Ga naar inhoud

Neymar

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    85

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Neymar

  1. Neymar
    Alles gaat goed. Prima, bedankt!
  2. Neymar
    in bijlage logje zoek-results.txt
  3. Neymar
    In bijlage de correcte. logGG.txt
  4. Neymar
    In bijlage mijn log. info.txt
  5. Neymar
    In bijlage mijn resultaten. AMWB.txt
  6. Neymar
    Voorafgaand had ik zelf ook scans uitgevoerd. In bijlage de resultaten. AdwCleanerR0.txt AdwCleanerR1.txt AdwCleanerR2.txt
  7. Neymar
    In bijlage de resultaten. gr AdwCleanerS2.txt
  8. Neymar
    Beste Onlangs krijg ik steeds bij het openen van mijn webbrowers een nieuwe tablad (luckysearches). Ik heb alvast een logje geplaatst. hijackthis.log
  9. Neymar
    Alles gaat beter! Bedankt!
  10. Neymar
    In bijlage mijn logje. AdwCleanerS1.txt
  11. Neymar
    In bijlage mijn logje. zoek-results.log
  12. Neymar
    Logfile of random's system information tool 1.10 (written by random/random) Run by Tench's desktop at 2015-01-02 18:57:24 Microsoft Windows 7 Ultimate System drive C: has 81 GB (17%) free of 477 GB Total RAM: 4094 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:57:31, on 2/01/2015 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Ralink\Common\RaUI.exe C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Users\TENCH'~1\AppData\Local\Temp\HouseCall\tmase\Inspect.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Tench's desktop.exe C:\Windows\SysWOW64\Wbem\wmic.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=062913 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file) O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk = ? O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YouTubeDownloaderConverter - Unknown owner - C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe (file missing) -- End of file - 11683 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE 0x300 C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "taskhost.exe" "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 8e5e6fce-f0a8-4e00-ad18-13cac4a6152c 1 "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s \??\C:\Windows\system32\conhost.exe "2031334055-707656869-7898019604745437949273608621951602756287700841625249152 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-16530185121212544505-1026983763-115481608362010020720734715216363701301106484098 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /notportable "C:\Program Files (x86)\Steam\Steam.exe" -silent "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 3000 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Ralink\Common\RaUI.exe" -s "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H "C:\Program Files (x86)\Popcorn Time\Updater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted WLIDSvcM.exe 3188 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2376C1ZF05MQ;CONNECTION=NW;MONITOR=1; "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="3440.0.1753439583\1300238931" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="3440.1.238213621\45654473" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="3440.2.435469840\1519441006" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="3440.3.156534363\866642832" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="3440.4.1877742100\150178230" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x05eb --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="3816.0.1734866271\1357651828" /prefetch:673131151 "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="3816.1.1988513493\1249706911" /prefetch:673131151 "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll" --no-sandbox --lang=en-US --channel="3816.2.375452191\1383017581" --lang=en-US --product-version="Valve Steam Client" /prefetch:-390060480 housecall.bin A9D0F727 A48C42FD C:\Users\TENCH'~1\AppData\Local\Temp\HouseCall\tmase\Inspect.exe -id 92DB2B7C-003E-003B-008C-00501FB28041 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "taskhost.exe" C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\Tench's desktop\Desktop\RSITx64(1).exe" wmic /output:"C:\Users\TENCH'~1\AppData\Local\Temp\TmEnv\volume_xml.1420221244.92DB2B7C-003E-003B-008C-00501FB28041.xml" volume get BlockSize,BootVolume,Capacity,Caption,Compressed,DriveLetter,DriveType,FileSystem,FreeSpace,IndexingEnabled,Label,SystemVolume /format:rawxml \??\C:\Windows\system32\conhost.exe "1731829232-4691905954051044061036921738-575326036-789397101253234678922917103 ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.246 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.246 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\ magicplayer@acestream.org {e001c731-5e37-4538-a5cb-8168736a2360} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-04 612248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] "XMouseButtonControl"=C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [2014-04-30 1261712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-11-18 1940160] "Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-09-06 4287536] "Spotify Web Helper"=C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-12-10 1676344] "Spotify"=C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe [2014-12-10 6737976] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3070 B611 series (NET)] C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-04 4085896] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Ralink Wireless Utility.lnk - C:\Program Files (x86)\Ralink\Common\RaUI.exe C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= [] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll "wave2"=wdmaud.drv "midi1"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-02 18:52:42 ----A---- C:\Windows\system32\drivers\tmcomm.sys 2015-01-02 18:51:02 ----D---- C:\Users\Tench's desktop\AppData\Roaming\QuickScan 2014-12-31 20:18:17 ----D---- C:\Program Files (x86)\CCleaner 2014-12-25 16:02:35 ----A---- C:\Windows\SYSWOW64\vp6vfw.dll 2014-12-25 16:01:26 ----D---- C:\ProgramData\Package Cache 2014-12-25 15:53:43 ----D---- C:\Program Files (x86)\The Sims 4 2014-12-21 14:30:36 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll 2014-12-21 14:30:36 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll 2014-12-21 14:30:36 ----A---- C:\Windows\system32\XAudio2_7.dll 2014-12-21 14:30:36 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2014-12-21 14:30:35 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2014-12-21 14:30:35 ----A---- C:\Windows\system32\xactengine3_7.dll 2014-12-21 14:30:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll 2014-12-21 14:30:34 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2014-12-21 14:30:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2014-12-21 14:30:32 ----A---- C:\Windows\system32\d3dcsx_43.dll 2014-12-21 14:30:29 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2014-12-21 13:53:57 ----D---- C:\Program Files (x86)\Rockstar Games 2014-12-14 19:07:58 ----D---- C:\Program Files (x86)\SimpleTV 2014-12-14 19:03:20 ----D---- C:\Users\Tench's desktop\AppData\Roaming\SimpleTV V03 2014-12-09 23:10:15 ----D---- C:\Program Files (x86)\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2015-01-02 18:57:29 ----D---- C:\Program Files\trend micro 2015-01-02 18:56:59 ----D---- C:\Windows\system32\config 2015-01-02 18:55:09 ----D---- C:\Windows\Temp 2015-01-02 18:53:39 ----D---- C:\Windows\system32\drivers 2015-01-02 18:52:41 ----D---- C:\Windows\Prefetch 2015-01-02 16:10:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-01-02 15:09:19 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Spotify 2015-01-02 15:08:07 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Dropbox 2015-01-02 15:06:15 ----D---- C:\Program Files (x86)\Steam 2015-01-02 15:05:48 ----D---- C:\ProgramData\NVIDIA 2015-01-01 13:42:10 ----SHD---- C:\System Volume Information 2015-01-01 13:07:12 ----D---- C:\Windows\inf 2015-01-01 13:05:01 ----AD---- C:\Windows 2014-12-31 20:21:16 ----D---- C:\Users\Tench's desktop\AppData\Roaming\uTorrent 2014-12-31 20:19:52 ----D---- C:\Users\Tench's desktop\AppData\Roaming\TeamViewer 2014-12-31 20:19:52 ----D---- C:\Users\Tench's desktop\AppData\Roaming\DAEMON Tools Lite 2014-12-31 20:19:34 ----D---- C:\Windows\Logs 2014-12-31 20:18:17 ----RD---- C:\Program Files (x86) 2014-12-31 20:12:57 ----D---- C:\Program Files\Defraggler 2014-12-31 19:53:57 ----D---- C:\Users\Tench's desktop\AppData\Roaming\vlc 2014-12-26 20:55:58 ----D---- C:\Program Files (x86)\CELO Enhanced 2014-12-25 16:02:35 ----D---- C:\Windows\SysWOW64 2014-12-25 16:02:34 ----SHD---- C:\Windows\Installer 2014-12-25 16:02:33 ----D---- C:\Windows\System32 2014-12-25 16:01:26 ----HD---- C:\ProgramData 2014-12-25 14:11:16 ----D---- C:\Program Files (x86)\Glyph 2014-12-23 16:29:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-12-21 14:29:20 ----RSD---- C:\Windows\assembly 2014-12-20 13:05:57 ----D---- C:\Program Files (x86)\The Walking Dead Survival Instinct 2014-12-15 19:52:44 ----D---- C:\Users\Tench's desktop\AppData\Roaming\.ACEStream 2014-12-12 17:35:13 ----D---- C:\Windows\system32\catroot2 2014-12-11 15:41:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-09 23:41:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-12-09 22:05:47 ----HD---- C:\_acestream_cache_ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-04 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-04 224896] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 70144] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-04 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-21 1041168] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-04 427360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-22 283200] R1 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2013-09-28 285208] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-04 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-04 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-04 92008] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2012-06-12 694888] R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 ALSysIO;ALSysIO; \??\C:\Users\TENCH'~1\AppData\Local\Temp\ALSysIO64.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-13 22336] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720] S3 netr28ux;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28ux.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760] S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-04 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-13 76888] R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936] R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 116648] S2 RaMediaServer;Ralink UPnP Media Server; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2011-08-18 625728] S2 YouTubeDownloaderConverter;YouTubeDownloaderConverter; C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-02-27 49152] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168] S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-13 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536] -----------------EOF-----------------
  13. Neymar
    Is mijn CPU-koeler verkeerd geplaatst?
  14. Neymar
    http://speccy.piriform.com/results/Rkw26fTMazQYkXGImwUaUv1 Ik had mijn PC zelf in elkaar gestoken. Waarschijnlijk is er iets verkeerd gelopen, zal ik foto's trekken van de binnenkant?
