014-02-12 19:39:35 B818F6F3CA67E4BD278EDE5600BDD65E 461824 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll 2014-02-12 19:39:35 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 136704 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2014-02-12 19:39:35 34F8F7A0B782798F6A9511157BCC3E32 273408 ----a-w- C:\WINDOWS\Sysnative\Windows.Graphics.dll 2014-02-12 19:39:34 91433B44B1EF301E7DD696EB5281BC20 589824 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2014-02-12 19:39:33 FF9F658A51CAD74C25AF83038DBD735D 306688 ----a-w- C:\WINDOWS\Sysnative\msieftp.dll 2014-02-12 19:39:33 CD45E3FE736150D45EFDC9145DA53757 24064 ----a-w- C:\WINDOWS\Sysnative\bi.dll 2014-02-12 19:39:33 BDE4ABD3AB4171CECADFD38F392E656C 1227264 ----a-w- C:\WINDOWS\Sysnative\mispace.dll 2014-02-12 19:39:31 AD95F86C8D1843BE653F89FDE213F9E7 207872 ----a-w- C:\WINDOWS\Sysnative\deviceregistration.dll 2014-02-12 19:39:31 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-02-12 19:38:42 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\WINDOWS\Sysnative\pcaui.exe 2014-02-12 19:38:41 D13EE1D0B33D2B19C048EFA53DD41A2B 1113040 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2014-02-12 19:38:38 BE94090FCBB95B6F22E952D27BD2610E 570880 ----a-w- C:\WINDOWS\Sysnative\msdrm.dll 2014-02-12 19:38:17 F67102E9791A5B80070B30ADF1159A3C 4217344 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll 2014-02-12 19:38:16 F2629AF810E939672173CB17ECAC1667 919040 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2014-02-12 19:38:16 1968E2E5143D2EB964F836BA19A51104 2804224 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2014-02-12 19:38:15 5C6F6CC5C1395A8B5864713CD3F7F329 720384 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2014-02-12 19:38:15 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe 2014-02-12 19:38:15 41BD327A7518C4102969FCEE8F3D5030 121344 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll 2014-02-12 19:38:13 BBB9A31169B4969169ADE608231E2985 115712 ----a-w- C:\WINDOWS\Sysnative\winbici.dll 2014-02-12 19:37:43 570444FD34EE07261E22536122ECD720 7416832 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2014-02-12 19:37:42 5BD47B7C7DF76203FD639F2568A8C7B7 13209088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-02-12 19:37:40 A9154084EBC2A190943548AE4275A0E9 1105408 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2014-02-12 19:37:39 30D839DEBD6B0E89D13B9259C39B3FFA 1462216 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2014-02-12 19:37:38 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-results.searchconnector-ms 2014-02-12 19:37:18 053472337FDD116BD010C88DB0C34DF1 4604416 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2014-02-12 19:37:17 389C4E97E3A498159B625A7A13EA4560 2397184 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2014-02-12 19:37:17 22B4875CBDFA96BEF911F5A79FFA56EA 548864 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2014-02-12 19:34:17 AC7C39F7A866BF81103042244CE85827 2152448 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2014-02-12 19:34:12 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\WINDOWS\Sysnative\ieetwcollectorres.dll 2014-02-12 19:34:12 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-02-12 19:34:11 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\WINDOWS\Sysnative\ieetwproxystub.dll 2014-02-12 19:34:09 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2014-02-12 19:34:09 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2014-02-12 19:34:08 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-02-12 19:34:07 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\WINDOWS\Sysnative\ieetwcollector.exe 2014-02-12 19:34:06 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-02-12 19:34:05 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2014-02-12 19:34:04 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-02-12 19:34:03 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-02-12 19:34:01 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-02-12 19:34:00 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-02-12 19:34:00 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2014-02-12 19:34:00 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\WINDOWS\Sysnative\ieUnatt.exe 2014-02-12 19:33:59 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-02-12 19:33:59 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\WINDOWS\Sysnative\msrating.dll 2014-02-12 19:33:58 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-02-12 19:33:58 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2014-02-12 19:33:58 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-02-05 17:35:49 9F2AEF6DC4E11307B065FD38D1DF00B8 312744 ----a-w- C:\WINDOWS\Sysnative\javaws.exe 2014-02-05 17:35:44 AA2F3D9F789F071F90B398CC7D40330E 189352 ----a-w- C:\WINDOWS\Sysnative\java.exe 2014-02-05 17:35:44 83EEFE83438AEF9FBB7613A106C5E5BB 189352 ----a-w- C:\WINDOWS\Sysnative\javaw.exe 2014-02-05 17:35:44 1D1761BC856B17BFC5569D228F4FCD1D 108968 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll 2014-02-05 17:25:31 EF5A9D7523E4530D2030D4EA2D90FEC3 787968 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2014-02-05 17:25:29 D8E3A4701376CCFD0BE542D745FA4809 3395920 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2014-02-05 17:25:28 E3E168E733B0E8383BA5635542FDB96F 848384 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-02-05 17:25:28 294AAE73D0D7BDAACC5224BC7334077B 206336 ----a-w- C:\WINDOWS\Sysnative\WSClient.dll 2014-02-05 17:25:27 3E245CCA42D78B9626A79FE77E111D7B 84480 ----a-w- C:\WINDOWS\Sysnative\WSCollect.exe 2014-02-05 17:25:26 30AE1D2A418A6C128CF3BD6EA37354DB 138240 ----a-w- C:\WINDOWS\Sysnative\OEMLicense.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-02-13 21:47:47 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-02-12 19:39:42 3D9A5AC880D7AA2305812D665D24ED23 2551128 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-02-12 19:39:38 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-02-12 19:39:37 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-02-12 19:39:35 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\WINDOWS\Sysnative\drivers\ipnat.sys 2014-02-12 19:39:34 4628B415A84EA9D4D396A56F1D0CB6C6 142680 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-02-12 19:39:33 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\WINDOWS\Sysnative\drivers\BtaMPM.sys 2014-02-12 19:11:43 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys ====== C:\WINDOWS\Tasks ====== 2014-01-20 19:28:26 5DC79C24CA043FCEBDA99989699A4D0E 3550 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-14 18:29:57 -------- d-----w- C:\Program Files\trend micro 2014-02-05 17:35:30 -------- d-----w- C:\Program Files\Java ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Danny\AppData\Roaming ====== 2014-02-14 17:47:12 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google 2014-01-18 15:16:32 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft ====== C:\Users\Danny ====== 2014-02-15 17:13:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (3).exe 2014-02-15 11:21:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (2).exe 2014-02-15 11:14:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (1).exe 2014-02-15 11:14:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64.exe ====== C: exe-files == 2014-02-15 17:13:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (3).exe 2014-02-15 11:21:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (2).exe 2014-02-15 11:14:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (1).exe 2014-02-15 11:14:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64.exe 2014-02-14 18:29:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Danny.exe 2014-02-14 18:04:10 E607D804E0903F3D8C4A72329DE18B62 2808832 ----a-w- C:\Users\Danny\AppData\Local\Packages\GoogleInc.GoogleSearch_yfg5n0ztvskxp\AC\Microsoft\CLR_v4.0\NativeImages\google-search\cb0da979b96024c974d352a06818d428\google-search.ni.exe 2014-02-14 17:52:17 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-14 17:52:13 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-14 17:48:03 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-14 17:47:21 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-14 17:47:21 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-14 17:47:21 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-14 17:46:59 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 20:10:16 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 20:10:14 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 20:10:14 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-12 20:02:45 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-12 19:39:37 F242938F69AA25B8ECD0D9E342799802 637952 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2014-02-12 19:39:36 7FA3046AC2751A408899EFD331FE1980 479744 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2014-02-12 19:38:42 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\Windows\SysWOW64\pcaui.exe 2014-02-12 19:38:42 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\Windows\System32\pcaui.exe 2014-02-12 19:38:16 16277D1B8961AFDC49F44D57611E864B 1375992 ----a-w- C:\Windows\Camera\Camera.exe 2014-02-12 19:38:15 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\Windows\System32\SkyDrive.exe 2014-02-12 19:38:14 F637B5A26013B3FFE9771EE7BF971C05 99680 ----a-w- C:\Windows\FileManager\FileManager.exe 2014-02-12 19:38:14 DA3EFBF93F45EC4E84001EF6F0C7708D 362040 ----a-w- C:\Windows\FileManager\PhotosApp.exe 2014-02-12 19:34:11 2E032281A818BCD191E3DD92000A8EAE 806064 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-12 19:34:09 9FBB2F038A2DDCE696BDEE7080241C0C 808112 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-12 19:34:08 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-12 19:34:07 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-12 19:34:04 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-12 19:34:03 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 19:34:03 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-12 19:34:00 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe === C: other files == 2014-02-13 21:47:47 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-12 19:39:42 3D9A5AC880D7AA2305812D665D24ED23 2551128 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-02-12 19:39:38 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\Windows\System32\drivers\ndis.sys 2014-02-12 19:39:38 0E0796E3413D38A396B1C1591CE2B72E 4191232 ----a-w- C:\Windows\System32\win32k.sys 2014-02-12 19:39:37 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2014-02-12 19:39:35 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\System32\drivers\ipnat.sys 2014-02-12 19:39:34 4628B415A84EA9D4D396A56F1D0CB6C6 142680 -c--a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2014-02-12 19:39:33 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\Windows\System32\drivers\BtaMPM.sys 2014-02-12 19:11:43 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\Windows\System32\drivers\aswStm.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 " "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "DellWPF"="%ProgramFiles%\Synaptics\SynTP\DellTouchpad.exe /hidegui" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-02-2013 17:11] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-12-2013 16:36] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001Core.job --a-------- C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [11-02-2013 17:08] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001UA.job --a-------- C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [11-02-2013 17:08] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001Core" [C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001UA" [C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{818BD91C-4E65-4A63-ABDE-EBE2C42DBF32}" [C:\windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{dfd5512a-7995-4d84-8c50-9505292f1a22}"="C:\Program Files (x86)\Re-markit\150.xpi" [] ==== Chrome Look ====================== Google Docs - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Search - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{7052B87F-4781-401D-8667-76D676DBE29B}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7052B87F-4781-401D-8667-76D676DBE29B} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7052B87F-4781-401D-8667-76D676DBE29B} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Mozilla\Firefox\Extensions\{dfd5512a-7995-4d84-8c50-9505292f1a22} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3739 folders=294 331992067 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Danny\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Danny\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 15-02-2014 at 20:14:57,25 ======================
-
Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Danny on za 15-02-2014 at 19:48:37,81. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danny\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 15-2-2014 19:53:09 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\GUMB9F9.tmp deleted successfully C:\ProgramData\Oracle deleted successfully C:\Users\Danny\AppData\Local\cache deleted successfully C:\Users\Danny\AppData\Local\genienext deleted successfully C:\Users\Danny\AppData\Local\softthinks deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- ==== Deleting Files \ Folders ====================== C:\Users\Danny\.android deleted C:\ProgramData\Package Cache deleted C:\Users\Danny\AppData\Local\Mobogenie deleted C:\Users\Danny\AppData\Local\SwvUpdater deleted C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\Danny\Documents\Mobogenie deleted "C:\Users\Danny\daemonprocess.txt" deleted "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" deleted "C:\Program Files (x86)\Mobogenie\DCR.dll" deleted "C:\Program Files (x86)\Mobogenie\Device.dll" deleted "C:\Program Files (x86)\Mobogenie\libeay32.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcp100.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcr100.dll" deleted "C:\Program Files (x86)\Mobogenie\QtCore4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtGui4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtNetwork4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtSql4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtWebKit4.dll" deleted "C:\Program Files (x86)\Mobogenie\ssleay32.dll" deleted "C:\PROGRA~2\Mobogenie\DaemonProcess.exe" deleted "C:\PROGRA~2\Mobogenie\DCR.dll" deleted "C:\PROGRA~2\Mobogenie\Device.dll" deleted "C:\PROGRA~2\Mobogenie\libeay32.dll" deleted "C:\PROGRA~2\Mobogenie\msvcp100.dll" deleted "C:\PROGRA~2\Mobogenie\msvcr100.dll" deleted "C:\PROGRA~2\Mobogenie\QtCore4.dll" deleted "C:\PROGRA~2\Mobogenie\QtGui4.dll" deleted "C:\PROGRA~2\Mobogenie\QtNetwork4.dll" deleted "C:\PROGRA~2\Mobogenie\QtSql4.dll" deleted "C:\PROGRA~2\Mobogenie\QtWebKit4.dll" deleted "C:\PROGRA~2\Mobogenie\ssleay32.dll" deleted "C:\Program Files (x86)\Mobogenie" deleted "C:\PROGRA~2\Mobogenie" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Danny\AppData\Local\Temp ==== ====== Java Cache ===== 2014-01-18 15:19:01 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6619ee07-61e2e637 2014-01-18 15:19:01 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-25d35ef7 ====== C:\WINDOWS\SysWOW64 ===== 2014-02-12 20:10:16 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\WINDOWS\SysWOW64\javaws.exe 2014-02-12 20:10:14 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\WINDOWS\SysWOW64\javaw.exe 2014-02-12 20:10:14 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-02-12 20:10:14 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\WINDOWS\SysWOW64\java.exe 2014-02-12 19:39:45 9EA661DB9B393F46046D6181A3DDC4AD 2804528 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-12 19:39:43 BEFC9EE0724E53E004A6316C20931F99 2142936 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-02-12 19:39:42 A6A82DE8976069DBA0256AE5327110B5 1371312 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2014-02-12 19:39:41 2E6C68B92DFB0A95771F6DD7A4179FFE 13925888 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-02-12 19:39:39 E0C156E4380CE5C64CFBF2650895038D 18642504 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-02-12 19:39:38 D11A05032C28EE7588C135ECF7B49E81 1204968 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2014-02-12 19:39:38 72B3380DA5EA53028501F3B94E421FBB 2295808 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2014-02-12 19:39:37 15DF7EF29273464E6112E7A131537BCD 669344 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-02-12 19:39:36 7FA3046AC2751A408899EFD331FE1980 479744 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-02-12 19:39:35 C85EA737B20BEDC46CBA748DCE115184 433664 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2014-02-12 19:39:35 92124EF7B1BF5492EFCA17B3A208E4F4 663680 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-12 19:39:34 FF73CDC3F09904D82B0CCC1CA750CD02 218112 ----a-w- C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-12 19:39:34 6A7D239E3A3B90818B9BFE7B7CCD4BFC 584192 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-02-12 19:39:33 CF4C3815E577C7DC32BB8DB90F0B34C1 552624 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-12 19:39:33 48B8013201B1846F893A83606248A8CC 336384 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-02-12 19:39:33 06730D9C233B01E2F99C1BE2461629F7 980480 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll 2014-02-12 19:39:32 ECD4A3F754224C954D3D19B6ECBFE5AA 513536 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2014-02-12 19:39:32 4E556E5490191ED9B771576D9221A461 273920 ----a-w- C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-12 19:38:42 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-12 19:38:41 94443607F11CA635408A89F598C16DDD 835584 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-12 19:38:38 F0769848C6438AF1FF45E495219222B7 444928 ----a-w- C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-12 19:38:15 7D30E75C5C0FEAA40B79775C92C6AF23 628736 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-12 19:38:15 5D2A65C08953962327A21A51B5FC2089 1020928 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-12 19:38:15 5A37BBFA3A43556806DE5DDAD682766B 105984 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-12 19:37:42 419E037A7BAE52E665F89FB22FCC5D87 4961792 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-12 19:37:41 E31D12A9F5F358D60B8B34A1949DCE45 11702272 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-02-12 19:37:40 D5B5184F8C258D2C3AC70E3799C7A4BF 830976 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-12 19:37:39 46C6D8A6B4DEBBB55B6DA6B92C100599 1202888 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2014-02-12 19:37:39 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-12 19:37:18 C9C0B562C7AA50A672766AAC8112DF05 3936256 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-12 19:37:17 2754B116D797255B6A2F2F5DB1760238 2071552 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-12 19:37:16 77854ABDFA570601755D9D63F1F890DA 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-12 19:34:16 5254A52E0F354BC7955E309C4166CE0A 1317376 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-12 19:34:12 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-12 19:34:12 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-12 19:34:11 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-12 19:34:11 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-12 19:34:11 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-12 19:34:10 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-12 19:34:09 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-12 19:34:08 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-12 19:34:07 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-12 19:34:07 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-12 19:34:06 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-12 19:34:05 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-12 19:34:03 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-12 19:34:02 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\WINDOWS\SysWOW64\msrating.dll 2014-02-12 19:34:02 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-02-12 19:34:02 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-12 19:34:02 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-05 17:25:28 ED8ED1CE6CAB56103230E2097763DC2B 695808 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-05 17:25:27 B6D28E8DC13F9EAF8B74BDB4F3DD9781 174592 ----a-w- C:\WINDOWS\SysWOW64\WSClient.dll 2014-02-05 17:25:26 73D0837E97CD7368BCA7DE4E373B8503 103936 ----a-w- C:\WINDOWS\SysWOW64\OEMLicense.