bernard
-
Items
2.256 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door bernard
-
Ik heb eigenlijk een vraag waarvan ik niet weet waar ik deze moet plaatsen . Ik heb een HP laptop , en ik zou het prettig vinden als ik daar een 2 e aansluitkabel bij had . Als wij met vakantie gaan neem ik altijd de laptop mee , maar dan moet ik altijd de originele kabel tevoorschijn halen , want die heb ik n.l. netjes weggewerkt . De vraag is , kan ik daar alle kabels van HP voor gebruiken , als er maar een ronde aansluit plu aan zit ?
-
Het bgaat bij mij iets anders ( window 7 ) Ik moest naar configuratiescherm > mapopties > weergave enz. Maar ik heb het maar weer teruggezet zoals het was. Nogmaals bedankt , en nog een fijne zondag avond
-
Ik geloof je direkt , Maar voor deze ,,operatie ,, stond dat er niet achter , vandaar dat ik er op terug kom . Maar het is verder geen probleem ?
-
Ik gebruik : Microsoft Office Word 2007
-
Ja sorry , maar ik open het nog maar even .Want je vroeg mij in # 15 of ik nog merkbare problemen tegen gekomen was . Zoals ik al zei , dat ik dat in het gebruik misschien zou tegen komen . Wat mij opvalt , is dat ik in ,, mijn documenten ,, nu achter elk document : docx heb staan . Is dit nu normaal of kan dit verandert worden ?
-
Goedenmorgen , ook dit is goed verlopen , dus als ik het goed begrijp hebben we ons huiswerk weer gedaan . Mag ik je hartelijk bedanken , en het was weer een gezellige discussie .
-
Ik wordt steeds slimmer , als ik jullie was zou ik me maar zorgen gaan maken dat ik straks jullie team kan komen versterken !!!!!!!!!!! Zonder gekheid , het programma is microsoft security Essentials . Maar na dat ik de computer een herstart heb gedaan was het weer in orde . En verder , dat is dus even afwachten hoe het nu werkt als ik er mee bezig ben . Het rondje vabn de vraag van de discussie staat in ieder geval weer stil als de pagina er is die gevraagd werd .
-
Ik kreeg een seintje dat ik mijn beveiliging weer moest inschakelen , maar het was gelijk verdwenen . Hoe krijg ik die weer terug ?
-
# AdwCleaner v4.108 - Rapport aangemaakt 17/01/2015 op 20:49:31 # Laatste Update 17/01/2015 door Xplode # Database : 2015-01-13.2 [Live] # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Bernardus - BERNARDUS-PC # Gestart vanuit : C:\Users\Bernardus\Contacts\Downloads\adwcleaner_4.108.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\ParetoLogic Map Verwijderd : C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip Map Verwijderd : C:\Users\Bernardus\AppData\Roaming\Opera Software\Opera Stable\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip ***** [ Taken ] ***** Taak Verwijderd : MySearchDial Taak Verwijderd : RegClean Pro Taak Verwijderd : Scheduled Update for Ask Toolbar ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{29CE1D19-D0AD-4222-BB5F-C959DC218F03} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{29CE1D19-D0AD-4222-BB5F-C959DC218F03} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{29CE1D19-D0AD-4222-BB5F-C959DC218F03} Sleutel Verwijderd : HKCU\Software\ParetoLogic Sleutel Verwijderd : HKLM\SOFTWARE\ParetoLogic Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ams1.ib.adnxs.com ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v -\\ Google Chrome v [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314759&octid=EB_ORIGINAL_CTID&ISID=MBD778BB8-F564-406A-A181-7A956D10FDE3&SearchSource=58&CUI=&UM=6&UP=SPBB7C5E77-97C8-4828-9717-4AC7D88CCF11&q={searchTerms}&SSPV=SP21715VC_sp_ch [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314759&octid=EB_ORIGINAL_CTID&ISID=MBD778BB8-F564-406A-A181-7A956D10FDE3&SearchSource=58&CUI=&UM=6&UP=SPBB7C5E77-97C8-4828-9717-4AC7D88CCF11&q={searchTerms}&SSPV=SP21715VC_sp_ch [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417973938&from=tugs&uid=ST9500420AS_5VJ18JAZ&q={searchTerms} [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417973938&from=tugs&uid=ST9500420AS_5VJ18JAZ&q={searchTerms} -\\ Opera v0.0.0.0 [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314759&octid=EB_ORIGINAL_CTID&ISID=MBD778BB8-F564-406A-A181-7A956D10FDE3&SearchSource=58&CUI=&UM=6&UP=SPBB7C5E77-97C8-4828-9717-4AC7D88CCF11&q={searchTerms}&SSPV=SP21715VC_sp_ch [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314759&octid=EB_ORIGINAL_CTID&ISID=MBD778BB8-F564-406A-A181-7A956D10FDE3&SearchSource=58&CUI=&UM=6&UP=SPBB7C5E77-97C8-4828-9717-4AC7D88CCF11&q={searchTerms}&SSPV=SP21715VC_sp_ch [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417973938&from=tugs&uid=ST9500420AS_5VJ18JAZ&q={searchTerms} [C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417973938&from=tugs&uid=ST9500420AS_5VJ18JAZ&q={searchTerms} [C:\Users\Bernardus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Verwijderd [Extension] : hniiadklfgdhjcmmkpggffjngihaaoip ************************* AdwCleaner[R0].txt - [7649 octets] - [17/01/2015 20:45:13] AdwCleaner[s0].txt - [8483 octets] - [17/01/2015 20:49:31] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8543 octets] ##########
-