  15. Neymar
    Het is beter. Ik heb nog een vraag. Is het normaal dat de temperaturen van mijn processor in normale stand oplopen tot 60-65°C. Indien ik een spel speel loopt het op tot 85-90°C? (Q6600)
  16. Neymar
    [ATTACH]35425[/ATTACH] AdwCleaner[S0].txt
  17. Neymar
    [ATTACH]35367[/ATTACH] zoek-results.txt
  18. Neymar
    ------
  19. Neymar
    In bijlage mijn logje.[ATTACH]34974[/ATTACH] zoek-results.log
  20. Neymar
    Logfile of random's system information tool 1.10 (written by random/random) Run by Tench's desktop at 2014-08-21 15:48:25 Microsoft Windows 7 Ultimate System drive C: has 97 GB (20%) free of 477 GB Total RAM: 4094 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:48:32, on 21/08/2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Ralink\Common\RaUI.exe C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Tench's desktop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2376C1ZF05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk = ? O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YouTubeDownloaderConverter - Unknown owner - C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe (file missing) -- End of file - 12767 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE 0xd4 C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {E77E5642-50A2-4D33-A639-21185B063C0C} C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-564653573-572902538-1408715485-7162939572748625651190842512-364557674-254172472 "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /notportable "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2376C1ZF05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Tench's desktop\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files (x86)\Ralink\Common\RaUI.exe" -s "C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2376C1ZF05MQ;CONNECTION=NW;MONITOR=1; "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe" "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted WLIDSvcM.exe 3408 C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-73b00c28-afd5-4a0b-9c93-56379a15e2a2 -SystemEventPortName:HostProcess-128f3d88-a417-4808-b3d2-4338644ae233 -IoCancelEventPortName:HostProcess-c5264de3-a4b6-45c4-b44f-475d2caa707f -NonStateChangingEventPortName:HostProcess-ed1cd3dc-9de8-4600-be5a-94f508164ccb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:668e0377-6925-4765-b52b-9cfecfdedaf4 -DeviceGroupId:WpdFsGroup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2944.1.550531407\1969460074" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2944.2.1413122600\1726602570" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2944.3.1122585262\1472043789" /prefetch:673131151 "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="2944.4.1450301558\1005856088" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x05eb --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Steam\Steam.exe" "-silent" "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 6080 --blacklist-accelerated-compositing --process-per-tab "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical "C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2944.5.1119452174\29701483" /prefetch:673131151 "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="6136.0.1890181626\1189303200" /prefetch:673131151 "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="6136.1.1653091231\147467371" /prefetch:673131151 "C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=gpu-process --channel="6136.5.602121538\1821142415" --no-sandbox --lang=en-US --product-version="Valve Steam Client" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x05eb --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --lang=en-US --product-version="Valve Steam Client" /prefetch:822062411 "taskhost.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Defraggler\Defraggler64.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\Tench's desktop\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\ adremoveext@adremoveext.net {b9db16a4-6edc-47ec-a1f4-b86292ed211d} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-04 612248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-04 457712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}] Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] "XMouseButtonControl"=C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [2014-04-30 1261712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-08-14 1937600] "Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-09-06 4287536] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] "Spotify Web Helper"=C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-05 1178168] "Spotify"=C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe [2014-07-05 6162488] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-04 4085896] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Ralink Wireless Utility.lnk - C:\Program Files (x86)\Ralink\Common\RaUI.exe C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll "wave2"=wdmaud.drv "midi1"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-08-21 15:48:25 ----D---- C:\rsit 2014-08-16 19:19:37 ----D---- C:\Users\Tench's desktop\AppData\Roaming\SimpleTV V03 2014-08-16 19:19:04 ----D---- C:\Program Files (x86)\SimpleTV 2014-08-15 19:25:02 ----A---- C:\Windows\system32\sdnclean64.exe 2014-08-15 19:24:50 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-08-04 19:48:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys 2014-08-04 19:47:52 ----A---- C:\Windows\avastSS.scr 2014-07-30 20:47:21 ----D---- C:\ArcheAge 2014-07-30 16:07:00 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-07-30 14:48:52 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-07-30 