Ga naar inhoud

Jordan99

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    3

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Jordan99

  1. Jordan99
    E-Peek v 1.0.5.6 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @E Dev Run at ma 1 dec 2014 17:23 . Windows 7 Ultimate SP 1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Internet Explorer Boot mode: Normal boot User logged in: Jordan . Java x86: n/a Java x64: n/a . AV : AVG AntiVirus Free Edition 2015 [updated - Not Running] AS : Windows Defender [updated - Running] AS : AVG AntiVirus Free Edition 2015 [updated - Not Running] FW : Windows firewall . ==================== Files and Folders history================================= Folders Created Last7 days : 30-11-2014 #####r-h-s-d+a- C:\Users\Jordan\AppData\Roaming\EurekaLab s.a.s 30-11-2014 #####r-h-s-d+a- C:\Program Files(x86)\Malwarebytes Anti-Malware 29-11-2014 #####r-h-s-d+a+ C:\cce_linux 28-11-2014 #####r-h-s-d+a- C:\rsit 28-11-2014 #####r-h-s-d+a- C:\ProgramData\Emsisoft 28-11-2014 #####r-h-s-d+a- C:\Program Files\trend micro 28-11-2014 #####r-h-s-d+a- C:\Program Files(x86)\Emsisoft Anti-Malware 25-11-2014 #####r-h-s-d+a- C:\ProgramData\HitmanPro 25-11-2014 #####r-h-s-d+a- C:\ProgramData\fglelgmopjjbdjgcgecdmkpfdagmmgef 25-11-2014 #####r-h-s-d+a- C:\Program Files (x86)\ESET 01-12-2014 #####r-h-s-d+a- C:\Program Files (x86)\E Dev Files Modified Last 7days : 29-11-2014 01698222r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 29-11-2014 00755776r-h-s-d-a+ C:\Windows\system32\perfh013.dat 29-11-2014 00662908r-h-s-d-a+ C:\Windows\system32\perfh009.dat 29-11-2014 00185724r-h-s-d-a+ C:\Windows\system32\avgrep.txt 29-11-2014 00158514r-h-s-d-a+ C:\Windows\system32\perfc013.dat 29-11-2014 00126038r-h-s-d-a+ C:\Windows\system32\perfc009.dat 28-11-2014 00411600r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 27-11-2014 04443312r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerInstaller.exe 27-11-2014 00701104r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe 27-11-2014 00071344r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 25-11-2014 00004786r-h-s-d-a+ C:\Windows\system32\.crusader 01-12-2014 00026576r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 01-12-2014 00026576r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 01-12-2014 00000029r-h-s-d-a+ C:\Windows\SysWOW64\TempWmicBatchFile.bat Files Created Last 7days : 29-11-2014 01938136r-h+s-d-a+ C:\Users\Jordan\AppData\Local\IconCache.db 29-11-2014 00185724r-h-s-d-a+ C:\Windows\system32\avgrep.txt 28-11-2014 00411600r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 28-11-2014 00109296r-h-s-d-a+ C:\Users\Jordan\AppData\Local\GDIPFONTCACHEV1.DAT 27-11-2014 04443312r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerInstaller.exe 25-11-2014 00004786r-h-s-d-a+ C:\Windows\system32\.crusader 01-12-2014 00000109r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc ==================== RUNNING PROCESSES========================================= [AdminService] -SYSTEM- C:\Program Files (x86)\BluetoothSuite\adminservice.exe - (Qualcomm Atheros Commnucations) [AmIcoSinglun64] -Jordan- C:\Program Files(x86)\AmIcoSingLun\AmIcoSinglun64.exe - (Alcor Micro Corp.) [armsvc] -SYSTEM- C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [atieclxx] -SYSTEM- C:\Windows\system32\atieclxx.exe - (AMD) [atiesrxx] -SYSTEM- C:\Windows\system32\atiesrxx.exe - (AMD) [avgui] -Jordan- C:\Program Files(x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files(x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [boostSpeed] -Jordan- C:\Program Files(x86)\Auslogics\BoostSpeed\BoostSpeed.exe - (Auslogics) [btTray] -Jordan- C:\Program Files (x86)\BluetoothSuite\BtTray.exe - (Qualcomm Atheros) [btvStack] -Jordan- C:\Program Files (x86)\BluetoothSuite\BtvStack.exe - (Qualcomm Atheros Commnucations) [CCleaner64] -Jordan- C:\ProgramFiles\CCleaner\CCleaner64.exe - (Piriform Ltd) [cronsvc] -SYSTEM- C:\Prey\platform\windows\cronsvc.exe -(Fork Ltd.) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (MicrosoftCorporation) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (MicrosoftCorporation) [ctfmon] -Jordan- C:\Windows\SysWOW64\ctfmon.exe -(Microsoft Corporation) [CxAudMsg64] -SYSTEM- C:\Windows\system32\CxAudMsg64.exe -(Conexant Systems Inc.) [Dropbox] -Jordan-C:\Users\Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) [dwm] -Jordan- C:\Windows\system32\Dwm.exe - (MicrosoftCorporation) [E-Peek 1.0.5] -Jordan- C:\Program Files (x86)\EDev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [E-Peek 1.0.5] -Jordan- C:\Program Files (x86)\EDev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [ETDCtrl] -Jordan- C:\Program Files\Elantech\ETDCtrl.exe -(ELAN Microelectronics Corp.) [ETDCtrlHelper] -Jordan- C:\ProgramFiles\Elantech\ETDCtrlHelper.exe - (ELAN Microelectronics Corp.) [explorer] -Jordan- C:\Windows\Explorer.EXE - (MicrosoftCorporation) [firefox] -Jordan- C:\Program Files (x86)\MozillaFirefox\firefox.exe - (Mozilla Corporation) [FlashUtil64_15_0_0_239_ActiveX] -Jordan-C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_239_ActiveX.exe - (AdobeSystems Incorporated) [GoogleCrashHandler] -SYSTEM- C:\Program Files(x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe - (Google Inc.) [GoogleCrashHandler64] -SYSTEM- C:\Program Files(x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe - (Google Inc.) [iexplore] -Jordan- C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -Jordan- C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -Jordan- C:\Program Files\InternetExplorer\iexplore.exe - (Microsoft Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (MicrosoftCorporation) [lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (MicrosoftCorporation) [psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe- (Secunia) [searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe- (Microsoft Corporation) [services] -SYSTEM- C:\Windows\system32\services.exe -(Microsoft Corporation) [smss] -SYSTEM- C:\Windows\system32\smss.exe - (MicrosoftCorporation) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe -(Microsoft Corporation) [sppsvc] -NETWORK SERVICE- C:\Windows\system32\sppsvc.exe -(Microsoft Corporation) [sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe -(Secunia) [taskeng] -Jordan- C:\Windows\system32\taskeng.exe -(Microsoft Corporation) [taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe -(Microsoft Corporation) [taskhost] -Jordan- C:\Windows\system32\taskhost.exe -(Microsoft Corporation) [TeamViewer_Service] -SYSTEM- C:\Program Files(x86)\TeamViewer\Version8\TeamViewer_Service.exe - (TeamViewer GmbH) [thunderbird] -Jordan- C:\Program Files (x86)\MozillaThunderbird\thunderbird.exe - (Mozilla Corporation) [TrustedInstaller] -SYSTEM-C:\Windows\servicing\TrustedInstaller.exe - (Microsoft Corporation) [VirtualRouterService] -SYSTEM- C:\Program Files(x86)\Virtual Router\VirtualRouterService.exe - (Chris Pietschmann(Chris Pietschmann | husband, father, hacker, entrepreneur, futurist, innovator, autodidact)) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe -(Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe -(Microsoft Corporation) [WinPatrol] -Jordan- C:\Program Files (x86)\BillPStudios\WinPatrol\WinPatrol.exe - (BillP Studios) [WLIDSVC] -SYSTEM- C:\Program Files\Common Files\MicrosoftShared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.) [WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\MicrosoftShared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.) [WmiPrvSE] -NETWORK SERVICE-C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows MediaPlayer\wmpnetwk.exe - (Microsoft Corporation) ==================== IE PAGES================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @Start Page = hxxp://www.google.nl IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @Search Page = hxxp://www.google.com IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @Default_Page_URL = hxxp://www.google.com/ie IE03 - HKCU\Software\Microsoft\Internet Explorer\SearchUrl @Default = hxxp://www.google.com/search?q=%s IE04 - HKCU\..