DENBIKER
-
Items
4 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door DENBIKER
-
Mail Delivery System
DENBIKER reageerde op DENBIKER's topic in Archief Bestrijding malware & virussen
[ATTACH]37943[/ATTACH] - - - Updated - - - Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by ROBERT on di 02/12/2014 at 9:43:04,12. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ROBERT\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 2/12/2014 9:44:10 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\windows\SysNative\tasks\AutoKMS deleted C:\PROGRA~2\Connected Music powered by Universal Music Group deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\PROGRA~3\Avg_Update_0814tb deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\AVG Secure Search deleted C:\Users\Gast\AppData\Local\AVG Secure Search deleted C:\Users\ROBERT\AppData\Local\AVG Secure Search deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\Users\Gast\AppData\LocalLow\AVG Secure Search deleted C:\Users\ROBERT\AppData\LocalLow\AVG Secure Search deleted C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted "C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted "C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted "C:\PROGRA~2\AVG Secure Search" not deleted "C:\PROGRA~2\AVG Secure Search" not deleted ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=574 folders=258 145444931 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\ROBERT\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\ROBERT\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AVG Secure Search" not found "C:\PROGRA~2\AVG Secure Search" not found ==== EOF on di 02/12/2014 at 10:00:53,22 ====================== zoek-results.txt -
Mail Delivery System
DENBIKER reageerde op DENBIKER's topic in Archief Bestrijding malware & virussen
Beste Hier het gevraagde log gr Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by ROBERT on ma 01/12/2014 at 20:50:59,05. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ROBERT\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-20-144428.log 1298 bytes C:\zoek-results2014-03-20-171937.log 22344 bytes C:\zoek-results2014-12-01-193623.log 23574 bytes C:\zoek-results2014-12-01-194011.log 22440 bytes C:\zoek-results2014-12-01-194655.log 2799 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_1213b"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- "vProt"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie not found C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign not found C:\ProgramData\YTD Video Downloader not found "C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll" not found ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\ROBERT\AppData\Local\Temp ==== 2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.exe 2014-11-26 20:49:02 1AFFD4B7E687F2CAA3A62A09B7F35814 26768 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.dll ====== Java Cache ===== 2014-11-03 18:14:10 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7580f8b2 2014-11-03 18:14:05 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-224fcfab 2014-11-03 18:14:05 DE4A9F327808749C7239FA758DBCB551 424 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-11-03 18:14:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3fdb8347 2014-11-12 16:07:02 FA4513EAD4867F7DF66822FCA1AFCDE3 19521 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2ea66e94-20f1a90e 2014-11-12 16:06:59 00A6266E72F706C21BF59A7C09F93AE6 416 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ea4bc22-3200b4c91aa5ea8a52d9a00d01355dccfda2daa70b8f0690ecb829e5f3cd77f3-6.0.lap 2014-11-03 18:14:05 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-76ce7add ====== C:\windows\SysWOW64 ===== 2014-11-27 19:18:25 97F94237DEB2C5146F6A2CFFDFFDD378 106440 ----a-w- C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-27 19:18:25 82CB5C6E9EE9B1CD1FD84B24A2BE0228 713672 ----a-w- C:\windows\SysWOW64\FlashPlayerApp.exe 2014-11-24 20:54:27 E95E502611E33E83FF1FE0C0A143B74B 2043392 ----a-w- C:\windows\SysWOW64\WsmSvc.dll 2014-11-24 20:54:27 7929A21AA4EF58BE06C0D0549DDA6EEF 457728 ----a-w- C:\windows\SysWOW64\dnsapi.dll 2014-11-24 20:54:26 D9D2DB0BB5B8FF79E1012A61EBA6356E 499712 ----a-w- C:\windows\SysWOW64\FXSCOMEX.dll 2014-11-24 20:54:26 