14:48:42 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-07-30 14:48:42 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-07-30 14:48:41 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-27 19:26:17 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Highresolution Enterprises 2014-07-27 19:26:15 ----D---- C:\Program Files\Highresolution Enterprises 2014-07-25 23:18:59 ----D---- C:\ProgramData\Glyph 2014-07-25 23:18:56 ----D---- C:\Program Files (x86)\Glyph ======List of files/folders modified in the last 1 month====== 2014-08-21 15:48:30 ----D---- C:\Windows\Prefetch 2014-08-21 15:48:29 ----D---- C:\Windows\Temp 2014-08-21 15:48:29 ----D---- C:\Program Files\trend micro 2014-08-21 15:42:00 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Spotify 2014-08-21 15:34:11 ----D---- C:\Users\Tench's desktop\AppData\Roaming\TS3Client 2014-08-21 15:13:23 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Skype 2014-08-21 14:35:30 ----D---- C:\Program Files (x86)\Steam 2014-08-21 14:23:28 ----D---- C:\Windows\system32\config 2014-08-21 14:16:53 ----D---- C:\Windows\system32\Tasks 2014-08-21 14:14:25 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Dropbox 2014-08-21 14:10:51 ----D---- C:\ProgramData\NVIDIA 2014-08-21 03:10:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-08-20 00:35:20 ----SHD---- C:\System Volume Information 2014-08-19 16:55:43 ----SHD---- C:\Windows\Installer 2014-08-19 16:55:05 ----D---- C:\ProgramData\Skype 2014-08-19 16:54:57 ----RD---- C:\Program Files (x86)\Skype 2014-08-19 16:54:57 ----D---- C:\Program Files (x86)\Common Files 2014-08-17 15:02:28 ----D---- C:\Users\Tench's desktop\AppData\Roaming\vlc 2014-08-17 01:00:12 ----AD---- C:\Windows 2014-08-17 01:00:09 ----D---- C:\Windows\inf 2014-08-16 20:35:51 ----D---- C:\Users\Tench's desktop\AppData\Roaming\uTorrent 2014-08-16 19:19:04 ----RD---- C:\Program Files (x86) 2014-08-16 01:16:04 ----D---- C:\Windows\system32\drivers 2014-08-15 19:25:09 ----SD---- C:\ProgramData\Microsoft 2014-08-15 19:25:02 ----D---- C:\Windows\System32 2014-08-15 19:24:33 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2014-08-09 23:17:28 ----D---- C:\Program Files (x86)\Football Manager 2014 2014-08-04 19:47:53 ----A---- C:\Windows\system32\aswBoot.exe 2014-07-31 11:24:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-30 14:48:45 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Malwarebytes 2014-07-30 14:48:42 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-07-30 14:48:41 ----D---- C:\ProgramData\Malwarebytes 2014-07-30 13:43:33 ----D---- C:\Users\Tench's desktop\AppData\Roaming\DAEMON Tools Lite 2014-07-30 13:43:12 ----D---- C:\Windows\Logs 2014-07-29 01:11:43 ----D---- C:\Windows\Tasks 2014-07-27 19:26:15 ----D---- C:\Program Files 2014-07-26 11:05:43 ----D---- C:\Windows\system32\catroot2 2014-07-25 23:39:56 ----D---- C:\Windows\Microsoft.NET 2014-07-25 23:18:59 ----HD---- C:\ProgramData 2014-07-25 23:13:09 ----D---- C:\Windows\SysWOW64 2014-07-25 23:13:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-07-25 23:13:00 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-25 23:10:55 ----RSD---- C:\Windows\assembly 2014-07-25 23:06:51 ----D---- C:\Windows\SYSWOW64\en-US 2014-07-25 23:06:51 ----D---- C:\Windows\system32\en-US ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-04 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-04 224896] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 70144] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-04 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-04 1041168] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-04 427360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-22 283200] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-04 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-04 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-04 92008] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2012-06-12 694888] R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-13 22336] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720] S3 netr28ux;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28ux.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760] S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-04 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-14 76888] R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 116648] S2 RaMediaServer;Ralink UPnP Media Server; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2011-08-18 625728] S2 YouTubeDownloaderConverter;YouTubeDownloaderConverter; C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-02-27 49152] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168] S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408] S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-13 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536] -----------------EOF-----------------
  21. Neymar
    Cava stukken beter! Bedankt
  22. Neymar
    # AdwCleaner v3.016 - Report created 08/01/2014 at 10:21:57 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Ultimate (64 bits) # Username : Tench's desktop - TENCHSDESKTOP # Running from : C:\Users\Tench's desktop\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater Key Deleted : HKCU\Software\52558b8be23be844 Key Deleted : HKLM\SOFTWARE\52558b8be23be844 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FDBBC21-E399-4542-B4CE-86326E1F0727} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BADB1512-759C-4792-A18A-DD6BDC4E1991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9156C8F9-B397-4DEF-8AC5-5966221A134A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Myfree Codec Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Driver-Soft Key Deleted : HKLM\Software\Myfree Codec Key Deleted : HKLM\Software\PIP Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\prefs.js ] ************************* AdwCleaner[R0].txt - [5324 octets] - [08/01/2014 10:21:05] AdwCleaner[s0].txt - [5211 octets] - [08/01/2014 10:21:57] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5271 octets] ##########