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-02-12 19:39:48 5F9799975EAB95431BF78428B26B4FF6 21196664 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-02-12 19:39:46 32370AF583EC8B24D790E1B9201D6811 3210528 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2014-02-12 19:39:45 013BB1B12833CD646175312307768F93 18577920 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2014-02-12 19:39:43 CA336E6ABF539A6D14DA3C49DDD24696 2131120 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-02-12 19:39:43 3E7B2C9026986C821E507A3319EA1D80 1928144 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2014-02-12 19:39:41 9FF95D589B5626852CECA2444C5C5A58 2617344 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2014-02-12 19:39:40 D33E2A482C47ABFDD80185DD9C8C06F1 1399176 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2014-02-12 19:39:40 728D3349FAB251B0265EFA55C67DCA2D 1503232 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2014-02-12 19:39:38 EF276593AD1BDF5A99032F62D6272848 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2014-02-12 19:39:38 1A1B60D269F745C021F69564B5906AD0 1374384 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll 2014-02-12 19:39:38 0E0796E3413D38A396B1C1591CE2B72E 4191232 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-02-12 19:39:37 FCB3BD54917D36FE79DFDF0ED7ACBEBB 764856 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2014-02-12 19:39:37 F242938F69AA25B8ECD0D9E342799802 637952 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2014-02-12 19:39:37 D65B1C952AEB864C2BAC7A770B17ECCE 282112 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2014-02-12 19:39:37 A6207A88B596F726DE558425F3B7E592 263168 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2014-02-12 19:39:37 39435F4007F1CEDEF04356892B18D174 202240 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll 2014-02-12 19:39:36 B9FC41CEC711DC0E1BFE927EEDC49176 745336 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2014-02-12 19:39:36 78AB9F5DC27E317F0B34C45D54ABB6B2 32088 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll 2014-02-12 19:39:36 660891FFB1B22FF39AADB3F45CE15D45 470016 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2014-02-12 19:39:36 40B228D05DB02F4A5F2452600999F53F 809872 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2014-02-12 19:39:36 2EAF0A1F9E4DF34862CC5A2B5437E450 744448 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2014-02-12 19:39:35 E18E9C9EBCFCA456B74BB6A80B1DB226 1415680 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2014-02-12 19:39:35 B818F6F3CA67E4BD278EDE5600BDD65E 461824 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll 2014-02-12 19:39:35 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 136704 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2014-02-12 19:39:35 34F8F7A0B782798F6A9511157BCC3E32 273408 ----a-w- C:\WINDOWS\Sysnative\Windows.Graphics.dll 2014-02-12 19:39:34 91433B44B1EF301E7DD696EB5281BC20 589824 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2014-02-12 19:39:33 FF9F658A51CAD74C25AF83038DBD735D 306688 ----a-w- C:\WINDOWS\Sysnative\msieftp.dll 2014-02-12 19:39:33 CD45E3FE736150D45EFDC9145DA53757 24064 ----a-w- C:\WINDOWS\Sysnative\bi.dll 2014-02-12 19:39:33 BDE4ABD3AB4171CECADFD38F392E656C 1227264 ----a-w- C:\WINDOWS\Sysnative\mispace.dll 2014-02-12 19:39:31 AD95F86C8D1843BE653F89FDE213F9E7 207872 ----a-w- C:\WINDOWS\Sysnative\deviceregistration.dll 2014-02-12 19:39:31 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-02-12 19:38:42 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\WINDOWS\Sysnative\pcaui.exe 2014-02-12 19:38:41 D13EE1D0B33D2B19C048EFA53DD41A2B 1113040 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2014-02-12 19:38:38 BE94090FCBB95B6F22E952D27BD2610E 570880 ----a-w- C:\WINDOWS\Sysnative\msdrm.dll 2014-02-12 19:38:17 F67102E9791A5B80070B30ADF1159A3C 4217344 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll 2014-02-12 19:38:16 F2629AF810E939672173CB17ECAC1667 919040 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2014-02-12 19:38:16 1968E2E5143D2EB964F836BA19A51104 2804224 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2014-02-12 19:38:15 5C6F6CC5C1395A8B5864713CD3F7F329 720384 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2014-02-12 19:38:15 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe 2014-02-12 19:38:15 41BD327A7518C4102969FCEE8F3D5030 121344 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll 2014-02-12 19:38:13 BBB9A31169B4969169ADE608231E2985 115712 ----a-w- C:\WINDOWS\Sysnative\winbici.dll 2014-02-12 19:37:43 570444FD34EE07261E22536122ECD720 7416832 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2014-02-12 19:37:42 5BD47B7C7DF76203FD639F2568A8C7B7 13209088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-02-12 19:37:40 A9154084EBC2A190943548AE4275A0E9 1105408 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2014-02-12 19:37:39 30D839DEBD6B0E89D13B9259C39B3FFA 1462216 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2014-02-12 19:37:38 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-results.searchconnector-ms 2014-02-12 19:37:18 053472337FDD116BD010C88DB0C34DF1 4604416 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2014-02-12 19:37:17 389C4E97E3A498159B625A7A13EA4560 2397184 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2014-02-12 19:37:17 22B4875CBDFA96BEF911F5A79FFA56EA 548864 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2014-02-12 19:34:17 AC7C39F7A866BF81103042244CE85827 2152448 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2014-02-12 19:34:12 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\WINDOWS\Sysnative\ieetwcollectorres.dll 2014-02-12 19:34:12 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-02-12 19:34:11 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\WINDOWS\Sysnative\ieetwproxystub.dll 2014-02-12 19:34:09 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2014-02-12 19:34:09 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2014-02-12 19:34:08 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-02-12 19:34:07 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\WINDOWS\Sysnative\ieetwcollector.exe 2014-02-12 19:34:06 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-02-12 19:34:05 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2014-02-12 19:34:04 