AA0796E335B8913322EF3B5B0FFC3663 227328 ----a-w- C:\windows\SysWOW64\WsmWmiPl.dll 2014-11-24 20:54:26 91D7857BB977249F442EDD53CA2122CF 141824 ----a-w- C:\windows\SysWOW64\rpchttp.dll 2014-11-24 20:54:26 2B3289A8FF425A2421C940E839A16EC0 227840 ----a-w- C:\windows\SysWOW64\FXSAPI.dll 2014-11-24 20:54:05 5152299EE007CBFF390B83062C052C95 567808 ----a-w- C:\windows\SysWOW64\oleaut32.dll 2014-11-24 20:53:36 63AECC991FF55C65F583A2D16BDB6AE5 2416640 ----a-w- C:\windows\SysWOW64\msi.dll 2014-11-24 20:53:34 FC6608DAC34E4392DFA1F3321C3E9445 8858624 ----a-w- C:\windows\SysWOW64\twinui.dll 2014-11-24 20:53:34 E08AD6127CFD2B2196E0219D535443F1 2037760 ----a-w- C:\windows\SysWOW64\authui.dll 2014-11-24 20:53:34 977D36EA5A97EF972EEEEA97D33A98C5 295424 ----a-w- C:\windows\SysWOW64\msihnd.dll 2014-11-24 20:52:57 B3EED38E70AC9568288A58852DD436E1 713728 ----a-w- C:\windows\SysWOW64\adtschema.dll 2014-11-24 20:52:57 8B74CC7C7BECBDF6C00060FAFB56A7BB 146944 ----a-w- C:\windows\SysWOW64\msaudite.dll 2014-11-24 20:52:36 F1F89FA475E12684BB0EBA360FC0EB7C 318976 ----a-w- C:\windows\SysWOW64\schannel.dll 2014-11-24 20:52:34 800AB1F0B0A71D163A28F8B83A157B3D 72192 ----a-w- C:\windows\SysWOW64\ncryptsslp.dll 2014-11-24 20:52:24 38A255D2EA229F731967B0A4291D6B06 452608 ----a-w- C:\windows\SysWOW64\SHCore.dll 2014-11-24 20:52:23 CD132421F3E2A665EB746ECBA74316A5 666624 ----a-w- C:\windows\SysWOW64\kerberos.dll 2014-11-24 20:52:23 13937172E5F58FCF9DF67F252496B139 187904 ----a-w- C:\windows\SysWOW64\pku2u.dll 2014-11-24 20:52:14 F4C1E92962A66CEB7A49811BE62ABA5A 1418752 ----a-w- C:\windows\SysWOW64\msxml3.dll 2014-11-24 20:52:14 A2C7DD72861F271D6916BBB866ABE48F 68096 ----a-w- C:\windows\SysWOW64\packager.dll 2014-11-24 20:51:59 9E693725F153CD9EF08E90D58EBEBC54 14368768 ----a-w- C:\windows\SysWOW64\mshtml.dll 2014-11-24 20:51:58 25675CBC95EFE46BADB77517E6BC4DAA 13758464 ----a-w- C:\windows\SysWOW64\ieframe.dll 2014-11-24 20:51:57 D7B42130AAE3AED8E487619A9E1BF351 1762816 ----a-w- C:\windows\SysWOW64\wininet.dll 2014-11-24 20:51:57 8D4A22F77C915F95BD43D0B87EF9DD16 2055168 ----a-w- C:\windows\SysWOW64\iertutil.dll 2014-11-24 20:51:57 8B9B8B299EA8F3459258651F2715800A 1441280 ----a-w- C:\windows\SysWOW64\inetcpl.cpl 2014-11-24 20:51:57 005C724A03D515C021B5C99DF233D626 1181696 ----a-w- C:\windows\SysWOW64\urlmon.dll 2014-11-24 20:51:56 FA76509E854E2B56D86B519515DEB941 109056 ----a-w- C:\windows\SysWOW64\iesysprep.dll 2014-11-24 20:51:56 DA243158233832634ED12CB4DC10A1B1 493056 ----a-w- C:\windows\SysWOW64\msfeeds.dll 2014-11-24 20:51:56 D790BF4857C770303BAD1EFAB9B019C2 2861568 ----a-w- C:\windows\SysWOW64\jscript9.dll 2014-11-24 20:51:56 8D3B447D5C77D51878B765D1E8412999 690688 ----a-w- C:\windows\SysWOW64\jscript.dll 2014-11-24 20:51:56 46A456C8E7D2D9A08F56390FF328C27E 163840 ----a-w- C:\windows\SysWOW64\msrating.dll 2014-11-24 20:51:56 1D3967BB5CF911B10C59BD9B8A9B2C30 226816 ----a-w- C:\windows\SysWOW64\iedkcs32.dll 2014-11-24 20:51:55 F20D4C62654EA7AE56D001F33523529B 226816 ----a-w- C:\windows\SysWOW64\dxtrans.dll 2014-11-24 20:51:55 CE3C1060585125EA8471969106BFC2DB 357888 ----a-w- C:\windows\SysWOW64\dxtmsft.dll 2014-11-24 20:51:55 C540DD7B005B2DC87908B816EF53A7CD 44032 ----a-w- C:\windows\SysWOW64\UXInit.dll 2014-11-24 20:51:55 989FF71C719526B95264AAA15DA4058C 33280 ----a-w- C:\windows\SysWOW64\iernonce.dll 2014-11-24 20:51:55 8D471DA9EF322368D93FC4DC0D3A4F85 61440 ----a-w- C:\windows\SysWOW64\iesetup.dll 2014-11-24 20:51:55 6C9C9A3DB148AFC5F77BD0D84BC9248C 80384 ----a-w- C:\windows\SysWOW64\mshtmled.dll 2014-11-24 20:51:55 48253CE1F969428CBAC79C4A707E4A59 534528 ----a-w- C:\windows\SysWOW64\uxtheme.dll 2014-11-24 20:51:55 19B1DC0ED949D5BA2F96EC68CE792F3E 2706432 ----a-w- C:\windows\SysWOW64\mshtml.tlb 2014-11-24 20:51:55 048E882BD570E31639757F079FD80E14 39936 ----a-w- C:\windows\SysWOW64\jsproxy.