  23. Neymar
    Zoek.exe v5.0.0.0 Updated 05-Januari-2014 Tool run by Tench's desktop on di 07/01/2014 at 21:04:19,32. Microsoft Windows 7 Ultimate 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tench's desktop\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7/01/2014 21:05:59 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\Bf 4 deleted successfully C:\PROGRA~2\eFusion deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\Ralink deleted successfully C:\Users\Tench's desktop\AppData\Roaming\Betcat deleted successfully C:\Users\Tench's desktop\AppData\Roaming\Mouse Recorder Pro deleted successfully C:\Users\Tench's desktop\AppData\Local\Adobe deleted successfully C:\Users\Tench's desktop\AppData\Local\WarThunder deleted successfully C:\Users\Tench's desktop\AppData\Local\xulrunner deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "9cebf745000000000000f8d111166d01"); user_pref("extensions.delta.instlDay", "15807"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.16.16"); user_pref("extensions.delta.vrsnTs", "1.8.16.1614:46:33"); user_pref("extensions.delta.vrsni", "1.8.16.16"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "9cebf745000000000000f8d111166d01"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15807"); user_pref("extensions.delta.vrsn", "1.8.16.16"); user_pref("extensions.delta.vrsni", "1.8.16.16"); user_pref("extensions.delta.vrsnTs", "1.8.16.1614:46:33"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- FireFox user.js and prefs.js backups ---- user_20140701_2114_.backup prefs_20140701_2114_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Driver Genius"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\OApps deleted C:\PROGRA~2\BitLord 2 deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\MyFree Codec deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~2\Driver-Soft deleted C:\Users\Tench's desktop\AppData\Roaming\BitLord deleted C:\ProgramData\BrowserProtect deleted C:\ProgramData\APN deleted C:\ProgramData\Package Cache deleted C:\Users\Tench's desktop\AppData\Local\SwvUpdater deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted C:\Users\Tench's desktop\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Tench's desktop\AppData\LocalLow\ADSRemoval deleted C:\Users\Tench's desktop\AppData\LocalLow\Delta deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Tench's desktop\Documents\BitLord deleted C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\searchplugins\search-here.xml deleted C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\Invalidprefs.js deleted C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\adsremoval@adsremoval.net deleted "C:\Windows\tasks\AutoKMS.job" deleted "C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe" deleted "C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies" not deleted "C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-01-07 10:19:47 DA256F9F53336B560201CDEFEAE35320 380928 ----a-w- C:\Windows\RtlUI2.exe 2014-01-07 10:19:47 678C7EA24776534FF6DDF491A4F86005 901 ----a-w- C:\Windows\RtlUI2.exe.manifest ====== C:\Users\TENCH'~1\AppData\Local\Temp ==== 2014-01-07 10:18:50 CFA80AD59ABFCAA79B7E9A76D1FC2625 399976 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\{C0CDB5CA-D00B-46F8-A787-5D61122535F0}\Setup.exe 2014-01-01 12:37:47 F92067543402AF7026A45B413646ACBF 4327024 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\Foxit Updater.exe ====== Java Cache ===== 2013-12-18 18:02:29 0E31FC62B1F337C76A3560C98E8C43B8 100 ----a-w- C:\Users\Tench's desktop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3d2024a1-6.0.lap 2013-12-18 18:02:30 84AF060A801363C7BB31C9A36EBDB9ED 379958 ----a-w- C:\Users\Tench's desktop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\611ba3b0-4209924d ====== C:\Windows\SysWOW64 ===== 2014-01-07 10:19:46 00D8BA2934C8B2EC7137C88B8C96F122 614400 ----a-w- C:\Windows\SysWOW64\Rtlihvs.dll 2014-01-07 10:19:45 9FCED27FC13C71D6DB2E1CE56BBAA30C 188416 ----a-w- C:\Windows\SysWOW64\RTLExtUI.dll 2014-01-07 10:19:43 6B7D1357B144F6FEE941FF1B97F4C5D3 451072 ----a-w- C:\Windows\SysWOW64\ISSRemoveSP.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-01-07 10:20:26 B3F36B4B3F192EA87DDC119F3A0B3E45 694888 ----a-r- C:\Windows\Sysnative\drivers\rtl8192su.sys ====== C:\Windows\Tasks ====== 2014-01-07 14:04:41 20C8774BDE73D2F4154E0B020BBDD54D 3850 ----a-w- C:\Windows\Sysnative\Tasks\CommView for WiFi Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-07 18:54:54 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-01-07 14:04:25 -------- d-----w- C:\PROGRA~2\CommViewWiFi 2013-12-21 13:03:18 -------- d-----w- C:\PROGRA~2\IObit 2013-12-19 15:23:41 -------- d-----w- C:\PROGRA~2\The Walking Dead Survival Instinct ======= C: ===== ====== C:\Users\Tench's desktop\AppData\Roaming ====== 2014-01-05 14:50:45 -------- d-----w- C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\coh2.org 2014-01-05 14:49:33 -------- d-----w- C:\Users\Tench's desktop\AppData\Local\Apps 2014-01-05 14:49:31 -------- d-----w- C:\Users\Tench's desktop\AppData\Local\Deployment 2013-12-25 18:41:08 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Tench's desktop\AppData\Local\recently-used.xbel 2013-12-21 13:03:33 -------- d-----w- C:\Users\Tench's