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-02-12 19:34:03 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-02-12 19:34:01 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-02-12 19:34:00 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-02-12 19:34:00 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2014-02-12 19:34:00 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\WINDOWS\Sysnative\ieUnatt.exe 2014-02-12 19:33:59 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-02-12 19:33:59 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\WINDOWS\Sysnative\msrating.dll 2014-02-12 19:33:58 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-02-12 19:33:58 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2014-02-12 19:33:58 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-02-05 17:35:49 9F2AEF6DC4E11307B065FD38D1DF00B8 312744 ----a-w- C:\WINDOWS\Sysnative\javaws.exe 2014-02-05 17:35:44 AA2F3D9F789F071F90B398CC7D40330E 189352 ----a-w- C:\WINDOWS\Sysnative\java.exe 2014-02-05 17:35:44 83EEFE83438AEF9FBB7613A106C5E5BB 189352 ----a-w- C:\WINDOWS\Sysnative\javaw.exe 2014-02-05 17:35:44 1D1761BC856B17BFC5569D228F4FCD1D 108968 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll 2014-02-05 17:25:31 EF5A9D7523E4530D2030D4EA2D90FEC3 787968 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2014-02-05 17:25:29 D8E3A4701376CCFD0BE542D745FA4809 3395920 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2014-02-05 17:25:28 E3E168E733B0E8383BA5635542FDB96F 848384 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-02-05 17:25:28 294AAE73D0D7BDAACC5224BC7334077B 206336 ----a-w- C:\WINDOWS\Sysnative\WSClient.dll 2014-02-05 17:25:27 3E245CCA42D78B9626A79FE77E111D7B 84480 ----a-w- C:\WINDOWS\Sysnative\WSCollect.exe 2014-02-05 17:25:26 30AE1D2A418A6C128CF3BD6EA37354DB 138240 ----a-w- C:\WINDOWS\Sysnative\OEMLicense.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-02-13 21:47:47 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-02-12 19:39:42 3D9A5AC880D7AA2305812D665D24ED23 2551128 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-02-12 19:39:38 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-02-12 19:39:37 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-02-12 19:39:35 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\WINDOWS\Sysnative\drivers\ipnat.sys 2014-02-12 19:39:34 4628B415A84EA9D4D396A56F1D0CB6C6 142680 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-02-12 19:39:33 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\WINDOWS\Sysnative\drivers\BtaMPM.sys 2014-02-12 19:11:43 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys ====== C:\WINDOWS\Tasks ====== 2014-01-20 19:28:26 5DC79C24CA043FCEBDA99989699A4D0E 3550 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-14 18:29:57 -------- d-----w- C:\Program Files\trend micro 2014-02-05 17:35:30 -------- d-----w- C:\Program Files\Java ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Danny\AppData\Roaming ====== 2014-02-14 17:47:12 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google 2014-01-18 15:16:32 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft ====== C:\Users\Danny ====== 2014-02-15 17:13:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (3).exe 2014-02-15 11:21:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (2).exe 2014-02-15 11:14:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (1).exe 2014-02-15 11:14:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64.exe ====== C: exe-files == 2014-02-15 17:13:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (3).exe 2014-02-15 11:21:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (2).exe 2014-02-15 11:14:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64 (1).exe 2014-02-15 11:14:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danny\Downloads\RSITx64.exe 2014-02-14 18:29:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Danny.exe 2014-02-14 18:04:10 E607D804E0903F3D8C4A72329DE18B62 2808832 ----a-w- C:\Users\Danny\AppData\Local\Packages\GoogleInc.GoogleSearch_yfg5n0ztvskxp\AC\Microsoft\CLR_v4.0\NativeImages\google-search\cb0da979b96024c974d352a06818d428\google-search.ni.exe 2014-02-14 17:52:17 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-14 17:52:13 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-14 17:48:03 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-14 17:47:21 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-14 17:47:21 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-14 17:47:21 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-14 17:46:59 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 20:10:16 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 20:10:14 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 20:10:14 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-12 20:02:45 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Danny\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-12 19:39:37 F242938F69AA25B8ECD0D9E342799802 637952 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2014-02-12 19:39:36 7FA3046AC2751A408899EFD331FE1980 479744 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2014-02-12 19:38:42 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\Windows\SysWOW64\pcaui.exe 2014-02-12 19:38:42 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\Windows\System32\pcaui.exe 2014-02-12 19:38:16 16277D1B8961AFDC49F44D57611E864B 1375992 ----a-w- C:\Windows\Camera\Camera.exe 2014-02-12 19:38:15 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\Windows\System32\SkyDrive.exe 2014-02-12 19:38:14 F637B5A26013B3FFE9771EE7BF971C05 99680 ----a-w- C:\Windows\FileManager\FileManager.exe 2014-02-12 19:38:14 DA3EFBF93F45EC4E84001EF6F0C7708D 362040 ----a-w- C:\Windows\FileManager\PhotosApp.exe 2014-02-12 19:34:11 2E032281A818BCD191E3DD92000A8EAE 806064 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-12 19:34:09 9FBB2F038A2DDCE696BDEE7080241C0C 808112 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-12 19:34:08 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-12 19:34:07 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-12 19:34:04 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-12 19:34:03 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 19:34:03 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-12 19:34:00 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe === C: other files == 2014-02-13 21:47:47 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-12 19:39:42 3D9A5AC880D7AA2305812D665D24ED23 2551128 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-02-12 19:39:38 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\Windows\System32\drivers\ndis.sys 2014-02-12 19:39:38 0E0796E3413D38A396B1C1591CE2B72E 4191232 ----a-w- C:\Windows\System32\win32k.sys 2014-02-12 19:39:37 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2014-02-12 19:39:35 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\System32\drivers\ipnat.sys 2014-02-12 19:39:34 4628B415A84EA9D4D396A56F1D0CB6C6 142680 -c--a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2014-02-12 19:39:33 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\Windows\System32\drivers\BtaMPM.sys 2014-02-12 19:11:43 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\Windows\System32\drivers\aswStm.