\SearchScopes{0D67C3C0-B2E3-4080-A22D-914BABC18C12} @ DisplayName: [ZIE.nl (video’s)] @ URL= hxxp://www.zie.nl/search/videos/{searchTerms}&origin=nu_ie8 IE04 - HKCU\..\SearchScopes{29AC26E3-2C87-454A-A64F-C08F599A54F2} @ DisplayName: [eBay] @ URL =hxxp://rover.ebay.com/rover/1/1346-71133-23097-1/4?satitle={searchTerms} IE04 - HKCU\..\SearchScopes{92AB0653-4D91-437C-8D9C-D05921804245} @ DisplayName: [Google] @ URL = hxxps://www.google.com/search?q={searchTerms} IE05 - HKCU\..\URLSearchHooks @{CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @Start Page = Google IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\..\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @Start Page = hxxp://www.google.nl IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @Search Page = hxxp://www.google.com IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @Default_Page_URL = hxxp://www.google.com/ie IE03 x64 - HKCU\Software\Microsoft\InternetExplorer\SearchUrl @ Default = hxxp://www.google.com/search?q=%s IE04 x64 - HKCU\Software\Microsoft\InternetExplorer\SearchScopes @ DefaultScope = {92AB0653-4D91-437C-8D9C-D05921804245} IE04 x64 - HKCU\..\SearchScopes{0D67C3C0-B2E3-4080-A22D-914BABC18C12} @ DisplayName: [ZIE.nl (video’s)] @ URL= hxxp://www.zie.nl/search/videos/{searchTerms}&origin=nu_ie8 IE04 x64 - HKCU\..\SearchScopes{29AC26E3-2C87-454A-A64F-C08F599A54F2} @ DisplayName: [eBay] @ URL =hxxp://rover.ebay.com/rover/1/1346-71133-23097-1/4?satitle={searchTerms} IE04 x64 - HKCU\..\SearchScopes {92AB0653-4D91-437C-8D9C-D05921804245}@ DisplayName: [Google] @ URL = hxxps://www.google.com/search?q={searchTerms} IE05 x64 - HKCU\..\URLSearchHooks @{CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 x64 - HKLM\Software\Microsoft\InternetExplorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 x64 - HKLM\..\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Auto Load================================================= AL00 - HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon @ Userinit = userinit.exe, AL00 - HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@ Shell = explorer.exe ==================== Firefox=================================================== FF - ProfilePath -C:\Users\Jordan\AppData\Roaming\Mozilla\firefox\Profiles\aksqjff7.default FF - Ext: [YouTube Video Downloader (Lite) 0.1.5 ] -extension - cccc5f0d-b9d0-4314-88b5-7e27551f9e84@jetpack visible: True active:True FF - Ext: [Default 33.1 ] - theme -{972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [buyNsave 3.64 ] - extension - O@bHpatKv.com visible:True active: True FF - PlugIn: [Adobe® Flash® Player 15.0.0.239 Plugin] -C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ==================== Windows Host File========================================= ==================== BHO ======================================================= BHO - [Groove GFS Browser Helper] -{72853161-30C5-4D22-B7F9-0BBC1D38A37E} @ Default = C:\Program Files(x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO - [Aanmeldhulp voor Microsoft-account] - {9030D464-4C02-4ABF-8ECC-5164760863C6}@ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\WindowsLive\WindowsLiveLogin.dll BHO x64 - [CIESpeechBHO Class] -{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files(x86)\Bluetooth Suite\IEPlugIn.dll BHO x64 - [Windows Live ID Sign-in Helper] -{9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files(x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\ProgramFiles\CCleaner\CCleaner64.exe" /MONITOR ASP04 - HKCU\..\Run @ SmAudio = C:\Program Files\Conexant\SmartAudio\SmAudio.exe-c ASP04 - HKCU\..\Run @ WinPatrol = C:\Program Files(x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files(x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP04 x64 - HKCU\..\Run @ CCleaner Monitoring ="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ASP04 x64 - HKCU\..\Run @ SmAudio = C:\ProgramFiles\Conexant\SmartAudio\SmAudio.exe -c ASP04 x64 - HKCU\..\Run @ WinPatrol = C:\Program Files(x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot ASP - Startup -C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup\desktop.ini ASP - Startup -C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup\Dropbox.lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Startup\desktop.ini ==================== Extra Items IE============================================ EI03 - Adv Opt -HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text =Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text =Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTPsettings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text =Multimedia EI03 x64 - Adv Opt -HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text =Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text =Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text =HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @Text = Multimedia ==================== Internet Default Prefix =================================== IDP00 - Default -HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default =http:// IDP01 - WWW -HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix@ Default = http:// IDP01 x64 - WWW -HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE================================ DSIE - ieuinit.inf: START_PAGE="http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL="http://go.microsoft.com/fwlink/?LinkId ==================== Protocol Hijackers - PH=================================== PH00 - Handler:grooveLocalGWS -{88FED34C-F0CA-4636-A375-3CB6248B04CD} @ = Unknown # C:\Program Files(x86)\Microsoft Office\Office12\GrooveSystemServices.dll # MD5 [d8c2b95bc2353e1f18850d6b8f5dba13] PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}@ = Unknown # C:\Program Files (x86)\Windows Live\PhotoGallery\AlbumDownloadProtocolHandler.dll # MD5 [41290ae21c588291f2fc9309ad38ead5] ==================== ShellServiceObjectDelayLoad - SSODL======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}@ = SSODL x64 - WebCheck ={E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT(Torpig/ConduitSearch) ================== EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Adobe EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Adobe EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\MarkAny EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook@ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @{217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @{40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Adobe EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\MarkAny EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT02 x64 -HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @{8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\BluetoothSuite\FolderViewImpl.dll EXT02 x64 -HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}=C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing@ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service- c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AMD External Events Utility] - AMD ExternalEvents Utility - c:\windows\system32\atiesrxx.exe SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files(x86)\bluetooth suite\adminservice.