Zoek.exe v5.0.0.0 Updated 15-01-2015 Tool run by Bernardus on za 17-01-2015 at 19:13:45,86. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Bernardus\Contacts\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-01-17-181316.log 11411 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\ParetoLogic deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9974B77-9BF3-4F23-94E3-3B06DD690376} deleted successfully HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Common Files\ParetoLogic not found C:\Program Files (x86)\ParetoLogic\PCHA not found C:\Program Files (x86)\globalUpdate not found C:\Users\Bernardus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér not found "C:\Windows\tasks\ParetoLogic Registration3.job" not found "C:\Windows\tasks\ParetoLogic Update Version3.job" not found "C:\Windows\tasks\PC Health Advisor Defrag.job" not found "C:\Windows\tasks\PC Health Advisor.job" not found C:\Users\Bernardus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRICEM~1 deleted C:\install.exe deleted C:\Users\Bernardus\AppData\Roaming\ParetoLogic deleted C:\Users\Bernardus\AppData\Roaming\DriverCure deleted C:\Users\Bernardus\AppData\Local\globalUpdate deleted C:\Users\Bernardus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Users\Bernardus\AppData\Roaming\GEHNBD" deleted "C:\Users\Bernardus\AppData\Roaming\JDYQP" deleted "C:\Users\Bernardus\AppData\Roaming\KEQDFQ" deleted "C:\Users\Bernardus\AppData\Roaming\LSHLRGPF" deleted "C:\Users\Bernardus\AppData\Roaming\QAKOG" deleted "C:\Users\Bernardus\AppData\Roaming\URQE" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\BERNAR~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-01-17 15:43:12 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-01-14 15:33:31 FE48346938C1CDDDF4E4097DB9B99764 52224 ----a-w- C:\Windows\SysWOW64\nlaapi.dll 2015-01-14 15:33:31 92940397DFFB4D237EA5BB22FF912BDC 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll 2015-01-14 15:33:25 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 15:33:23 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 15:33:22 9606307F5E1EABA98ACB61206EFC2127 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-01-14 15:33:33 B6A58491307B4CADA572583D863DC602 210432 ----a-w- C:\Windows\Sysnative\profsvc.dll 2015-01-14 15:33:32 8B301D474B478E9A92823BAB50A7BC49 303616 ----a-w- C:\Windows\Sysnative\nlasvc.dll 2015-01-14 15:33:29 2A9C3ADBC3B9D061CACDEFFBED67683C 87040 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2015-01-14 15:33:25 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-01-14 15:33:22 F4846789B3795F14DCB7D92ED1DAF74F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-01-14 15:33:22 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-01-14 15:33:22 BA6D609BAB615991E8791CA1DFFD034C 50176 ----a-w- C:\Windows\Sysnative\srclient.dll ====== C:\Windows\Sysnative\drivers ===== 2015-01-14 15:33:31 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== 2014-12-25 08:06:26 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Bernardus\AppData\Roaming ====== ====== C:\Users\Bernardus ====== 2015-01-17 15:42:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2015-01-17 15:43:00 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-01-17 15:43:00 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-01-17 15:43:00 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-01-17 15:42:44 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2015-01-17 15:42:44 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2015-01-17 15:42:44 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2015-01-17 15:42:44 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2015-01-17 15:42:44 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2015-01-17 15:42:44 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2015-01-17 15:42:43 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2015-01-17 15:42:43 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2015-01-17 15:42:43 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2015-01-17 15:42:43 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2015-01-17 15:42:43 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2015-01-17 15:42:43 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2015-01-17 15:42:43 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2015-01-17 15:42:42 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2015-01-17 15:42:42 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2015-01-17 15:42:41 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2015-01-17 15:42:41 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2015-01-17 15:42:41 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2015-01-17 15:42:41 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2015-01-17 15:42:41 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2015-01-17 15:42:41 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2015-01-16 19:51:34 BA7DC0C9141BE7292CA7E744B6F19F26 897104 