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2014-11-26 16:53:54 285CFFDB3D91627EB1979302E5F277FC 462760 ----a-w- C:\windows\Sysnative\NotificationUI.exe 2014-11-26 16:53:54 20C5D70BAD65BA200CE906351F4CA007 582552 ----a-w- C:\windows\Sysnative\AutoUpdate.exe 2014-11-24 20:54:28 1057CDCFD7BAFDA363EE127285763F98 623104 ----a-w- C:\windows\Sysnative\dnsapi.dll 2014-11-24 20:54:27 A2C6DACDE258D0835DA4B5075225272C 212992 ----a-w- C:\windows\Sysnative\dnsrslvr.dll 2014-11-24 20:54:27 89DA335401D956F2696E35A38817BE19 2837504 ----a-w- C:\windows\Sysnative\WsmSvc.dll 2014-11-24 20:54:26 FEE098DF4EFFD13F520277AA156D559E 188928 ----a-w- C:\windows\Sysnative\rpchttp.dll 2014-11-24 20:54:26 81D75DB1FCE576D5BAA2E0F568D224EF 309248 ----a-w- C:\windows\Sysnative\WsmWmiPl.dll 2014-11-24 20:54:26 3CD0811267360076328984561FA399E9 616448 ----a-w- C:\windows\Sysnative\FXSAPI.dll 2014-11-24 20:54:26 37C202C17E989578690756A75C120F0C 254976 ----a-w- C:\windows\Sysnative\FXST30.dll 2014-11-24 20:54:26 06814BF85FF787026BEEB23A4D49719E 432640 ----a-w- C:\windows\Sysnative\FXSTIFF.dll 2014-11-24 20:54:26 00EECDBA8B58623470681044B606DD5B 609280 ----a-w- C:\windows\Sysnative\FXSCOMEX.dll 2014-11-24 20:54:25 A92EF73B02686B7E6F070B486512DB88 389176 ----a-w- C:\windows\Sysnative\ApnDatabase.xml 2014-11-24 20:54:19 E68F456AF77E45A53DE634B2A361F16E 522728 ----a-w- C:\windows\Sysnative\AUDIOKSE.dll 2014-11-24 20:54:19 8FB10919E1283FD108334FDBFB173574 169472 ----a-w- C:\windows\Sysnative\AudioEndpointBuilder.dll 2014-11-24 20:54:19 832D5BEB0478B52EE1698428DC23C2C2 267264 ----a-w- C:\windows\Sysnative\EncDump.dll 2014-11-24 20:54:19 37B2C3BFD6E259A5CBC0053100908157 783872 ----a-w- C:\windows\Sysnative\audiosrv.dll 2014-11-24 20:54:05 87C2B38DF709D99371124DD5E981EE97 778240 ----a-w- C:\windows\Sysnative\oleaut32.dll 2014-11-24 20:54:04 7AFD5CA6E87242AD40FBBACBEC199177 4068864 ----a-w- C:\windows\Sysnative\win32k.sys 2014-11-24 20:53:36 25A05112F470B22A9B4AEDC7BC0E4C0B 2885632 ----a-w- C:\windows\Sysnative\msi.dll 2014-11-24 20:53:34 F08961951319B772AA3C32113E107483 10115072 ----a-w- C:\windows\Sysnative\twinui.dll 2014-11-24 20:53:34 DDA84431EC8B11A1C5DA66BAD476424D 2307072 ----a-w- C:\windows\Sysnative\authui.dll 2014-11-24 20:53:34 020C789C8481A6A0E8363ABBBD505574 393216 ----a-w- C:\windows\Sysnative\msihnd.dll 2014-11-24 20:52:57 94C0D6C5B967720B59B134DDDA97FC7A 146944 ----a-w- C:\windows\Sysnative\msaudite.dll 2014-11-24 20:52:57 76E0CE29EF5BC3EEDC7962AE18508FC1 713728 ----a-w- C:\windows\Sysnative\adtschema.dll 2014-11-24 20:52:57 2ADDCFA35A7D45FDB883312821E2561C 3248640 ----a-w- C:\windows\Sysnative\rdpcorets.dll 2014-11-24 20:52:36 3DA84EED8FD188EA00FAF7352D3C8A22 414208 ----a-w- C:\windows\Sysnative\schannel.dll 2014-11-24 20:52:34 76714016993263794ECBF8EF317F6E45 86528 ----a-w- C:\windows\Sysnative\ncryptsslp.dll 2014-11-24 20:52:24 20ED904FE289689B076D5DB690C5CA77 1281536 ----a-w- C:\windows\Sysnative\lsasrv.dll 2014-11-24 20:52:24 01CA660050B7228B99C9A2FC9A3D6979 588288 ----a-w- C:\windows\Sysnative\SHCore.dll 2014-11-24 20:52:23 822797E780335497E0CC7D059ADF64B6 827904 ----a-w- C:\windows\Sysnative\kerberos.dll 2014-11-24 20:52:22 2ACBE51AA462AD845D2F484780AA312C 238080 ----a-w- C:\windows\Sysnative\pku2u.dll 2014-11-24 20:52:14 AE54A060C9A76ADACD6A09BCA83D50BF 79872 ----a-w- C:\windows\Sysnative\packager.dll 2014-11-24 20:52:14 6F4DB6ED4AB48721D7E477B301177AFA 1845760 ----a-w- C:\windows\Sysnative\msxml3.dll 2014-11-24 20:52:02 BB9EDB136C117014C9ECC281E15568F3 19284480 ----a-w- C:\windows\Sysnative\mshtml.dll 2014-11-24 20:51:58 71882DBD92A58EC265508E5F4F5894B3 15399424 ----a-w- C:\windows\Sysnative\ieframe.dll 2014-11-24 20:51:58 4E0BA41211B870111B8DE9B03B49C18E 2237952 ----a-w- C:\windows\Sysnative\wininet.dll 2014-11-24 20:51:58 237DD0E5230B0E78C09836D888798380 2655232 ----a-w- C:\windows\Sysnative\iertutil.dll 2014-11-24 20:51:57 CAFB7296295D473364DE6B57C970A445 1409536 ----a-w- C:\windows\Sysnative\urlmon.dll 2014-11-24 20:51:57 469B033F7E48F7B9943523055FA1EAF9 1509376 ----a-w- C:\windows\Sysnative\inetcpl.cpl 2014-11-24 20:51:56 D39E6B207EEA4867BD62FBC511C320E0 255488 ----a-w- C:\windows\Sysnative\iedkcs32.dll 2014-11-24 20:51:56 CCA72EBB1E4B0849EA251211F7C1B4AE 51712 ----a-w- C:\windows\Sysnative\ie4uinit.exe 2014-11-24 20:51:56 71B20011967F1E4F550A8DDD095C8251 603136 ----a-w- C:\windows\Sysnative\msfeeds.dll 2014-11-24 20:51:56 624EA391F837DD143B649C62D0A661F9 136704 ----a-w- C:\windows\Sysnative\iesysprep.dll 2014-11-24 20:51:56 305A20D511396D77C9A81EC1A6D4F243 855552 ----a-w- C:\windows\Sysnative\jscript.dll 2014-11-24 20:51:56 2094F0FBF3E4FF5B53DD46C2C4BFBD6D 3959296 ----a-w- C:\windows\Sysnative\jscript9.dll 2014-11-24 