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files(x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [CronService] - Cron Service for Prey - c:\prey\platform\windows\cronsvc.exe SERV - R2 - [CxAudMsg] - Conexant Audio Message Service -c:\windows\system32\cxaudmsg64.exe SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent -c:\program files (x86)\secunia\psi\psia.exe SERV - R2 - [secunia Update Agent] - Secunia Update Agent -c:\program files (x86)\secunia\psi\sua.exe SERV - R2 - [sppsvc] - Software Protection -c:\windows\system32\sppsvc.exe SERV - R2 - [TeamViewer8] - TeamViewer 8 - c:\program files(x86)\teamviewer\version8\teamviewer_service.exe SERV - R2 - [Virtual Router] - VirtualRouterService -c:\program files (x86)\virtual router\virtualrouterservice.exe SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant -c:\program files\common files\microsoft shared\windows live\wlidsvc.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player NetworkSharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search -c:\windows\system32\searchindexer.exe SERV - R3 - [TrustedInstaller] - Windows Modules Installer -c:\windows\servicing\trustedinstaller.exe SERV - S2 - [a2AntiMalware] - Emsisoft Protection Service -c:\program files (x86)\emsisoft anti-malware\a2service.exe [x] SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files(x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft.NET Framework NGEN v4.0.30319_X86 -c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft.NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe SERV - S2 - [gupdate] - Google Update-service (gupdate) -c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash PlayerUpdate Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service -c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application -c:\windows\system32\dllhost.exe SERV - S3 - [ehRecvr] - Windows Media Center ReceiverService - c:\windows\ehome\ehrecvr.exe SERV - S3 - [ehSched] - Windows Media Center SchedulerService - c:\windows\ehome\ehsched.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows PresentationFoundation Font Cache 3.0.0.0 -c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) -c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [gusvc] - Google Updater Service - c:\programfiles (x86)\google\common\google updater\googleupdaterservice.exe SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETWCollector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [Microsoft Office Groove Audit Service] -Microsoft Office Groove Audit Service - c:\program files (x86)\microsoftoffice\office12\grooveauditservice.exe SERV - S3 - [MozillaMaintenance] - Mozilla MaintenanceService - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator -c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer -c:\windows\system32\msiexec.exe SERV - S3 - [odserv] - Microsoft Office Diagnostics Service- c:\program files (x86)\common files\microsoft shared\office12\odserv.exe SERV - S3 - [ose] - Office Source Engine - c:\program files(x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC)Locator - c:\windows\system32\locator.exe SERV - S3 - [sNMPTRAP] - SNMP Trap -c:\windows\system32\snmptrap.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy -c:\windows\system32\vssvc.exe SERV - S3 - [WatAdminSvc] - Windows ActivationTechnologies-service - c:\windows\system32\wat\watadminsvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service -c:\windows\system32\wbengine.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter -c:\windows\system32\wbem\wmiapsrv.exe SERV - S4 - [aspnet_state] - ASP.NET-statusservice -c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft.NET Framework NGEN v2.0.50727_X86 -c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft.NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe *** Win32ShareProcess *** SERV - R2 - [samSs] - Security Accounts Manager -c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation -c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) -c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace -c:\windows\microsoft.net\framework64\v3.0\windows communicationfoundation\infocard.exe SERV - S3 - [Netlogon] - Netlogon -c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage -c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager -c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter -c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter -c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter -c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port SharingService - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [spooler] - Print Spooler -c:\windows\system32\spoolsv.exe SERV - S3 - [uI0Detect] - Interactive Services Detection -c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA -C:\Windows\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver -C:\Windows\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-VirusShield - C:\Windows\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver -C:\Windows\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter -C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr -C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface -C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx -C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx -C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma -C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [amd_sata] - amd_sata -C:\Windows\system32\Drivers\amd_sata.sys DRV - R0 - [amd_xata] - amd_xata -C:\Windows\system32\Drivers\amd_xata.sys DRV - R0 - [amdxata] - amdxata -C:\Windows\system32\Drivers\amdxata.sys DRV - R0 - [atapi] - IDE-kanaal -C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) -C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [Compbatt] - Microsoft Composite Battery-stuurprogramma- C:\Windows\system32\Drivers\Compbatt.sys DRV - R0 - [Disk] - Stuurprogramma voor schijfstations -C:\Windows\system32\Drivers\Disk.sys DRV - R0 - [fvevol] - FilterstuurprogrammaBitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [hwpolicy] - Hardware Policy Driver -C:\Windows\system32\Drivers\hwpolicy.sys DRV - R0 - [iusb3hcs] - Intel® USB 3.0hostcontrollerswitch-stuurprogramma - C:\Windows\system32\Drivers\iusb3hcs.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg -C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Koppelpuntbeheer -C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys DRV - R0 - [msisadrv] - msisadrv -C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma -C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partitiebeheer -C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma -C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver -C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [rdyboost] - ReadyBoost -C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spldr] - Security Processor Loader Driver -C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [storflt] - Schijf - Filterstuurprogramma voorVirtual Machine-busaccelerator - C:\Windows\system32\Drivers\storflt.sys [x] DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol -C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual DriveEnumerator-stuurprogramma - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer -C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamisch Volumebeheer -C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes -C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wd] - Microsoft Watchdog Timer-stuurprogramma -C:\Windows\system32\Drivers\Wd.