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 " "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "DellWPF"="%ProgramFiles%\Synaptics\SynTP\DellTouchpad.exe /hidegui" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-02-2013 17:11] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-12-2013 16:36] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001Core.job --a-------- C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [11-02-2013 17:08] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001UA.job --a-------- C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [11-02-2013 17:08] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001Core" [C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001UA" [C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{818BD91C-4E65-4A63-ABDE-EBE2C42DBF32}" [C:\windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{dfd5512a-7995-4d84-8c50-9505292f1a22}"="C:\Program Files (x86)\Re-markit\150.xpi" [] ==== Chrome Look ====================== Google Docs - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Search - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{7052B87F-4781-401D-8667-76D676DBE29B}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7052B87F-4781-401D-8667-76D676DBE29B} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7052B87F-4781-401D-8667-76D676DBE29B} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-896879856-809570907-237334025-1001\Software\Mozilla\Firefox\Extensions\{dfd5512a-7995-4d84-8c50-9505292f1a22} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3739 folders=294 331992067 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Danny\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Danny\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 15-02-2014 at 20:14:57,25 ======================
-
[ATTACH]30364[/ATTACH] log15022014.txt
-
Logfile of random's system information tool 1.09 (written by random/random) Run by Danny at 2014-02-15 12:14:55 Microsoft Windows 8.1 System drive C: has 228 GB (24%) free of 939 GB Total RAM: 6013 MB (67% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:15:03, on 15-2-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Mobogenie\DaemonProcess.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Danny.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dell.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 14977 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\WINDOWS\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\WINDOWS\system32\WLANExt.exe 868335034128 \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" dashost.exe {f9b7db97-fd61-4fa0-81baa13d0cecad7a} "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" "c:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" taskhostex.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet "C:\Windows\System32\SettingSyncHost.exe" -Embedding C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Windows\System32\igfxtray.exe" C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\WINDOWS\system32\igfxsrvc.exe" -Embedding "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4 "C:\Program Files\Dell\QuickSet\quickset.exe" "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp "C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Synaptics\SynTP\DellTouchpad.exe" /hidegui "C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "C:\Users\Danny\AppData\Local\Apps\2.0\WYK876JM.AHJ\RRY8J32D.EW7\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe" C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-896879856-809570907-237334025-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-896879856-809570907-237334025-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4848 CREDAT:144385 /prefetch:2 "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" C:\WINDOWS\System32\svchost.exe -k WerSvcGroup C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" C:\WINDOWS\system32\WerFault.exe -u -p 1744 -s 904 C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4848 CREDAT:341069 /prefetch:2 C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WerFault.exe -u -p 2056 -s 9080 explorer.exe "C:\Users\Danny\Downloads\RSITx64 (1).exe" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-896879856-809570907-237334025-1001UA.job C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-01-18 218784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-05 553384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-01-18 880344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-18 2331336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-05 210856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2013-11-13 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-01-18 707288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-01-18 1727176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-09-25 6842000] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-09-28 1230992] "QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2012-10-19 5757328] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 2184520] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-21 2918200] "DellWPF"=C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [2012-09-21 4875576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11 116648] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2012-12-17 59872] "DellSystemDetect"=C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-12-12 370] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2012-12-17 59872] "com.apple.dav.bookmarks.daemon"=C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [2012-12-17 59872] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2012-07-16 56128] "CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120] "CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-04 491120] "RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-06-01 143888] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59720] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-12 3767096] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2014-01-09 766656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=1 "NoActiveDesktop"=1 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll - - - Updated - - - Allee, een deel wel!