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.99\39.0.2171.99_39.0.2171.95_chrome_updater.exe 2015-01-16 19:42:43 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe 2015-01-16 19:42:14 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64.exe 2015-01-14 15:33:29 2A9C3ADBC3B9D061CACDEFFBED67683C 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2015-01-14 15:33:25 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 15:33:25 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-01-14 15:33:23 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 15:33:22 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\System32\rstrui.exe === C: other files == 2015-01-17 15:42:46 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2015-01-17 15:41:20 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJP02UDT\JavaSetup8u25.com 2015-01-17 15:30:21 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\Bernardus\Contacts\Downloads\JavaSetup8u25.com 2015-01-14 15:33:31 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Google Update"="C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HPCam_Menu"="c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\Hewlett-Packard\Media\Webcam UpdateWithCreateOnce Software\Hewlett-Packard\Media\Webcam" "UpdatePRCShortCut"="C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Hewlett-Packard\Recovery UpdateWithCreateOnce Software\CyberLink\PowerRecover" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Google Update"="C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QlbCtrl.exe" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartMenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmartMenu" "hkey"="HKLM" "command"="C:\\Program Files\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Hp\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-01-2015 16:16] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 11:43] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 11:43] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job --a------ C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [13-09-2012 19:45] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job --a------ C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [13-09-2012 19:45] C:\Windows\tasks\HPCeeScheduleForBernardus.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [07-10-2009 04:22] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CapSchedInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe] "C:\Windows\SysNative\tasks\CapSvcInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe] "C:\Windows\SysNative\tasks\CapUninst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core" [C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA" [C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForBernardus" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\TVAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe] "C:\Windows\SysNative\tasks\{669B02A7-B98D-46F0-A5B2-4AA307623D79}" [C:\Users\Bernardus\Downloads\Scrabble Deluxe NL\scrabbledownload.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade" [C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\rdot3j7h.default user_pref("browser.search.defaulturl", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 20:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 20:04] ==== Firefox Extensions ====================== ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\TomTom\HOME\Profiles\f7e2f2p1.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Wallet - Bernardus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Media+PlayerVidEd2.0 - Bernardus\AppData\Roaming\Opera Software\Opera Stable\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" "Start Page Restore"="http://www.startpagina.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" "Start Page Restore"="http://www.startpagina.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {29CE1D19-D0AD-4222-BB5F-C959DC218F03} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-nl" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SUNC_nl" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIBDQXQ5 will be deleted at reboot C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7EVZPQX will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Bernardus\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=305 folders=36 14106380 bytes) ==== Empty Temp Folders ====================== C:\Users\Bernardus\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BERNAR~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIBDQXQ5" not found "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7EVZPQX" deleted ==== EOF on za 17-01-2015 at 19:45:39,79 ======================
-
Kan het zijn dat hij bij mij onder downloads staat als pdf bestand ? Zo ja , deze heb ik nu wel op bureau scherm
-
Bedoel je met c partitie de c schijf ? Als ik op download exe klik ( bijlage ) dan moet ik kiezen uit opslaan of uitvoeren . Maar dan heb ik toch nog geen download exe op het bureaublad ? En dus kan ik nog niet verder ?