20:51:56 1952844CFCB6BEA72CFE538F2E951A1D 915968 ----a-w- C:\windows\Sysnative\uxtheme.dll 2014-11-24 20:51:55 FBCCEDE1720306CBC2D448248CDA0772 67072 ----a-w- C:\windows\Sysnative\iesetup.dll 2014-11-24 20:51:55 D0FE275A6C25CD1BD6B40C726E87564A 197120 ----a-w- C:\windows\Sysnative\msrating.dll 2014-11-24 20:51:55 C987F9E6981F1EDF7AAC65A8734D4267 39936 ----a-w- C:\windows\Sysnative\iernonce.dll 2014-11-24 20:51:55 A1D32506F067DF92455C9306669D933F 281600 ----a-w- C:\windows\Sysnative\dxtrans.dll 2014-11-24 20:51:55 88D1D38F87E4EF2129E6988E08CAB222 53760 ----a-w- C:\windows\Sysnative\UXInit.dll 2014-11-24 20:51:55 7D996CEA7CDA7342FE091ADFF14DFAB0 2706432 ----a-w- C:\windows\Sysnative\mshtml.tlb 2014-11-24 20:51:55 345BEAB65EB2DD9A9813C97C559972AE 53760 ----a-w- C:\windows\Sysnative\jsproxy.dll 2014-11-24 20:51:55 124F008B1CEC1FA16A4B4665C34BC76B 451584 ----a-w- C:\windows\Sysnative\dxtmsft.dll 2014-11-24 20:51:55 02D8C74F640D2116E07A46AD7D4064E4 97280 ----a-w- C:\windows\Sysnative\mshtmled.dll ====== C:\windows\Sysnative\drivers ===== 2014-11-24 20:54:27 2AE9136724568DB4F08BC04F131CFC54 2233152 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys 2014-11-24 20:54:26 11B9DC4FF08E11CB1E77F4C0822B83C9 328512 ----a-w- C:\windows\Sysnative\drivers\Classpnp.sys 2014-11-24 20:54:16 FAC362ED29713A535C6E2EEFFA5B4733 270024 ----a-w- C:\windows\Sysnative\drivers\WdFilter.sys 2014-11-24 20:54:16 B7FD627AAE8E95848BFEC437C923A87E 35320 ----a-w- C:\windows\Sysnative\drivers\WdBoot.sys 2014-11-24 20:52:24 0EB535ADDC065F2D0CBFC089630A6065 171840 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2014-11-24 16:35:44 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-11-03 18:13:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-03 18:13:34 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\ROBERT\AppData\Roaming ====== 2014-11-03 18:12:38 -------- d-----w- C:\Users\ROBERT\AppData\Locallow\Sun ====== C:\Users\ROBERT ====== 2014-11-30 16:34:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Desktop\RSITx64.exe 2014-11-29 20:19:36 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Downloads\RSITx64.exe 2014-11-26 20:50:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2014-11-03 18:13:46 -------- d-----w- C:\ProgramData\Sun 2014-11-03 18:13:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-03 18:13:35 -------- d-----w- C:\ProgramData\Oracle ====== C: exe-files == 2014-11-30 16:34:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Desktop\RSITx64.exe 2014-11-29 20:20:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\ROBERT.exe 2014-11-29 20:19:36 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Downloads\RSITx64.exe 2014-11-27 19:18:25 82CB5C6E9EE9B1CD1FD84B24A2BE0228 713672 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.exe 2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VHCQC00\ochelper[1].exe 2014-11-26 16:53:54 285CFFDB3D91627EB1979302E5F277FC 462760 ----a-w- C:\Windows\System32\NotificationUI.exe 2014-11-26 16:53:54 20C5D70BAD65BA200CE906351F4CA007 582552 ----a-w- C:\Windows\System32\AutoUpdate.exe 2014-11-24 20:51:57 95F20403548F47822B6F96F2D6B2AA20 775312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-11-24 20:51:57 0E144293FBAECD79A045B336FA6C0F0D 770704 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-11-24 20:51:56 EDBEE1FFEE2F0A804B32BBD5317C3B84 485376 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-11-24 20:51:56 CCA72EBB1E4B0849EA251211F7C1B4AE 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-11-24 20:51:56 B62CEFF31A4CB18804727FA28381165A 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-11-24 20:48:09 BB13DCE3B70EEFF2AD8A0182AB17C968 320528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe 2014-11-24 20:42:13 F5990EFEDD846FF03771E95E3F241483 6122736 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2014-11-24 20:42:13 91F861349A9B579667F6A050B56BA6A7 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2014-11-24 20:42:13 5C1EF7DFD56C52B8054977B6A381ABED 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2014-11-24 20:42:13 04202D3E38016AFB4367FFFCDD20C27F 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe === C: other files == 2014-11-24 20:54:27 2AE9136724568DB4F08BC04F131CFC54 2233152 ----a-w- C:\Windows\System32\Drivers\tcpip.sys 2014-11-24 20:54:26 11B9DC4FF08E11CB1E77F4C0822B83C9 328512 ----a-w- C:\Windows\System32\Drivers\Classpnp.sys 2014-11-24 20:54:16 FAC362ED29713A535C6E2EEFFA5B4733 270024 ----a-w- C:\Windows\System32\Drivers\WdFilter.sys 2014-11-24 20:54:16 B7FD627AAE8E95848BFEC437C923A87E 35320 ----a-w- C:\Windows\System32\Drivers\WdBoot.sys 2014-11-24 20:54:04 7AFD5CA6E87242AD40FBBACBEC199177 4068864 ----a-w- C:\Windows\System32\win32k.sys 2014-11-24 20:52:24 0EB535ADDC065F2D0CBFC089630A6065 171840 ----a-w- C:\Windows\System32\Drivers\ksecpkg.