-
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.13.11 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 Danny :: LAPTOPKE [administrator] Bescherming: Ingeschakeld 15-2-2014 10:44:50 mbam-log-2014-02-15 (10-44-50).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 235284 Verstreken tijd: 9 minuut/minuten, 37 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) - - - Updated - - - Ik krijg logje niet gepost; krijg volgende reactie; is het logje te groot? Fatal error: Maximum execution time of 30 seconds exceeded in /home/pchelpfor/domains/pc-helpforum.be/public_html/includes/functions.php on line 2351
-
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.13.11 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 Danny :: LAPTOPKE [administrator] Bescherming: Ingeschakeld 14-2-2014 19:16:47 MBAM-log-2014-02-14 (19-25-10).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 234414 Verstreken tijd: 7 minuut/minuten, 40 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 1 C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. Registersleutels gedetecteerd: 14 HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Geen actie ondernomen. HKCR\CLSID\{f8a798c0-381e-4fa4-999a-7f66121be32e} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCR\TypeLib\{a2c58208-98bb-4364-b343-00d80d37dd1d} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCR\Interface\{b76c93c0-ab66-4721-8d0e-3b103b19c8e0} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7ff495a6-0136-4fb7-97a5-cde0ca3d5ab3 (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Geen actie ondernomen. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\Danny\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. Bestanden gedetecteerd: 17 C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\CFAOELQF\The Hunger Games Catching Fire (2013) DVDScr XviD - Exclusive.exe (PUP.Optional.BundleInstaller.A) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\I3UUU1A3\DownloadSetup__2299_i253245743_il8.exe (PUP.Optional.InstallMonetizer) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\OR1Z0FY1\rcp_dcomnew_sec_728.exe (PUP.Optional.RegCleanPro) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\UNL0X0NL\DownloadSetup__2299_i253259567_il8.exe (PUP.Optional.InstallMonetizer) -> Geen actie ondernomen. C:\Windows\Tasks\Re-markit Update.job (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\01.db (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.crx (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.dat (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.dll (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.xpi (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\ReMarkit_up.exe (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\Sqlite3.dll (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. (einde)
-
nog een logje! Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.13.11 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 Danny :: LAPTOPKE [administrator] Bescherming: Ingeschakeld 13-2-2014 22:49:03 MBAM-log-2014-02-13 (22-59-21).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 234432 Verstreken tijd: 8 minuut/minuten, 41 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 2 C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.dll (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. Registersleutels gedetecteerd: 14 HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Geen actie ondernomen. HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Geen actie ondernomen. HKCR\CLSID\{f8a798c0-381e-4fa4-999a-7f66121be32e} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCR\TypeLib\{a2c58208-98bb-4364-b343-00d80d37dd1d} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCR\Interface\{b76c93c0-ab66-4721-8d0e-3b103b19c8e0} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8A798C0-381E-4FA4-999A-7F66121BE32E} (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7ff495a6-0136-4fb7-97a5-cde0ca3d5ab3 (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Geen actie ondernomen. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\Danny\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. Bestanden gedetecteerd: 17 C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\CFAOELQF\The Hunger Games Catching Fire (2013) DVDScr XviD - Exclusive.exe (PUP.Optional.BundleInstaller.A) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\I3UUU1A3\DownloadSetup__2299_i253245743_il8.exe (PUP.Optional.InstallMonetizer) -> Geen actie ondernomen. C:\Users\Danny\Local Settings\Temporary Internet Files\IE\UNL0X0NL\DownloadSetup__2299_i253259567_il8.exe (PUP.Optional.InstallMonetizer) -> Geen actie ondernomen. C:\Windows\explorer_1.exe (Riskware.BitcoinMiner) -> Geen actie ondernomen. C:\Windows\Tasks\Re-markit Update.job (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Users\Danny\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\01.db (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.crx (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.dat (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.dll (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\150.xpi (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\ReMarkit_up.exe (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\Sqlite3.dll (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Geen actie ondernomen. (einde)
-
hoi ik bezit een goeie basis Excel 2013, kan ik online gevorderde cursussen volgen? :cool::cool:
-
Beste, heb veel spam en mijn Win 8 is me dunkt traag (upgrade 8.1 is gebeurd) Alvast een logje. (mijn laptop heeft pas een nieuw moederbord, is amper 10 maand, is het een Dell gewoonte?) Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 21:35:23, on 13-2-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16518) CHROME: 32.0.1700.107 Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Mobogenie\DaemonProcess.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Danny\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Wedstrijden - Doe mee met onze wedstrijden en maak kans op toffe prijzen. - Gva.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Re-markit - {f8a798c0-381e-4fa4-999a-7f66121be32e} - C:\Program Files (x86)\Re-markit\150.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Danny\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dell.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 14719 bytes
-
Beste, mijn ipad & iphone kunnen niet meer op internet, maar geven wel een goeie verbinding weer! Mijn notebook heeft een throjan horse geelimineerd, zou mijn iphone & ipad besmet kunnen zijn, met dat zelfde virus...? Ik heb geen antivirus op ipad & iphone, wel op notebook (is niet van apple). Helllllllllllllllllllp. Groetjes Jonati
-
Is deze browser werkbaar voor iPad om flash player te gebruiken? zo ja, waar vind ik die (met de nodige uitleg, om die te gebruiken...)
-
Die 15R heeft Hdmi aansluiting, bij die 17R vind ik dat niet terug...?
-
Een vaste plek in de huiskamer..., om te internetten, microsoft office, een filmke bekijken, yellow van telenet.... CTRL + Q to Enable/Disable GoPhoto.it - - - Updated - - - CTRL + Q to Enable/Disable GoPhoto.it
-
Ik twijfel tss 2 modellen; Nieuw! Inspiron 15R-laptop ? Laptop met SWITCH-covers | Dell België De online winkel van Dell: stel zelf uw systeem samen Wat is jullie mening?
-
De snelheid is veel beter, thx!