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworksservice - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock -C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning vanNetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility -C:\Windows\system32\Drivers\tcpipreg.sys ==================== SvcHost - White Listed==================================== All Ok WOW - All Ok ==================== SigCheck x86 Fast========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks================================================= There are no .job files found. ==================== End scanning at ma 1 dec 2014 17:24 (0Min 35 Sec ) ======= # AdwCleaner v4.103 - Rapport aangemaakt 01/12/2014 op18:26:20 # Laatste Update 01/12/2014 door Xplode # Database : 2014-12-01.2 [Live] # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64bits) # Gebruikersnaam : Jordan - ACER-LAPTOP # Gestart vanuit :C:\Users\Jordan\Desktop\adwcleaner_4.103.exe # Optie : Scannen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Gevonden :C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\aksqjff7.default\Extensions\O@bHpatKv.com ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17420 -\\ Mozilla Firefox v33.1 (x86 nl) [aksqjff7.default] - Regel gevonden :user_pref("extensions.ZkREesY6Zt66B0Tr.scode","try{(function(){try{var url=(window.self.location.href +document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] -\\ Comodo Dragon v ************************* AdwCleaner[R0].txt - [772 octets] - [21/10/2013 07:12:57] AdwCleaner[R1].txt - [3373 octets] - [17/11/2013 08:53:05] AdwCleaner[R2].txt - [2903 octets] - [30/11/2014 10:43:33] AdwCleaner[R3].txt - [2906 octets] - [30/11/2014 10:44:10] AdwCleaner[R4].txt - [2964 octets] - [30/11/2014 10:53:51] AdwCleaner[R5].txt - [1523 octets] - [01/12/2014 17:06:50] AdwCleaner[R6].txt - [1643 octets] - [01/12/2014 18:19:40] AdwCleaner[R7].txt - [1443 octets] - [01/12/2014 18:26:20] AdwCleaner[s0].txt - [3851 octets] - [17/11/2013 08:53:56] AdwCleaner[s1].txt - [1601 octets] - [01/12/2014 17:13:12] ########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [1623octets] ########## Ik krijg geen log van mbam ik zie geen knop van exporteer
  2. Jordan99
    alwarebytes Anti-Malware www.malwarebytes.org Scandatum: 30-11-2014 Scantijd: 6:10:26 Logbestand: malwarebite 30-11-2014.txt Beheerder: Ja Versie: 2.00.3.1025 Malwaredatabase: v2014.11.30.02 Rootkitdatabase: v2014.11.29.01 Licentie: Gratis Malwarebescherming: Uitgeschakeld Kwaadaardige Website Bescherming: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x64 Bestandssysteem: NTFS Gebruiker: Jordan Scantype: Bedreigingsscan Resultaat: Voltooid Objecten Gescand: 322974 Verstreken Tijd: 4 u, 12 m, 57 s Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Ingeschakeld Heuristiek: Ingeschakeld POP: Waarschuwen POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 1 PUP.Optional.WebSearchInfo, HKU\S-1-5-21-4250213819-786104705-630478919-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [2d5e59e8aad2f83e049d5c488d775ba5], Registerwaardes: 1 PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [2d5e44fdb6c670c6c282febc10f432ce] Registerdata: 1 PUP.Optional.SearchFix.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25, Goed: (www.google.com), Slecht: (http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25),,[4e3d88b97ffdb38353eefb541fe649b7] Mappen: 1 PUP.Optional.BuyNSave.A, C:\Program Files (x86)\BuyNsave, , [b0dbb1908cf0092d625e56e9ff04629e], Bestanden: 3 PUP.Optional.BuyNSave.A, C:\Program Files (x86)\BuyNsave\vBKaHnwe1rnDZN.dat, , [b0dbb1908cf0092d625e56e9ff04629e], PUP.Optional.SearchFix.A, C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\aksqjff7.default\prefs.js, Goed: (), Slecht: (user_pref("browser.startup.homepage", "http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25"), ,[a6e52819572562d41953f39db5505ba5] PUP.Optional.SearchFix.A, C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\aksqjff7.default\prefs.js, Goed: (), Slecht: (user_pref("keyword.URL", "http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25&l=1&q="), ,[dcaf69d8cab275c177f7b5db0500f30d] Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end) C:\ProgramData\13031386700010600142\cd5b15e575e1c3d03e6999ee334c64eb.ini->C:\AdwCleaner\Quarantine\C\ProgramData\13031386700010600142\cd5b15e575e1c3d03e6999ee334c64eb.ini.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\manifest.json.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\privdog\ui\options.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\privdog\ui\options.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\privdog\ui\panel.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\privdog\ui\panel.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\background.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\background.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundHandlers.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundHandlers.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundSession.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundSession.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundUtils.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\backgroundUtils.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\bing.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\bing.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\configLoader.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\configLoader.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\content.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\content.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentHandlers.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentHandlers.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentSession.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentSession.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentUtils.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contentUtils.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contextMenu.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\contextMenu.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\demon.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\demon.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\infoLookup.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\infoLookup.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\localConfig.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\localConfig.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\messaging.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\messaging.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\options.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\options.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\panel.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\panel.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\panelPre.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\panelPre.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\privdogrequest_module.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\privdogrequest_module.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\process.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\process.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\retargeting_module.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\retargeting_module.