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-06-14 17:40:42 1298 ----a-w- C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\HPCeeScheduleForROBERT.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\windows\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\windows\SysNative\tasks\HPCeeScheduleForROBERT" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=247 folders=127 72666523 bytes) ==== EOF on ma 01/12/2014 at 20:55:26,97 ====================== -
Mail Delivery System
DENBIKER reageerde op DENBIKER's topic in Archief Bestrijding malware & virussen
Beste Hier het gevraagde logbestand Logfile of random's system information tool 1.10 (written by random/random) Run by ROBERT at 2014-11-30 17:37:36 Microsoft Windows 8 System drive C: has 389 GB (83%) free of 471 GB Total RAM: 16339 MB (89% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:37:40, on 30/11/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17148) Boot mode: Normal Running processes: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\windows\SysWOW64\ctfmon.exe c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Program Files\trend micro\ROBERT.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/15 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/15 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON13/15 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=60f16340400647d39dcf5918bd8685a0-3711b3a07d591d98c18178477202d1fd567e1047 /CMPID=1213b O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11429 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8cb1-d7458dacb533 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\IDT\WDM\STacSV64.exe" C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\windows\system32\svchost.exe -k apphost "C:\Program Files\Bonjour\mDNSResponder.exe" "c:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" C:\windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\windows\system32\conhost.exe 0x4 dashost.exe {45f7ee69-241b-4e6f-965a1ab9a7b381bb} C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2015\avgemca.exe" "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\windows\System32\WinLogon.exe -SpecialSession -hiberboot atieclxx C:\windows\Explorer.EXE taskhostex.exe "C:\Program Files\IDT\WDM\Beats64.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ctfmon.exe "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE" -Embedding "C:\Users\ROBERT\Desktop\RSITx64.exe" C:\windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\windows\tasks\HPCeeScheduleForROBERT.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForROBERT (null) ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-03 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-25 3627032] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-03 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-25 3627032] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-10-25 41664] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-10-25 1664000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_1213b"=C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=60f16340400647d39dcf5918bd8685a0-3711b3a07d591d98c18178477202d1fd567e1047 /CMPID=1213b [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-05-15 642816] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-25 2640408] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-09-05 3593744] C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-27 20:18:25 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe 2014-11-26 17:53:54 ----A---- C:\windows\system32\NotificationUI.exe 2014-11-26 17:53:54 ----A---- C:\windows\system32\AutoUpdate.exe 2014-11-24 21:54:28 ----A---- C:\windows\system32\dnsapi.dll 2014-11-24 21:54:27 ----A---- C:\windows\SYSWOW64\WsmSvc.dll 2014-11-24 21:54:27 ----A---- C:\windows\SYSWOW64\dnsapi.dll 2014-11-24 21:54:27 ----A---- C:\windows\system32\WsmSvc.dll 2014-11-24 21:54:27 ----A---- C:\windows\system32\drivers\tcpip.sys 2014-11-24 21:54:27 ----A---- C:\windows\system32\dnsrslvr.dll 2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll 2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\rpchttp.dll 2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\FXSCOMEX.dll 2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\FXSAPI.