-
ik heb de nieuwe java gedownload ( zie bijlage )Ik neem aan dat dit goed is , want het ging even iets anders als in de beschrijving stond ? Dan probeer ik Zoek .exe naar mijn bureaublad te downloaden , maar dit lukt mij niet . Even een hint s.v.p?
-
Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2015-01-16 20:48:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 335 GB (72%) free of 463 GB Total RAM: 4063 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:41, on 30-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13480 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 4462176 \??\C:\Windows\system32\conhost.exe "-372367844-139279226712103019381827431627-8764393762072725435960069054539100217 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" "taskhost.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Windows\Explorer.EXE "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2696 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" C:\Windows\system32\SearchIndexer.exe /Embedding -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc "C:\Program Files\iPod\bin\iPodService.exe" taskeng.exe {E58D3ABA-95A6-4693-955A-D25DAAE0641F} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>20303</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:1905949 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:2692381 /prefetch:2 "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:3872044 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:923046 /prefetch:2 "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64.exe" "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\trend micro\Bernardus.exe" /silentautolog taskeng.exe {3C532E38-BCB7-41F2-B687-E55EC286B23A} C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-20 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-20 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-16 20:42:47 ----D---- C:\rsit 2015-01-14 16:33:33 ----A---- C:\Windows\system32\profsvc.dll 2015-01-14 16:33:32 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-14 16:33:29 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-14 16:33:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-14 16:33:25 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-14 16:33:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-14 16:33:22 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srcore.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\rstrui.exe 2014-12-18 09:10:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-18 09:10:16 ----A---- C:\Windows\system32\ieUnatt.exe ======List of files/folders modified in the last 1 month====== 2015-01-16 20:48:50 ----D---- C:\Program Files\trend micro 2015-01-16 20:42:44 ----D---- C:\Windows\Temp 2015-01-16 19:18:00 ----D---- C:\Windows\system32\config 2015-01-16 16:19:16 ----D---- C:\Windows\System32 2015-01-16 16:19:16 ----D---- C:\Windows\inf 2015-01-16 16:19:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-16 08:49:17 ----A---- C:\ProgramData\HPWALog.txt 2015-01-16 08:46:43 ----HD---- C:\ProgramData 2015-01-14 17:05:05 ----D---- C:\Windows\winsxs 2015-01-14 17:03:49 ----D---- C:\Windows\SysWOW64 2015-01-14 17:03:49 ----D---- C:\Windows\system32\drivers 2015-01-14 16:59:53 ----D---- C:\Windows\system32\MRT 2015-01-14 16:54:57 ----D---- C:\Windows\debug 2015-01-14 16:54:53 ----A---- C:\Windows\system32\MRT.exe 2015-01-14 16:54:40 ----SHD---- C:\System Volume Information 2015-01-14 16:30:53 ----D---- C:\Windows\system32\catroot2 2015-01-14 16:16:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-08 14:59:23 ----SHD---- C:\Windows\Installer 2015-01-08 14:59:15 ----RSD---- C:\Windows\assembly 2015-01-08 14:59:15 ----HD---- C:\Config.Msi 2015-01-08 14:59:03 ----D---- C:\ProgramData\Microsoft Help 2015-01-04 20:25:08 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2015-01-02 20:54:59 ----D---- C:\Windows 2015-01-01 21:05:31 ----D---- C:\Windows\system32\FxsTmp 2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe 2014-12-25 09:06:26 ----D---- C:\Windows\system32\Tasks 2014-12-22 20:45:33 ----D---- C:\Windows\PolicyDefinitions 2014-12-22 20:44:34 ----RD---- C:\Program Files (x86) 2014-12-22 20:44:31 ----D---- C:\Program Files (x86)\globalUpdate 2014-12-22 20:44:29 ----D---- C:\Windows\Tasks 2014-12-22 19:45:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-12-29 129752] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2015-01-16 20:48:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 335 GB (72%) free of 463 GB Total RAM: 4063 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:41, on 30-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13480 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 4462176 \??