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\salsita.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\salsita.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\scriptInjector.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\scriptInjector.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\scriptLoader.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\scriptLoader.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\serpInjector.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\serpInjector.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\userPrefs.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\userPrefs.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\webRequestInspector.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\webRequestInspector.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\schemas\lookupRequest.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\schemas\lookupRequest.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\schemas\lookupResponse.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\schemas\lookupResponse.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\models\lookupRequest.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\models\lookupRequest.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\models\lookupResponse.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\models\lookupResponse.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backbone-schema.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backbone-schema.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backbone.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backbone.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backgroundDispatch.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\backgroundDispatch.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\cajon.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\cajon.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\events.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\events.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jquery.cookie.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jquery.cookie.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jquery.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jquery.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jsv.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\jsv.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\require.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\require.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\require_sync.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\require_sync.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\sax.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\sax.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\stacktrace.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\stacktrace.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\underscore.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\underscore.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\uri.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\frameworks\uri.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\arrow.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\arrow.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\background.jpg->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\background.jpg.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\button-icon-activate-all.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\button-icon-activate-all.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\button-icon-deactivate-all.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\button-icon-deactivate-all.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-128.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-128.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-16.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-16.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-19.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-19.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-48.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\icon-48.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\infobubblearrow.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\infobubblearrow.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-black.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-black.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-green.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-green.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-red.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow-red.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\left-arrow.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo-panel.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo-panel.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo.jpg->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo.jpg.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\logo.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\onoff.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\onoff.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\options-btn.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\options-btn.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\tab-button-border.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\tab-button-border.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\whitelist-bg.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\whitelist-bg.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\_.png->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\images\_.png.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\background.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\background.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\localStorage.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\localStorage.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\templates\menuItem.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\templates\menuItem.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\templates\search.html->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\html\templates\search.html.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\google.css->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\google.css.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\options.css->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\options.css.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\panel.css->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\css\panel.css.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\advcon_2_0.json->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\advcon_2_0.json.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\bing.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\bing.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\exlst.json->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\exlst.json.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\facebook.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\facebook.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\google.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\google.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\main.json->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\main.json.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\messageDispatcher.