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\WsmWmiPl.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\rpchttp.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSTIFF.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\FXST30.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSCOMEX.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSAPI.dll 2014-11-24 21:54:26 ----A---- C:\windows\system32\drivers\Classpnp.sys 2014-11-24 21:54:19 ----A---- C:\windows\system32\EncDump.dll 2014-11-24 21:54:19 ----A---- C:\windows\system32\audiosrv.dll 2014-11-24 21:54:19 ----A---- C:\windows\system32\AUDIOKSE.dll 2014-11-24 21:54:19 ----A---- C:\windows\system32\AudioEndpointBuilder.dll 2014-11-24 21:54:16 ----A---- C:\windows\system32\drivers\WdFilter.sys 2014-11-24 21:54:16 ----A---- C:\windows\system32\drivers\WdBoot.sys 2014-11-24 21:54:05 ----A---- C:\windows\SYSWOW64\oleaut32.dll 2014-11-24 21:54:05 ----A---- C:\windows\system32\oleaut32.dll 2014-11-24 21:54:04 ----A---- C:\windows\system32\win32k.sys 2014-11-24 21:53:36 ----A---- C:\windows\SYSWOW64\msi.dll 2014-11-24 21:53:36 ----A---- C:\windows\system32\msi.dll 2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\twinui.dll 2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\msihnd.dll 2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\authui.dll 2014-11-24 21:53:34 ----A---- C:\windows\system32\twinui.dll 2014-11-24 21:53:34 ----A---- C:\windows\system32\msihnd.dll 2014-11-24 21:53:34 ----A---- C:\windows\system32\authui.dll 2014-11-24 21:52:57 ----A---- C:\windows\SYSWOW64\msaudite.dll 2014-11-24 21:52:57 ----A---- C:\windows\SYSWOW64\adtschema.dll 2014-11-24 21:52:57 ----A---- C:\windows\system32\rdpcorets.dll 2014-11-24 21:52:57 ----A---- C:\windows\system32\msaudite.dll 2014-11-24 21:52:57 ----A---- C:\windows\system32\adtschema.dll 2014-11-24 21:52:36 ----A---- C:\windows\SYSWOW64\schannel.dll 2014-11-24 21:52:36 ----A---- C:\windows\system32\schannel.dll 2014-11-24 21:52:34 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll 2014-11-24 21:52:34 ----A---- C:\windows\system32\ncryptsslp.dll 2014-11-24 21:52:24 ----A---- C:\windows\SYSWOW64\SHCore.dll 2014-11-24 21:52:24 ----A---- C:\windows\system32\SHCore.dll 2014-11-24 21:52:24 ----A---- C:\windows\system32\lsasrv.dll 2014-11-24 21:52:24 ----A---- C:\windows\system32\drivers\ksecpkg.sys 2014-11-24 21:52:23 ----A---- C:\windows\SYSWOW64\pku2u.dll 2014-11-24 21:52:23 ----A---- C:\windows\SYSWOW64\kerberos.dll 2014-11-24 21:52:23 ----A---- C:\windows\system32\kerberos.dll 2014-11-24 21:52:22 ----A---- C:\windows\system32\pku2u.dll 2014-11-24 21:52:14 ----A---- C:\windows\SYSWOW64\packager.dll 2014-11-24 21:52:14 ----A---- C:\windows\SYSWOW64\msxml3.dll 2014-11-24 21:52:14 ----A---- C:\windows\system32\packager.dll 2014-11-24 21:52:14 ----A---- C:\windows\system32\msxml3.dll 2014-11-24 21:52:02 ----A---- C:\windows\system32\mshtml.dll 2014-11-24 21:51:59 ----A---- C:\windows\SYSWOW64\mshtml.dll 2014-11-24 21:51:58 ----A---- C:\windows\SYSWOW64\ieframe.dll 2014-11-24 21:51:58 ----A---- C:\windows\system32\wininet.dll 2014-11-24 21:51:58 ----A---- C:\windows\system32\iertutil.dll 2014-11-24 21:51:58 ----A---- C:\windows\system32\ieframe.dll 2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\wininet.dll 2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\urlmon.dll 2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\iertutil.dll 2014-11-24 21:51:57 ----A---- C:\windows\system32\urlmon.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\msrating.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\msfeeds.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\jscript9.