\C:\Windows\system32\conhost.exe "-372367844-139279226712103019381827431627-8764393762072725435960069054539100217 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" "taskhost.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Windows\Explorer.EXE "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2696 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" C:\Windows\system32\SearchIndexer.exe /Embedding -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc "C:\Program Files\iPod\bin\iPodService.exe" taskeng.exe {E58D3ABA-95A6-4693-955A-D25DAAE0641F} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>20303</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:1905949 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:2692381 /prefetch:2 "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:3872044 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:923046 /prefetch:2 "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64.exe" "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\trend micro\Bernardus.exe" /silentautolog taskeng.exe {3C532E38-BCB7-41F2-B687-E55EC286B23A} C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-20 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-20 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-16 20:42:47 ----D---- C:\rsit 2015-01-14 16:33:33 ----A---- C:\Windows\system32\profsvc.dll 2015-01-14 16:33:32 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-14 16:33:29 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-14 16:33:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-14 16:33:25 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-14 16:33:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-14 16:33:22 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srcore.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\rstrui.exe 2014-12-18 09:10:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-18 09:10:16 ----A---- C:\Windows\system32\ieUnatt.exe ======List of files/folders modified in the last 1 month====== 2015-01-16 20:48:50 ----D---- C:\Program Files\trend micro 2015-01-16 20:42:44 ----D---- C:\Windows\Temp 2015-01-16 19:18:00 ----D---- C:\Windows\system32\config 2015-01-16 16:19:16 ----D---- C:\Windows\System32 2015-01-16 16:19:16 ----D---- C:\Windows\inf 2015-01-16 16:19:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-16 08:49:17 ----A---- C:\ProgramData\HPWALog.txt 2015-01-16 08:46:43 ----HD---- C:\ProgramData 2015-01-14 17:05:05 ----D---- C:\Windows\winsxs 2015-01-14 17:03:49 ----D---- C:\Windows\SysWOW64 2015-01-14 17:03:49 ----D---- C:\Windows\system32\drivers 2015-01-14 16:59:53 ----D---- C:\Windows\system32\MRT 2015-01-14 16:54:57 ----D---- C:\Windows\debug 2015-01-14 16:54:53 ----A---- C:\Windows\system32\MRT.exe 2015-01-14 16:54:40 ----SHD---- C:\System Volume Information 2015-01-14 16:30:53 ----D---- C:\Windows\system32\catroot2 2015-01-14 16:16:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-08 14:59:23 ----SHD---- C:\Windows\Installer 2015-01-08 14:59:15 ----RSD---- C:\Windows\assembly 2015-01-08 14:59:15 ----HD---- C:\Config.Msi 2015-01-08 14:59:03 ----D---- C:\ProgramData\Microsoft Help 2015-01-04 20:25:08 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2015-01-02 20:54:59 ----D---- C:\Windows 2015-01-01 21:05:31 ----D---- C:\Windows\system32\FxsTmp 2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe 2014-12-25 09:06:26 ----D---- C:\Windows\system32\Tasks 2014-12-22 20:45:33 ----D---- C:\Windows\PolicyDefinitions 2014-12-22 20:44:34 ----RD---- C:\Program Files (x86) 2014-12-22 20:44:31 ----D---- C:\Program Files (x86)\globalUpdate 2014-12-22 20:44:29 ----D---- C:\Windows\Tasks 2014-12-22 19:45:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-12-29 129752] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2015-01-16 20:48:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 335 GB (72%) free of 463 GB Total RAM: 4063 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:41, on 30-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13480 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 4462176 \??