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\messageDispatcher.js.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\serpinject_2_0_661.json->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\serpinject_2_0_661.json.vir C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\yahoo.js->C:\AdwCleaner\Quarantine\C\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\config\yahoo.js.vir De laatste scan die van adware duurde heel lang, zo lang dat het niets meer, ik heb toen maar op verwijderen geklikt en toen ging het verder. - - - Updated - - - en deze had ik ook nog los staan, kom ik later achter. # AdwCleaner v3.012 - Report created 17/11/2013 at 08:53:56 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Jordan - ACER-LAPTOP # Running from : C:\Users\Jordan\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16736 -\\ Mozilla Firefox v25.0.1 (nl) [ File : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\7d6fgpw2.default\prefs.js ] ************************* AdwCleaner[R0].txt - [772 octets] - [21/10/2013 07:12:57] AdwCleaner[R1].txt - [833 octets] - [17/11/2013 08:53:05] AdwCleaner[s0].txt - [755 octets] - [17/11/2013 08:53:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [814 octets] ########## # AdwCleaner v4.102 - Rapport aangemaakt 30/11/2014 op 11:13:02 # Laatste Update 23/11/2014 door Xplode # Database : 2014-11-27.1 [Live] # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits) # Gebruikersnaam : Jordan - ACER-LAPTOP # Gestart vanuit : C:\Users\Jordan\Desktop\adwcleaner_4.102.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\13031386700010600142 Map Verwijderd : C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKCU\Software\AVG Secure Search Sleutel Verwijderd : HKCU\Software\Myfree Codec Sleutel Verwijderd : HKLM\SOFTWARE\Myfree Codec Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17420 -\\ Mozilla Firefox v33.1 (x86 nl) [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.defaultenginename", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.defaultenginename,S", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.defaulturl", "hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/11/25&l=1&q="); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.order.1", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.order.1,S", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.selectedEngine", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("browser.search.selectedEngine,S", "WebSearch"); [aksqjff7.default\prefs.js] - Regel verwijderd : user_pref("extensions.ZkREesY6Zt66B0Tr.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...] -\\ Comodo Dragon v [C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/11/25&l=1&q={searchTerms} [C:\Users\Jordan\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Verwijderd [startup_URLs] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/11/25 ************************* AdwCleaner[R0].txt - [772 octets] - [21/10/2013 07:12:57] AdwCleaner[R1].txt - [3373 octets] - [17/11/2013 08:53:05] AdwCleaner[R2].txt - [2903 octets] - [30/11/2014 10:43:33] AdwCleaner[R3].txt - [2906 octets] - [30/11/2014 10:44:10] AdwCleaner[R4].txt - [2964 octets] - [30/11/2014 10:53:51] AdwCleaner[s0].txt - [3711 octets] - [17/11/2013 08:53:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3771 octets] ##########
  3. Jordan99
    Ik heb sinds kort na het downloaden van muziek dat voor 6 virussen heeft gezorgt die heb ik allemaal kunnen elemineren of verwijderen. Maar krijg nu om de paar minuten een radio spotje te horen reclame van iets en soms ook duikt er in het niets een pagina op. Dus ik weet haast wel zeker dat er iets over het hoofd word gezien door enkel virusscnners ik heb het al gescant met avg eset malwarebytes. Logfile of random's system information tool 1.10 (written by random/random) Run by Jordan at 2014-11-28 19:06:21 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 354 GB (76%) free of 465 GB Total RAM: 5581 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:06:38, on 28-11-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Emsisoft Anti-Malware\a2wizard.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Jordan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [smAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe -c O4 - HKCU\..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-4250213819-786104705-630478919-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [smAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe -c (User '?') O4 - S-1-5-21-4250213819-786104705-630478919-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Dropbox.lnk = Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VirtualRouterService (Virtual Router) - Chris Pietschmann (Chris Pietschmann | husband, father, hacker, entrepreneur, futurist, innovator, autodidact) - C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10991 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-5ff8-b03f0556f331 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Prey\platform\windows\cronsvc.exe" C:\Windows\system32\CxAudMsg64.exe "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2015\avgemca.exe" taskeng.exe {445142E6-89E3-4BE6-A3D3-5EBBBF3EF845} "C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe" -UseTray "C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe" "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" WLIDSvcM.exe 2484 "C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" -expressboot "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ctfmon.exe "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac "C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe" "C:\Program Files (x86)\Emsisoft Anti-Malware\a2wizard.exe" "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe" lng=1033 "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe" "/base-dir=C:\Program Files (x86)\ESET\ESET Online Scanner" /lang=1033 /as \??\C:\Windows\system32\conhost.exe "1475016711-348333358-10118373621225011641830753606145517866314415369511050940815 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6708.18cb8ca0.1019707608 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6708 "\\.\pipe\gecko-crash-server-pipe.6708" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe" --proxy-stub-channel=Flash2344.5D79E980.9327 --host-broker-channel=Flash2344.5D79E980.9397 --host-pid=2344 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe" --channel=5080.005AF524.895005784 --proxy-stub-channel=Flash2344.5D79E980.9327 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" --host-npapi-version=27 --type=renderer "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "C:\Program Files\Internet Explorer\iexplore.exe" http://www.pc-helpforum.be/register.php?a=act&u=51036&i=8beae8ea8b00df6511cd11d20fbb8929a20fdb14 "C:\Program Files\Internet Explorer\iexplore.exe" http://www.pc-helpforum.be/register.php?a=act&u=51036&i=8beae8ea8b00df6511cd11d20fbb8929a20fdb14 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5684 CREDAT:267521 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4516 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_239_ActiveX.exe -Embedding "C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4516 CREDAT:202040 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4250213819-786104705-630478919-100029_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4250213819-786104705-630478919-100029 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe30_ Global\UsGthrCtrlFltPipeMssGthrPipe30 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Users\Jordan\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4250213819-786104705-630478919-1000Core.job - C:\Users\Jordan\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4250213819-786104705-630478919-1000UA.job - C:\Users\Jordan\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\aksqjff7.default prefs.js - "browser.search.suggest.enabled" - false prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25" prefs.js - "keyword.URL" - "http://websearch.searchfix.info/?unqvl=63&idate=2014/11/25&l=1&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.239 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.239 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\aksqjff7.default\extensions\ O@bHpatKv.com ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10 64640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-05 2873744] "RtsCM"=C:\Windows\RTSCM64.EXE [2013-03-06 144456] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2013-10-18 366720] "BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-10 64640] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmAudio"=C:\Program Files\Conexant\SmartAudio\SmAudio.exe [2013-10-18 2689664] "WinPatrol"=C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [2014-03-22 527936] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Jordan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-08 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup] C:\Users\Jordan\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] C:\PROGRA~2\Secunia\PSI\psi_tray.exe [2013-12-06 565464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk] C:\Windows\INSTAL~1\{BE905~1\_118D1~1.EXE [2013-12-02 22486] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jordan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-11-13 35419192] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136] "emsisoft anti-malware"=C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [2014-10-13 4873248] C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-28 19:06:22 ----D---- C:\Program Files\trend micro 2014-11-28 19:06:21 ----D---- C:\rsit 2014-11-28 15:50:00 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware 2014-11-27 12:19:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2014-11-25 20:57:13 ----D---- C:\Program Files (x86)\ESET 2014-11-25 20:08:41 ----D---- C:\ProgramData\HitmanPro 2014-11-25 16:22:04 ----D---- C:\Program Files (x86)\BuyNsave 2014-11-25 16:21:54 ----D---- C:\ProgramData\13031386700010600142 2014-11-25 16:21:53 ----D---- C:\ProgramData\fglelgmopjjbdjgcgecdmkpfdagmmgef 2014-11-20 11:08:06 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2014-11-20 11:08:06 ----A---- C:\Windows\system32\pku2u.dll 2014-11-20 11:08:06 ----A---- C:\Windows\system32\kerberos.dll 2014-11-20 11:08:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-17 16:13:27 ----D---- C:\Users\Jordan\AppData\Roaming\MetaGeek 2014-11-15 20:44:51 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-11-12 16:02:58 ----D---- C:\Users\Jordan\AppData\Roaming\uTorrent 2014-11-12 15:41:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-11-12 15:41:26 ----A---- C:\Windows\system32\termsrv.dll 2014-11-12 15:41:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-11-12 15:41:26 ----A---- C:\Windows\system32\adtschema.dll 2014-11-12 15:41:25 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-12 15:41:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-11-12 15:41:24 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-11-12 15:41:24 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-11-12 15:41:24 ----A---- C:\Windows\system32\msaudite.dll 2014-11-12 15:41:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-11-12 15:41:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-11-12 15:41:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-11-12 15:41:08 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-12 15:41:08 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-12 15:41:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-11-12 15:41:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-11-12 15:41:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-12 15:41:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-11-12 15:41:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-11-12 15:41:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 15:41:07 ----A---- C:\Windows\system32\iernonce.dll 2014-11-12 15:41:07 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-12 15:41:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-11-12 15:41:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-11-12 15:41:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-11-12 15:41:05 ----A---- C:\Windows\system32\urlmon.dll 2014-11-12 15:41:05 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-12 15:41:04 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-11-12 15:41:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-11-12 15:41:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 15:41:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-11-12 15:41:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-11-12 15:41:03 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-11-12 15:41:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-11-12 15:41:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 15:41:03 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-12 15:41:03 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-12 15:41:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-11-12 15:41:02 ----A---- C:\Windows\system32\iesetup.dll 2014-11-12 15:41:01 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-12 15:41:00 ----A---- C:\Windows\system32\iertutil.dll 2014-11-12 15:40:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-11-12 15:40:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-11-12 15:40:57 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-11-12 15:40:57 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-11-12 15:40:57 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-11-12 15:40:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-11-12 15:40:57 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-12 15:40:57 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-12 15:40:56 ----A---- C:\Windows\system32\ieui.dll 2014-11-12 15:40:56 ----A---- C:\Windows\system32\ieframe.dll 2014-11-12 15:40:56 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-12 15:40:55 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-12 15:40:54 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-12 15:40:54 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-12 15:40:54 ----A---- C:\Windows\system32\jscript9.dll 2014-11-12 15:40:53 ----A---- C:\Windows\system32\wininet.dll 2014-11-12 15:40:53 ----A---- C:\Windows\system32\vbscript.dll 2014-11-12 15:40:52 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-12 15:40:51 ----A---- C:\Windows\system32\msrating.dll 2014-11-12 15:40:50 ----A---- C:\Windows\system32\mshtml.dll 2014-11-12 15:40:09 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-11-12 15:40:09 ----A---- C:\Windows\system32\msxml3.dll 2014-11-12 15:40:07 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-11-12 15:40:07 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-12 15:40:04 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL 2014-11-12 15:40:04 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-12 15:40:00 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-11-12 15:40:00 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-11-12 15:40:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-11-12 15:40:00 ----A---- C:\Windows\system32\EncDump.dll 2014-11-12 15:40:00 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-12 15:40:00 ----A---- C:\Windows\system32\AudioSes.dll 2014-11-12 15:40:00 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-12 15:40:00 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-12 15:39:52 ----A---- C:\Windows\system32\schannel.dll 2014-11-12 15:39:51 ----A---- C:\Windows\system32\ncrypt.