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\jscript.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\iesysprep.dll 2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\iedkcs32.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\uxtheme.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\msfeeds.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\jscript9.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\jscript.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\iesysprep.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\iedkcs32.dll 2014-11-24 21:51:56 ----A---- C:\windows\system32\ie4uinit.exe 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\uxtheme.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\UXInit.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\mshtmled.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\iesetup.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\iernonce.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\dxtrans.dll 2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\UXInit.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\msrating.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\mshtmled.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\jsproxy.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\iesetup.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\iernonce.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\dxtrans.dll 2014-11-24 21:51:55 ----A---- C:\windows\system32\dxtmsft.dll 2014-11-24 17:35:44 ----D---- C:\rsit 2014-11-24 17:35:44 ----D---- C:\Program Files\trend micro 2014-11-03 19:13:46 ----D---- C:\ProgramData\Sun 2014-11-03 19:13:45 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-11-03 19:13:35 ----D---- C:\ProgramData\Oracle 2014-11-03 19:13:34 ----D---- C:\Program Files (x86)\Java ======List of files/folders modified in the last 1 month====== 2014-11-30 17:34:30 ----D---- C:\windows\Temp 2014-11-30 17:33:24 ----D---- C:\ProgramData\MFAData 2014-11-30 17:00:00 ----D---- C:\windows\system32\sru 2014-11-30 16:58:46 ----D---- C:\windows\Prefetch 2014-11-30 16:56:44 ----D---- C:\windows\system32\NDF 2014-11-29 23:01:18 ----SHD---- C:\windows\Installer 2014-11-29 23:01:18 ----SHD---- C:\Config.Msi 2014-11-29 22:06:21 ----SHD---- C:\System Volume Information 2014-11-29 21:11:54 ----D---- C:\windows\Inf 2014-11-28 19:08:12 ----D---- C:\windows\Microsoft.NET 2014-11-28 19:07:33 ----RSD---- C:\windows\assembly 2014-11-28 13:12:30 ----D---- C:\windows\system32\config 2014-11-28 13:07:24 ----D---- C:\windows\AUInstallAgent 2014-11-28 13:06:48 ----HD---- C:\Program Files\WindowsApps 2014-11-27 22:09:40 ----D---- C:\windows\rescache 2014-11-27 20:22:10 ----RD---- C:\windows\System32 2014-11-27 20:22:10 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-11-27 20:20:15 ----A---- C:\windows\SYSWOW64\log.txt 2014-11-27 20:18:25 ----D---- C:\windows\WinSxS 2014-11-27 20:18:25 ----D---- C:\windows\SysWOW64 2014-11-27 20:17:17 ----D---- C:\Windows 2014-11-27 19:11:59 ----D---- C:\windows\system32\Drivers 2014-11-27 19:11:55 ----D---- C:\Program Files\Windows Defender 2014-11-27 19:11:54 ----D---- C:\Program Files (x86)\Windows Defender 2014-11-27 19:11:50 ----RD---- C:\windows\ToastData 2014-11-27 19:11:46 ----D---- C:\windows\SYSWOW64\nl-NL 2014-11-27 19:11:46 ----D---- C:\windows\system32\nl-NL 2014-11-27 19:11:39 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-27 19:11:36 ----D---- C:\Program Files\Internet Explorer 2014-11-27 19:11:35 ----D---- C:\windows\system32\DriverStore 2014-11-26 21:50:08 ----D---- C:\ProgramData\YTD Video Downloader 2014-11-26 18:57:29 ----D---- C:\windows\CbsTemp 2014-11-26 18:57:12 ----D---- C:\ProgramData\Microsoft Help 2014-11-26 18:54:50 ----RSD---- C:\windows\Fonts 2014-11-26 18:52:22 ----D---- C:\windows\system32\MRT 2014-11-26 18:50:36 ----A---- C:\windows\system32\MRT.exe 2014-11-26 18:41:05 ----D---- C:\windows\Tasks 2014-11-26 18:41:05 ----D---- C:\windows\system32\Tasks 2014-11-26 17:52:05 ----D---- C:\windows\system32\catroot2 2014-11-24 21:41:16 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-11-24 21:35:03 ----D---- C:\windows\system32\wbem 2014-11-24 21:34:13 ----D---- C:\windows\system32\WinMetadata 2014-11-24 21:34:13 ----D---- C:\windows\system32\drivers\etc 2014-11-24 21:34:05 ----D---- C:\windows\SYSWOW64\config 2014-11-24 21:33:52 ----D---- C:\windows\system32\CodeIntegrity 2014-11-24 21:33:51 ----D---- C:\windows\system32\AutoUpdateLicense 2014-11-24 21:33:50 ----D---- C:\windows\Minidump 2014-11-24 21:33:43 ----D---- C:\Users\ROBERT\AppData\Roaming\WebApp 2014-11-24 21:33:38 ----D---- C:\Users\ROBERT\AppData\Roaming\ArcSoft 2014-11-24 21:25:23 ----D---- C:\windows\registration 2014-11-24 21:25:00 ----D---- C:\windows\system32\catroot 2014-11-24 21:24:45 ----SD---- C:\Users\ROBERT\AppData\Roaming\Microsoft 2014-11-24 21:22:09 ----RD---- C:\Program Files 2014-11-24 21:21:55 ----RHD---- C:\MSOCache 2014-11-24 20:20:50 ----D---- C:\windows\SoftwareDistribution 2014-11-24 18:28:31 ----D---- C:\windows\debug 2014-11-12 11:06:42 ----HD---- C:\$AVG 2014-11-07 12:32:53 ----HD---- C:\$Windows.~BT 2014-11-03 19:13:46 ----HD---- C:\ProgramData 2014-11-03 19:13:46 ----D---- C:\Program Files (x86)\Common Files 2014-11-03 19:13:34 ----RD---- C:\Program Files (x86) ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 Avgfwfd;@oem45.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-24 247576] R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2014-08-20 243480] R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2014-08-11 50976] R1 Avgwfpa;AVG Firewall Driver; C:\windows\system32\DRIVERS\avgwfpa.sys [2014-07-18 273176] R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000] R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2013-12-28 11660800] R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2013-12-28 581120] R3 AtiHDAudioService;@oem50.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW86.sys [2013-12-28 98744] R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-18 62784] R3 netr28x;@oem53.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2013-12-04 2505904] R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-28 772680] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-10-25 543744] R3 tilfilter;@oem41.inf,%lfilter.SvcDesc%;TI xHCI Lower Filter Driver Service; C:\windows\System32\drivers\TIxHCIlfilter.sys [2012-11-20 17528] R3 tiufilter;@oem41.inf,%ufilter.SvcDesc%;TI xHCI Upper Filter Driver Service; C:\windows\System32\drivers\TIxHCIufilter.sys [2012-11-20 23184] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920] S0 amdkmafd;@oem51.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\windows\System32\drivers\amdkmafd.sys [2013-12-28 21160] S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496] S3 A38CCID;@oem54.inf,%ACS.ACSCCID.DevDesc%;CCID USB Smart Card Reader; C:\windows\system32\DRIVERS\a38ccid.sys [2014-10-29 62976] S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2013-01-09 51712] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-06-02 10627744] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2013-03-01 156672] S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2013-07-05 121984] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-01 43008] S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-05 210560] S3 WinUsb;@WUDFUsbccidDriver.inf,%WinUsb_Service_DisplayName%;WinUsb-stuurprogramma; C:\windows\system32\DRIVERS\WinUSB.sys [2012-07-26 57344] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2013-12-28 241152] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2012-10-12 29696] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-09-05 3364368] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-09-05 293448] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPConnectedRemote;HP Connected Remote Service; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-10-12 35744] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-18 276864] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-10-25 327680] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-18 364416] R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-09-05 1459872] S3 aspnet_state;aspnet_state; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2012-10-12 29696] -----------------EOF----------------- -
Beste , Al een paar dagen krijg ik 10 tal mails van dit aan , ik heb al een paar van jullie forums gelezen met dit probleem .Maar het lukt niet Kunnen jullie mij helpen ? grt