desktop\AppData\Local\Google 2013-12-21 13:03:23 -------- d-----w- C:\Users\Tench's desktop\AppData\Roaming\IObit ====== C:\Users\Tench's desktop ====== 2014-01-07 18:54:32 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tench's desktop\Downloads\RSITx64.exe 2014-01-07 14:04:39 -------- d-----w- C:\ProgramData\TamoSoft 2014-01-07 14:04:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommView for WiFi 2014-01-07 10:20:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK 11n USB Wireless LAN Utility 2014-01-05 14:48:48 71F2F5ED736B643C260DACBFA84735A2 488824 ----a-w- C:\Users\Tench's desktop\Downloads\setup(1).exe 2013-12-25 20:35:31 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop 2013-12-21 13:03:29 -------- d-----w- C:\ProgramData\IObit 2013-12-21 13:03:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2013-12-12 15:20:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast ====== C: exe-files == 2014-01-07 18:54:55 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tench's desktop.exe 2014-01-07 18:54:32 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tench's desktop\Downloads\RSITx64.exe 2014-01-07 14:04:25 75350B1A556815DDD41A0002EA1A3B60 314000 ----a-w- C:\Program Files (x86)\CommViewWiFi\Uninst_CommViewWiFi.exe 2014-01-07 10:20:43 F9AE814DFFBA008F94043C5E5450D290 463872 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\RtlDisableICS.exe 2014-01-07 10:20:43 CFA80AD59ABFCAA79B7E9A76D1FC2625 399976 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\_SETUP.EXE 2014-01-07 10:20:43 451E548B8B98D123F709D805A45E1B1C 35432 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\Install.exe 2014-01-07 10:19:51 CD2DC6530F8941FB2C7AFF45C9626A48 219136 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Run1X.exe 2014-01-07 10:19:51 3EF46CDBA420E542866B5563E2F6001E 28672 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\UserCom.exe 2014-01-07 10:19:51 0202B5E95275E5693B289A0B0B857262 8192 ----a-r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\x64drv.exe 2014-01-07 10:19:49 C47CDBB681656B57E830283C86CA990F 1167360 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe 2014-01-07 10:19:49 846AB8DD805DC477FA5C61B6A7125BDA 20480 ----a-r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\DESKTOP.exe 2014-01-07 10:19:48 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RTLDHCP.exe 2014-01-07 10:19:48 EA569D48B2E755AF6D96F03F3335D98A 36864 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe 2014-01-07 10:19:48 B3829E90D864492DDD26FC6EE3EC0D27 57344 ----a-r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\WPSProt.exe 2014-01-07 10:19:48 83B6CDFE5DA9E62C7D57221710D95FCA 24576 ----a-r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RTxAdmin.exe 2014-01-07 10:19:48 0210212465428BDC95E25AC20C78945A 28672 ----a-r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\ReStart.exe 2014-01-07 10:19:47 DA256F9F53336B560201CDEFEAE35320 380928 ----a-w- C:\Windows\RtlUI2.exe 2014-01-07 10:19:45 BC1BDF597FAF5B7D188F2B2302A93008 97792 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Driver\SetDrv64.exe 2014-01-07 10:19:45 22779A40E7BE7CBEBB30C58250501B8F 88064 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Driver\SetVistaDrv64.exe 2014-01-07 10:19:43 CFA80AD59ABFCAA79B7E9A76D1FC2625 399976 ------w- C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\setup.exe 2014-01-07 10:19:43 6B7D1357B144F6FEE941FF1B97F4C5D3 451072 ----a-w- C:\Windows\SysWOW64\ISSRemoveSP.exe 2014-01-07 10:18:50 CFA80AD59ABFCAA79B7E9A76D1FC2625 399976 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\{C0CDB5CA-D00B-46F8-A787-5D61122535F0}\Setup.exe 2014-01-05 14:50:44 40AA7207029BAC542148855F4D4268BB 1525248 ------w- C:\Users\Tench's desktop\AppData\Local\Apps\2.0\HGOKHAP5.JHY\WW3ZWARJ.1ZK\coh2..tion_0b17d440a9c12b72_0001.0000_ed3c1812abb9de12\CoH2RA.exe 2014-01-05 14:48:48 71F2F5ED736B643C260DACBFA84735A2 488824 ----a-w- C:\Users\Tench's desktop\Downloads\setup(1).exe 2014-01-01 12:37:47 F92067543402AF7026A45B413646ACBF 4327024 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\Foxit Updater.exe 2013-12-31 21:21:18 A80190F73FA30312A157211A0E23BF8B 3098896 ----a-w- C:\Users\Tench's desktop\AppData\Local\NVIDIA\NvBackend\Packages\000056bd\dao.17562149.exe === C: other files == 2014-01-07 14:03:40 DC7716197EB01508FC1259CABCA458C1 45820226 ----a-w- C:\Users\Tench's desktop\Downloads\ca7.zip 2014-01-07 10:20:26 B3F36B4B3F192EA87DDC119F3A0B3E45 694888 ----a-r- C:\Windows\System32\drivers\rtl8192su.sys 2014-01-07 10:20:25 B3F36B4B3F192EA87DDC119F3A0B3E45 694888 ------r- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Driver\rtl8192su.sys 2014-01-07 10:19:48 C61FCA8A9AD990DF6524B459A9F46F5A 292 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\PUBLIC.vbs 2014-01-07 10:19:48 1614AF4ABFB00D8A61BD3A904FFC5169 294 ----a-w- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\PRIVATE.vbs ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN2376C1ZF05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN2376C1ZF05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Pando Media Booster" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpybotSD TeaTimer" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2013-04-13 21:47:37 1026 ----a-w- C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-04-14 10:41:26 1956 ----a-w- C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk 2013-04-13 15:59:30 1037 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk 2013-04-13 21:15:20 2000 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/12/2013 20:42] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CommView for WiFi Update" [C:\Program Files (x86)\CommViewWiFi\Updater.