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-11-12 15:39:50 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-11-12 15:39:50 ----A---- C:\Windows\system32\wdigest.dll 2014-11-12 15:39:50 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-12 15:39:50 ----A---- C:\Windows\system32\msv1_0.dll 2014-11-12 15:39:50 ----A---- C:\Windows\system32\credssp.dll 2014-11-12 15:39:33 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-12 15:39:33 ----A---- C:\Windows\system32\win32k.sys 2014-11-12 15:39:33 ----A---- C:\Windows\system32\packager.dll 2014-11-12 15:39:28 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-11-12 15:39:28 ----A---- C:\Windows\system32\msi.dll 2014-11-12 15:39:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2014-11-12 15:39:22 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-08 10:44:54 ----D---- C:\Users\Jordan\AppData\Roaming\KeePass 2014-11-08 10:44:07 ----D---- C:\Program Files (x86)\KeePass Password Safe 2014-10-30 09:10:05 ----A---- C:\Windows\system32\drivers\ssudmdm.sys 2014-10-30 09:10:05 ----A---- C:\Windows\system32\drivers\ssudbus.sys 2014-10-30 09:08:30 ----A---- C:\Windows\SYSWOW64\secman.dll 2014-10-29 21:35:16 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys ======List of files/folders modified in the last 1 month====== 2014-11-28 19:06:22 ----RD---- C:\Program Files 2014-11-28 19:06:01 ----D---- C:\Windows\Temp 2014-11-28 19:05:53 ----A---- C:\Windows\SYSWOW64\TempWmicBatchFile.bat 2014-11-28 16:26:20 ----D---- C:\Users\Jordan\AppData\Roaming\Dropbox 2014-11-28 15:59:58 ----RD---- C:\Program Files (x86) 2014-11-28 15:59:58 ----D---- C:\Windows\system32\drivers 2014-11-28 15:42:42 ----D---- C:\Windows\system32\config 2014-11-28 15:38:48 ----AD---- C:\ProgramData\TEMP 2014-11-28 15:38:21 ----D---- C:\Program Files (x86)\SpywareBlaster 2014-11-28 15:33:31 ----D---- C:\Windows\System32 2014-11-28 15:30:11 ----D---- C:\ProgramData\MFAData 2014-11-27 12:57:53 ----D---- C:\Windows\system32\catroot2 2014-11-27 12:19:55 ----D---- C:\Windows\Prefetch 2014-11-27 12:19:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-11-27 12:19:25 ----SHD---- C:\Windows\Installer 2014-11-27 12:19:25 ----SHD---- C:\Config.Msi 2014-11-27 12:19:15 ----D---- C:\Windows\SysWOW64 2014-11-25 20:29:01 ----SHD---- C:\System Volume Information 2014-11-25 20:08:41 ----HD---- C:\ProgramData 2014-11-25 16:37:37 ----D---- C:\Users\Jordan\AppData\Roaming\vlc 2014-11-25 16:22:06 ----D---- C:\ProgramData\AVG2015 2014-11-23 11:55:52 ----D---- C:\Windows\pss 2014-11-22 19:25:11 ----D---- C:\Users\Jordan\AppData\Roaming\HandBrake 2014-11-21 16:44:24 ----D---- C:\Windows\winsxs 2014-11-20 11:03:51 ----D---- C:\Windows\system32\catroot 2014-11-18 12:05:32 ----D---- C:\Windows\Microsoft.NET 2014-11-18 11:31:35 ----D---- C:\Windows\inf 2014-11-18 11:31:35 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-18 10:13:36 ----RSD---- C:\Windows\assembly 2014-11-16 15:40:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-16 10:37:29 ----HD---- C:\$AVG 2014-11-15 16:35:57 ----D---- C:\Users\Jordan\AppData\Roaming\dvdcss 2014-11-15 15:48:14 ----D---- C:\Windows\Tasks 2014-11-12 16:35:55 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-11-12 16:35:55 ----D---- C:\Windows\system32\nl-NL 2014-11-12 16:35:54 ----D---- C:\Windows\SYSWOW64\en-US 2014-11-12 16:35:54 ----D---- C:\Windows\system32\en-US 2014-11-12 16:35:54 ----D---- C:\Program Files\Internet Explorer 2014-11-12 16:35:54 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-12 16:35:48 ----D---- C:\ProgramData\Microsoft Help 2014-11-12 16:32:35 ----D---- C:\Windows\system32\MRT 2014-11-12 16:25:06 ----A---- C:\Windows\system32\MRT.exe 2014-11-08 11:22:14 ----D---- C:\Program Files\Recuva 2014-11-07 21:25:42 ----D---- C:\Windows\system32\Tasks 2014-10-30 11:28:39 ----D---- C:\Users\Jordan\AppData\Roaming\TeamViewer 2014-10-30 11:21:39 ----D---- C:\Program Files\CCleaner 2014-10-30 11:20:34 ----D---- C:\Users\Jordan\AppData\Roaming\Samsung 2014-10-30 11:20:34 ----D---- C:\Program Files (x86)\Samsung 2014-10-30 11:20:31 ----D---- C:\Program Files (x86)\InstallShield Installation Information 2014-10-30 11:19:10 ----D---- C:\ProgramData\Samsung 2014-10-30 11:18:47 ----D---- C:\Windows 2014-10-30 09:40:37 ----D---- C:\Windows\system32\DriverStore ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-10-11 82600] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-10-11 42664] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-03-28 26176] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 a2acc;a2acc; \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2014-05-12 71472] R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2012-11-28 107688] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-14 11635200] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-14 578560] R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2012-11-28 228008] R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-10 88728] R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-03-11 3879936] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-10 344216] R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-10 114840] R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-08-10 33944] R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-08-10 178840] R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-10 77464] R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-08-10 135832] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-10 567808] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-12-04 57024] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-08-20 1608864] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-05 328592] R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-03-04 127568] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [] R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 rtsuvc;Realtek USB 2.0 PC Camera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-03-06 8243144] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-10-18 100992] S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080] S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] S3 usbrndis6;USB RNDIS6-adapter; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Protection Service; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2014-10-13 4816568] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-14 240640] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080] R2 CronService;Cron Service for Prey; C:\Prey\platform\windows\cronsvc.exe [2013-05-08 23552] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2013-10-18 201376] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528] R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232] R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584] R2 Virtual Router;VirtualRouterService; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [2013-02-10 12288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 267440] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-05 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-15 114288] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.