\C:\Windows\system32\conhost.exe "-372367844-139279226712103019381827431627-8764393762072725435960069054539100217 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" "taskhost.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Windows\Explorer.EXE "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2696 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" C:\Windows\system32\SearchIndexer.exe /Embedding -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc "C:\Program Files\iPod\bin\iPodService.exe" taskeng.exe {E58D3ABA-95A6-4693-955A-D25DAAE0641F} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>20303</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:1905949 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:2692381 /prefetch:2 "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:3872044 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:923046 /prefetch:2 "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64.exe" "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\trend micro\Bernardus.exe" /silentautolog taskeng.exe {3C532E38-BCB7-41F2-B687-E55EC286B23A} C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-20 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-20 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-16 20:42:47 ----D---- C:\rsit 2015-01-14 16:33:33 ----A---- C:\Windows\system32\profsvc.dll 2015-01-14 16:33:32 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-14 16:33:29 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-14 16:33:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-14 16:33:25 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-14 16:33:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-14 16:33:22 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srcore.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\rstrui.exe 2014-12-18 09:10:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-18 09:10:16 ----A---- C:\Windows\system32\ieUnatt.exe ======List of files/folders modified in the last 1 month====== 2015-01-16 20:48:50 ----D---- C:\Program Files\trend micro 2015-01-16 20:42:44 ----D---- C:\Windows\Temp 2015-01-16 19:18:00 ----D---- C:\Windows\system32\config 2015-01-16 16:19:16 ----D---- C:\Windows\System32 2015-01-16 16:19:16 ----D---- C:\Windows\inf 2015-01-16 16:19:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-16 08:49:17 ----A---- C:\ProgramData\HPWALog.txt 2015-01-16 08:46:43 ----HD---- C:\ProgramData 2015-01-14 17:05:05 ----D---- C:\Windows\winsxs 2015-01-14 17:03:49 ----D---- C:\Windows\SysWOW64 2015-01-14 17:03:49 ----D---- C:\Windows\system32\drivers 2015-01-14 16:59:53 ----D---- C:\Windows\system32\MRT 2015-01-14 16:54:57 ----D---- C:\Windows\debug 2015-01-14 16:54:53 ----A---- C:\Windows\system32\MRT.exe 2015-01-14 16:54:40 ----SHD---- C:\System Volume Information 2015-01-14 16:30:53 ----D---- C:\Windows\system32\catroot2 2015-01-14 16:16:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-08 14:59:23 ----SHD---- C:\Windows\Installer 2015-01-08 14:59:15 ----RSD---- C:\Windows\assembly 2015-01-08 14:59:15 ----HD---- C:\Config.Msi 2015-01-08 14:59:03 ----D---- C:\ProgramData\Microsoft Help 2015-01-04 20:25:08 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2015-01-02 20:54:59 ----D---- C:\Windows 2015-01-01 21:05:31 ----D---- C:\Windows\system32\FxsTmp 2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe 2014-12-25 09:06:26 ----D---- C:\Windows\system32\Tasks 2014-12-22 20:45:33 ----D---- C:\Windows\PolicyDefinitions 2014-12-22 20:44:34 ----RD---- C:\Program Files (x86) 2014-12-22 20:44:31 ----D---- C:\Program Files (x86)\globalUpdate 2014-12-22 20:44:29 ----D---- C:\Windows\Tasks 2014-12-22 19:45:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-12-29 129752] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2015-01-16 20:48:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 335 GB (72%) free of 463 GB Total RAM: 4063 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:41, on 30-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13480 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 4462176 \??