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12/12/2013 16:20] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{0F827075-B026-42F3-885D-98981EE7B1AE}"="C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - YouTube to MP3 Button - %ProfilePath%\extensions\flvto@hotger.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[] Ads Removal - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod ==== Chrome Fix ====================== C:\Users\Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=062913" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www1.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=9CEBF8D111166D01" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www1.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=9CEBF8D111166D01" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=062913" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Mozilla\Firefox\Extensions\{0F827075-B026-42F3-885D-98981EE7B1AE} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tench's desktop\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Tench's desktop\AppData\Local\Mozilla\Firefox\Profiles\6ov7f7n4.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9681 folders=998 87470989221 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Tench's desktop\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\TENCH'~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies" not found ==== EOF on di 07/01/2014 at 22:56:25,21 ======================
  24. Neymar
    Beste Onlangs is mijn pc erg traag geworden, het begint me te ergeren. In ieder geval, hier mijn logje. Logfile of random's system information tool 1.09 (written by random/random) Run by Tench's desktop at 2014-01-07 19:54:54 Microsoft Windows 7 Ultimate System drive C: has 133 GB (28%) free of 477 GB Total RAM: 4094 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:55:00, on 7/01/2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Ralink\Common\RaUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Tench's desktop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2376C1ZF05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk = ? O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe O4 - Global Startup: TP-LINK Wireless Client Utility.lnk = C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YouTubeDownloaderConverter - Unknown owner - C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe -- End of file - 11491 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe taskeng.exe {E031C3B0-EF26-4362-AF60-F3E3BD481942} C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe" "C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-1865343935-246423997-1591804150-17724261522595372041602990749-1158845084-945794342 "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"ఁ㔅င"C:\셄緛㔆棐ɱ "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2376C1ZF05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 "C:\Program Files (x86)\Ralink\Common\RaUI.exe" -s "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe" -s "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2376C1ZF05MQ;CONNECTION=NW;MONITOR=1; "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe" "C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation WLIDSvcM.exe 3676 C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-31d35bba-b835-4fe5-a9e9-62859678350e -SystemEventPortName:HostProcess-d3671293-9214-4d7f-9ac2-d06ef770c731 -IoCancelEventPortName:HostProcess-d7b65013-a642-4d78-958b-ba88b476e95e -NonStateChangingEventPortName:HostProcess-f62ec1b9-8800-4e99-98f2-7ae9718bf459 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c345bf6e-86e4-4e0f-aaeb-9537c789310c -DeviceGroupId:WpdFsGroup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\AUDIODG.EXE 0x688 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\Tench's desktop\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AutoKMS.job =========Mozilla firefox========= ProfilePath - C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\ adsremoval@adsremoval.net {b9db16a4-6edc-47ec-a1f4-b86292ed211d} C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\searchplugins\ search-here.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-12 1567016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}] SelectionLinks - C:\Program Files (x86)\OApps\SelectionLinks.dll [2013-05-14 483840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-12 606544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-12 1567016] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-12 606544] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-11-29 1096480] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-11-29 2273056] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-04-23 1561968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-04-23 311152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-09-06 4287536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] C:\Program Files (x86)\Steam\Steam.exe [2013-12-11 1823656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Driver Genius"= [] "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-12 3568312] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Ralink Wireless Utility.lnk - C:\Program Files (x86)\Ralink\Common\RaUI.exe TP-LINK Wireless Client Utility.lnk - C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Tench's desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll "wave2"=wdmaud.drv "midi1"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-07 19:54:54 ----D---- C:\rsit 2014-01-07 19:54:54 ----D---- C:\Program Files\trend micro 2014-01-07 15:04:39 ----D---- C:\ProgramData\TamoSoft 