-
Aub; ik hoop dat ik het een beetje goedgedaan heb! Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.12.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 jokke :: PC_VAN_JOKKE [administrator] Bescherming: Ingeschakeld 12/01/2013 16:31:55 mbam-log-2013-01-12 (16-31-55).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 198698 Verstreken tijd: 8 minuut/minuten, 31 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Users\jokke\Downloads\flvmplayer(1).exe (PUP.BundleInstaller.SOL) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\jokke\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:48:54, on 12/01/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\BearShare Applications\BearShare\BearShare.exe C:\Program Files\WinZip\WZQKPICK32.EXE C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\notepad.exe c:\Users\jokke\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Search-Results Toolbar - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Search-Results Toolbar - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\jokke\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [bearShare] "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" --lightmode O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6948 bytes
-
hoi, trage pc (pc van mijn pa), graag raad (mijn antwoorden kunnen wel ff duren, daar ik de pc niet altijd bij de hand heb!). ALVAST EEN LOGJE! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:19:28, on 5/01/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Users\jokke\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Search-Results Toolbar - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O3 - Toolbar: Search-Results Toolbar - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\jokke\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [iMesh] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode O4 - HKCU\..\Run: [bearShare] "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" --lightmode O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 7042 bytes
-
Gaat behoorlijk sneller, Thx
-
CTRL + Q to Enable/Disable GoPhoto.it CTRL + Q to Enable/Disable GoPhoto.it ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.2.5 (12.24.2012:1) OS: Windows 7 Ultimate x64 Ran by Danny on wo 26/12/2012 at 10:35:21,83 Blog: Malware Analysis and Removal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_classes_root\appid\babylonhelper.exe Successfully deleted: [Registry Key] hkey_local_machine\software\ib updater Successfully deleted: [Registry Key] hkey_current_user\software\optimizer pro Successfully deleted: [Registry Key] hkey_current_user\software\sweetim Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Danny\AppData\Roaming\optimizer pro" Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro" Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed up" Successfully deleted: [Folder] "C:\Program Files (x86)\perion" ~~~ FireFox Successfully deleted: [File] C:\Users\Danny\AppData\Roaming\mozilla\firefox\profiles\bmgfrksz.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi Successfully deleted the following from C:\Users\Danny\AppData\Roaming\mozilla\firefox\profiles\bmgfrksz.default\prefs.js user_pref("extensions.4f807aad67e79.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,sear user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); user_pref("extensions.wrc.SearchRules.baidu.com.url", "^http\\:\\/\\/www\\.baidu\\.com\\/.*"); user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .listing .resultsLink + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-re user_pref("extensions.wrc.SearchRules.excite.com.url", "^http\\:\\/\\/msxml\\.excite\\.com\\/excite\\/ws\\/.+"); user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-r user_pref("extentions.y2layers.installId", "A1CBCF5D-BAA3-93C5-BD20-BE9F737E7D81"); user_pref("extentions.y2layers.lastDnsTest", 371943); ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on wo 26/12/2012 at 10:56:17,32 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
PRETTIGE FEESTDAGEN!!!! ComboFix 12-12-25.01 - Danny 25/12/2012 11:20:12.20.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.1791.276 [GMT 1:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\torrent.exe c:\windows\wininit.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-25 to 2012-12-25 )))))))))))))))))))))))))))))) . . 2012-12-25 10:33 . 2012-12-25 10:33 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-25 10:33 . 2012-12-25 10:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-25 10:33 . 2012-12-25 10:33 -------- d-----w- c:\users\AppData\AppData\Local\temp 2012-12-16 10:24 . 2012-12-16 10:24 -------- d-----w- c:\users\Danny\AppData\Roaming\AVG2013 2012-12-16 10:09 . 2012-12-16 10:09 -------- d-----w- c:\users\Danny\AppData\Roaming\TuneUp Software 2012-12-16 10:05 . 2012-12-16 10:10 -------- d-----w- c:\programdata\AVG2013 2012-12-16 09:52 . 2012-12-16 09:52 -------- d-----w- c:\users\Danny\AppData\Local\MFAData 2012-12-16 09:52 . 2012-12-16 09:52 -------- d-----w- c:\users\Danny\AppData\Local\Avg2013 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-12 21:32 . 2012-04-08 06:29 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-12 21:32 . 2011-05-30 06:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-29 17:54 . 2010-02-20 19:21 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-27 20:09 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-09-27 20:09 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096] R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2009-06-26 32768] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;tsusbhub [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 313696] R4 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 431456] R4 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-07-08 239648] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 21:32] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001Core.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . 2012-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001UA.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = localhost uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.gva.be/ontspanning/wedstrijden/ . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe WebBrowser-{656461EF-40F6-4115-9FF1-BCED9812CCBB} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\]Error "Key"="http://schemas.microsoft.com/office/smartdocuments/2003" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias] "0"="Microsoft Actions Pane 3" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-25 11:41:01 ComboFix-quarantined-files.txt 2012-12-25 10:41 ComboFix2.txt 2012-10-27 17:37 . Pre-Run: 95.704.858.624 bytes beschikbaar Post-Run: 95.849.402.368 bytes beschikbaar . - - End Of File - - 1167D703887F3C25538A3D83BB480D35
-
Hoi, heb weer een trage pc zoals op 12/8/2012 (heb ik wel de juiste antivirus e.d.?) Alvast een Logje! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:26:55, on 24/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe" /c O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8963 bytes
-
stekker van modem uitgetrokken, enkele minuten gewacht en,...., marcheert terug!!!
-
Geen wifi op tablet en smartphone (telenet) meer, hoe terug activeren?