\C:\Windows\system32\conhost.exe "-372367844-139279226712103019381827431627-8764393762072725435960069054539100217 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" "taskhost.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Windows\Explorer.EXE "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2696 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" C:\Windows\system32\SearchIndexer.exe /Embedding -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc "C:\Program Files\iPod\bin\iPodService.exe" taskeng.exe {E58D3ABA-95A6-4693-955A-D25DAAE0641F} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>20303</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:1905949 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:2692381 /prefetch:2 "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:3872044 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4456 CREDAT:923046 /prefetch:2 "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64.exe" "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\trend micro\Bernardus.exe" /silentautolog taskeng.exe {3C532E38-BCB7-41F2-B687-E55EC286B23A} C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTIFFA5K\RSITx64 (1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-20 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-20 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-20 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-16 20:42:47 ----D---- C:\rsit 2015-01-14 16:33:33 ----A---- C:\Windows\system32\profsvc.dll 2015-01-14 16:33:32 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-14 16:33:31 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-14 16:33:29 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-14 16:33:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-14 16:33:25 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-14 16:33:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-14 16:33:22 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srcore.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\srclient.dll 2015-01-14 16:33:22 ----A---- C:\Windows\system32\rstrui.exe 2014-12-18 09:10:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-18 09:10:16 ----A---- C:\Windows\system32\ieUnatt.exe ======List of files/folders modified in the last 1 month====== 2015-01-16 20:48:50 ----D---- C:\Program Files\trend micro 2015-01-16 20:42:44 ----D---- C:\Windows\Temp 2015-01-16 19:18:00 ----D---- C:\Windows\system32\config 2015-01-16 16:19:16 ----D---- C:\Windows\System32 2015-01-16 16:19:16 ----D---- C:\Windows\inf 2015-01-16 16:19:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-16 08:49:17 ----A---- C:\ProgramData\HPWALog.txt 2015-01-16 08:46:43 ----HD---- C:\ProgramData 2015-01-14 17:05:05 ----D---- C:\Windows\winsxs 2015-01-14 17:03:49 ----D---- C:\Windows\SysWOW64 2015-01-14 17:03:49 ----D---- C:\Windows\system32\drivers 2015-01-14 16:59:53 ----D---- C:\Windows\system32\MRT 2015-01-14 16:54:57 ----D---- C:\Windows\debug 2015-01-14 16:54:53 ----A---- C:\Windows\system32\MRT.exe 2015-01-14 16:54:40 ----SHD---- C:\System Volume Information 2015-01-14 16:30:53 ----D---- C:\Windows\system32\catroot2 2015-01-14 16:16:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-08 14:59:23 ----SHD---- C:\Windows\Installer 2015-01-08 14:59:15 ----RSD---- C:\Windows\assembly 2015-01-08 14:59:15 ----HD---- C:\Config.Msi 2015-01-08 14:59:03 ----D---- C:\ProgramData\Microsoft Help 2015-01-04 20:25:08 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2015-01-02 20:54:59 ----D---- C:\Windows 2015-01-01 21:05:31 ----D---- C:\Windows\system32\FxsTmp 2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe 2014-12-25 09:06:26 ----D---- C:\Windows\system32\Tasks 2014-12-22 20:45:33 ----D---- C:\Windows\PolicyDefinitions 2014-12-22 20:44:34 ----RD---- C:\Program Files (x86) 2014-12-22 20:44:31 ----D---- C:\Program Files (x86)\globalUpdate 2014-12-22 20:44:29 ----D---- C:\Windows\Tasks 2014-12-22 19:45:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-12-29 129752] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
Het valt mij op , dat als ik de laptop start , en dan is startpagina mijn startpagina , het rondje voor startpagina boven in de balk maar blijft draaien (zoeken ) Kan ziggo hier de oorzaak van zijn ?
-
Over het laatste ook contact gehad met Kape . Dus kan ik deze discussie ne wel afsluiten .