2014-01-07 15:04:25 ----D---- C:\Program Files (x86)\CommViewWiFi 2014-01-07 11:20:26 ----RA---- C:\Windows\system32\drivers\rtl8192su.sys 2014-01-07 11:19:47 ----A---- C:\Windows\RtlUI2.exe 2014-01-07 11:19:46 ----A---- C:\Windows\SYSWOW64\Rtlihvs.dll 2014-01-07 11:19:45 ----A---- C:\Windows\SYSWOW64\RTLExtUI.dll 2014-01-07 11:19:43 ----A---- C:\Windows\SYSWOW64\ISSRemoveSP.exe 2013-12-21 14:03:29 ----D---- C:\ProgramData\IObit 2013-12-21 14:03:23 ----D---- C:\Users\Tench's desktop\AppData\Roaming\IObit 2013-12-21 14:03:18 ----D---- C:\Program Files (x86)\IObit 2013-12-20 16:33:59 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-12-19 21:25:08 ----D---- C:\steamapps 2013-12-19 16:23:41 ----D---- C:\Program Files (x86)\The Walking Dead Survival Instinct 2013-12-12 19:09:07 ----D---- C:\Users\Tench's desktop\AppData\Roaming\AVAST Software ======List of files/folders modified in the last 1 month====== 2014-01-07 19:55:00 ----D---- C:\Windows\Prefetch 2014-01-07 19:54:58 ----D---- C:\Windows\Temp 2014-01-07 19:54:54 ----RD---- C:\Program Files 2014-01-07 19:43:50 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Dropbox 2014-01-07 19:35:11 ----D---- C:\Windows\system32\config 2014-01-07 19:30:48 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-01-07 18:44:11 ----D---- C:\ProgramData\NVIDIA 2014-01-07 15:08:04 ----D---- C:\Windows\system32\drivers 2014-01-07 15:08:04 ----D---- C:\Windows\inf 2014-01-07 15:08:02 ----D---- C:\Windows\system32\DriverStore 2014-01-07 15:08:02 ----D---- C:\Windows\system32\catroot 2014-01-07 15:07:58 ----SHD---- C:\System Volume Information 2014-01-07 15:06:33 ----AD---- C:\Windows 2014-01-07 15:04:41 ----D---- C:\Windows\system32\Tasks 2014-01-07 15:04:39 ----HD---- C:\ProgramData 2014-01-07 15:04:25 ----RD---- C:\Program Files (x86) 2014-01-07 12:32:46 ----D---- C:\Program Files (x86)\Steam 2014-01-07 11:20:54 ----SHD---- C:\Windows\Installer 2014-01-07 11:19:47 ----D---- C:\Windows\SysWOW64 2014-01-07 11:19:44 ----D---- C:\Program Files (x86)\Realtek 2014-01-07 11:19:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-01-02 15:58:46 ----D---- C:\Users\Tench's desktop\AppData\Roaming\vlc 2014-01-01 21:47:57 ----D---- C:\Users\Tench's desktop\AppData\Roaming\DAEMON Tools Lite 2014-01-01 21:46:24 ----D---- C:\Windows\Minidump 2013-12-28 14:00:47 ----D---- C:\Windows\System32 2013-12-28 14:00:47 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-27 22:17:12 ----D---- C:\Windows\system32\catroot2 2013-12-27 01:25:18 ----D---- C:\Users\Tench's desktop\AppData\Roaming\Skype 2013-12-26 18:25:17 ----D---- C:\ProgramData\Skype 2013-12-26 18:25:15 ----RD---- C:\Program Files (x86)\Skype 2013-12-25 21:39:06 ----D---- C:\Users\Tench's desktop\AppData\Roaming\TeamViewer 2013-12-25 21:35:46 ----RSD---- C:\Windows\Fonts 2013-12-25 21:35:31 ----D---- C:\Program Files (x86)\TeamViewer 2013-12-25 19:40:52 ----A---- C:\Users\Tench's desktop\AppData\Roaming\bitlord_log.txt 2013-12-21 11:34:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-19 13:57:26 ----D---- C:\Movies 2013-12-16 14:37:09 ----D---- C:\Users\Tench's desktop\AppData\Roaming\BitLord 2013-12-12 16:20:02 ----D---- C:\Windows\winsxs 2013-12-12 16:19:59 ----A---- C:\Windows\system32\aswBoot.exe 2013-12-12 16:18:11 ----D---- C:\ProgramData\AVAST Software 2013-12-10 20:42:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-12-08 19:33:40 ----D---- C:\Users\Tench's desktop\AppData\Roaming\TS3Client ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-12 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-12 205320] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 70144] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-12 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-12 1032416] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-12 409832] R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-12-12 65264] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-22 283200] R1 TsLwWfF;WiFi Capture Driver; C:\Windows\system32\DRIVERS\TsLwWfF.sys [2013-07-26 29384] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-12-12 38984] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-12 84328] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-10-30 39200] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2012-06-12 694888] R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-13 22336] S3 netr28ux;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28ux.sys [2011-03-29 1547616] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760] S3 WinUsb;WinUSB - Kernel Driver 02/28/2012 6.1.7600.16385; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-12 50344] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-11-29 1370912] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-29 15128352] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912] R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe [2011-03-14 374112] R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe [2011-03-14 451936] R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R2 YouTubeDownloaderConverter;YouTubeDownloaderConverter; C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies\Free YouTube Downloader Converter\CertifiedBrowserService.exe [2013-07-12 104448] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 RaMediaServer;Ralink UPnP Media Server; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2011-08-18 625728] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-13 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  25. Neymar
    ... probleem is solved... het was in de bios uitgeschakeld :S.. dank je voor de hulp!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.