-
Ik heb toch maar gekozen voor de optie van bericht 12 , alleen heb ik de vertraging van 00 15 gebracht . En het werkt . Nu maar afwachten of ze er blij mee is , Heb ik iets heel anders ; Ik heb een hele tijd terug eens een systeem herstel gedaan op de laptop van mijn vrouw . Nu met deze ,, dubbele account ,, weet ik niet wat ik er mee aan moet . Ik heb al een mailtje gestuurd naar Kape , maar die heeft hij denk ik niet ontvangen . Ook heb ik helemaal onder aan de site op contact geklikt en mijn verhaal gedaan . Maar ook nog niets gehoord . Zoals ik al zei , ik weet niet of ik een nieuw wachtwoord aan moet vragen en of dat dan weer voor beide laptops is Al met al een beetje een warrig verhaal ( maar daar kijken jullie bij mij niet meer van op denk ik ???? Ik doe er een paar bijlages bij ter het een beetje duidelijk te maken
-
Voordat ik het ga doen , heb ik nog een paar vragen . Als ik op de snelkoppeling in mijn taakbalk klik , krijg ik dan ook de keuze uit slaapstand , afmelden en afsluiten ? Of is dit alleen maar pats boem afsluiten ? Is in plaats van slaapstand ook mogelijk om gewoon de klep te sluiten , en bij openen weer verder kunnen gaan ? En mocht het toch niet bevallen , kan ik dan fe oude methode weer herstellen , of blijft dat ook beschikbaar ? Dan moet ik de tekst ,, shutdown...... ,, kopieeren of over typen , kan ik dat doen met knippen en plakken ?
-
Ik kan leuk met een computer omgaan , maar daar is dan ook alles mee gezegd .Dus volgens mij is het beter dat mijn vrouw maar lekker doorgaat met vangen. En ook dat zal haar op den duur ook beter af gaan . Maar ik had een hoopje dat ik op de een of andere manier dat afsluitgebeuren even naar de taakbalk kon slepen . dus m.a.w. ik geef me over , en ga het afsluiten
-
We komen verder . Als ik het goed heb , kom ik bij het poppetje met de naam van mij vrouw Maar dan krijg ik het volgende te zien : Accountafbeelding vergrendelen en afmelden Dus geen afsluiten zoals in de afbeelding
-
Wat betreft antwoord #2 , begrijp ik niet helemaal goed . Het leek mij de ideale oplossing , maar moet dat beter gaan als rechtsonder ? En die van Clarckie heb ik geprobeerd , en dan krijg ik een rijtje wat volgens mij de zelfde zijn als dat ik systeem aanklik Maar ik zie geen mogelijkheid om hier ergens te kunnen afsluiten Nog even terug , ik probeer dit ook even op windows 7 , en daar staat wel de mogelijkheid ,, afsluiten ,,
-
Ik heb nu een vraag , waarvan ik het antwoord eigenkijk al wel weet . Maar jullie hebben mij al zo vaak blij verrast , dus ....... Mijn vrouw heeft de grootste moeite met he t,,vangen ,, van het afsluit icoontje van windows 8 Dat moet ze dus doen rechtsonder in het hoekje van het beeldscherm En iedere keer als ze hem heeft en wil op afsuiten gaan staan met haar pijltje isdat ding weer weg Ik moet er soms wel om lachen , maar zij dus niet . Kan dat verandert worden , dat het net zo gemakkelijk gaat als op mijn windows 7 scherm ? Dus alles wat je bij windows 8 aan de zijkant tevoorschijn ziet komen gewoon ,,vast ,,onder in de taakbalk ?
-
Afdruk van een pdf bestand groter afgedrukt
bernard reageerde op bernard's topic in Archief Andere software
En die van Passer is nog mooier . Beste mensen ik ben hier echt blij mee . Bedankt -
Afdruk van een pdf bestand groter afgedrukt
bernard reageerde op bernard's topic in Archief Andere software
Deze is hartstikke mooi , en duidelijk . Ik ben zeer tevreden .
