Laptop traag

[kape]

bij nader inzien zijn de 'linken' nog niet verdwenen...

Maak dan nu eens opnieuw een logje met RSIT (zie vroeger). 23 november 2014 aangepast door kape

[Notroch]

Logfile of random's system information tool 1.10 (written by random/random)

Run by Yasser at 2014-11-23 15:59:41

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 197 GB (29%) free of 686 GB

Total RAM: 7658 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:59:44, on 23/11/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17420)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Users\Yasser\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\SupTab\HpUI.exe

C:\Program Files (x86)\SupTab\Loader32.exe

C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe

C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe

C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe

C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe

C:\Program Files\trend micro\Yasser.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: hpqtra08.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.line6.net

O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe

O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe

O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 18968 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

winlogon.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\IDT\WDM\STacSV64.exe"

atieclxx

C:\Windows\system32\Hpservice.exe

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7142ccdc-ba9e-45e4-8cd8-41be84de44dd -SystemEventPortName:HostProcess-182b3bbd-0e80-47af-9c3c-49a12381959e -IoCancelEventPortName:HostProcess-31d84cc0-fbe9-4fa3-bd58-56db9dd3ee2f -NonStateChangingEventPortName:HostProcess-2219909b-31d7-4773-befa-eb02dcb77901 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:38ae411b-736a-43fb-bcf1-baf237515069 -DeviceGroupId:

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 14324528

\??\C:\Windows\system32\conhost.exe "100221743793832289151065741715533022521051256584179538402918022137021396618730

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

"taskhost.exe"

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe" -PermissionManagerRun

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\IDT\WDM\AESTSr64.exe"

"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService

"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"

C:\Windows\SysWOW64\ezSharedSvcHost.exe

"C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe"

"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"

"C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe"

"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"

C:\Windows\SysWOW64\PnkBstrA.exe

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Popcorn Time\Updater.exe"

"C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 3148

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe" -e5

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe"

"C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"

"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"

"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding

"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3300 series#1381079781" -Startup

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Users\Yasser\AppData\Roaming\Dropbox\bin\Dropbox.exe" /home

C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service

C:\ProgramData\IePluginServices\PluginService.exe -service

"C:\Program Files (x86)\SupTab\HpUI.exe" -run

"C:\Program Files (x86)\SupTab\Loader64.exe"

"C:\Program Files (x86)\SupTab\Loader32.exe"

taskeng.exe {B6D73140-E59D-4B69-96B1-144AD382D1AE}

"C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe"

taskeng.exe {9F58A89F-07B9-43B6-9759-601F5B128E94}

"C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe" -Embedding

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c

"C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe"

"C:\Program Files\Sony\Vegas Pro 12.0\ErrorReportLauncher.exe"

"C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe" 1033

"C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe" -Event SonyVstServerEvent_11148 -Vendor "Sony Creative Software" -Product "Vegas Pro 12.0"

"C:\Users\Yasser\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\HPCeeScheduleForYasser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForYasser (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.google.be/"

prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.223 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]

"Description"=WildTangent Games App Presence Detector Plugin

"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.223 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

websitelogon@truesuite.com

C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\

2020Player_IKEA@2020Technologies.com

wUM2@U1ElYj.edu

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}]

Virtual Storage Mount Notification - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]

SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26 1763656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}]

Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll [2011-12-02 158224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]

SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-17 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26 1613640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-29 1425408]

"SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-09-30 43320]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

""= []

"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [2014-10-15 8925504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LaCie Desktop Manager Startup"=C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe [2012-10-10 3460608]

"AdobeBridge"= []

"Google Update"=C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648]

"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

"Google+ Auto Backup"=C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]

"Facebook Update"=C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-11 138096]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-28 343168]

"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-10-08 169528]

"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]

"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408]

"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"daemontoolslite"= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]

Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"notification packages"=scecli

C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"HideFastUserSwitching"=0

"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux1"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave7"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"aux4"=wdmaud.drv

"wave8"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave9"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

"wave4"=wdmaud.drv

"aux5"=wdmaud.drv

"wave5"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux2"=wdmaud.drv

"wave6"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-22 15:01:04 ----D---- C:\ProgramData\IePluginServices

2014-11-22 15:00:59 ----D---- C:\Program Files (x86)\SupTab

2014-11-22 15:00:53 ----D---- C:\ProgramData\WindowsMangerProtect

2014-11-22 14:59:24 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys

2014-11-22 14:59:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite

2014-11-20 20:07:11 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys

2014-11-20 20:06:50 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mwac.sys

2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys

2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-11-19 06:26:53 ----A---- C:\Windows\SYSWOW64\pku2u.dll

2014-11-19 06:26:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2014-11-19 06:26:53 ----A---- C:\Windows\system32\pku2u.dll

2014-11-19 06:26:53 ----A---- C:\Windows\system32\kerberos.dll

2014-11-17 22:56:37 ----D---- C:\Users\Yasser\AppData\Roaming\NCH Software

2014-11-16 22:30:41 ----D---- C:\Users\Yasser\AppData\Roaming\Lavasoft

2014-11-16 21:53:43 ----D---- C:\ProgramData\BitDefender

2014-11-16 21:47:36 ----A---- C:\Windows\system32\bdnc.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\OEMbdpredir.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\httproxy.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdsmtpp.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdpredir.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdpop3p.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdfwcore.dll

2014-11-16 21:47:34 ----A---- C:\Windows\system32\BdFirewallSDK.dll

2014-11-16 21:46:04 ----D---- C:\Program Files\Lavasoft

2014-11-16 21:45:21 ----D---- C:\Program Files\Common Files\Lavasoft

2014-11-16 21:44:44 ----D---- C:\ProgramData\Lavasoft

2014-11-16 21:05:08 ----D---- C:\Users\Yasser\AppData\Roaming\Antares

2014-11-16 20:47:04 ----D---- C:\Users\Yasser\AppData\Roaming\Publish Providers

2014-11-13 08:34:38 ----A---- C:\Windows\system32\oleaut32.dll

2014-11-13 08:34:37 ----A---- C:\Windows\SYSWOW64\oleaut32.dll

2014-11-13 08:34:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll

2014-11-13 08:34:30 ----A---- C:\Windows\system32\termsrv.dll

2014-11-13 08:34:30 ----A---- C:\Windows\system32\lsasrv.dll

2014-11-13 08:34:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2014-11-13 08:34:30 ----A---- C:\Windows\system32\adtschema.dll

2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\secur32.dll

2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll

2014-11-13 08:34:29 ----A---- C:\Windows\system32\msaudite.dll

2014-11-13 08:34:25 ----A---- C:\Windows\system32\msxml3.dll

2014-11-13 08:34:24 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-11-13 08:34:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-11-13 08:34:24 ----A---- C:\Windows\system32\msxml3r.dll

2014-11-13 08:34:23 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL

2014-11-13 08:34:23 ----A---- C:\Windows\system32\IMJP10K.DLL

2014-11-13 08:34:21 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll

2014-11-13 08:34:21 ----A---- C:\Windows\system32\audiosrv.dll

2014-11-13 08:34:21 ----A---- C:\Windows\system32\AUDIOKSE.dll

2014-11-13 08:34:20 ----A---- C:\Windows\SYSWOW64\AudioSes.dll

2014-11-13 08:34:20 ----A---- C:\Windows\SYSWOW64\AudioEng.dll

2014-11-13 08:34:20 ----A---- C:\Windows\system32\EncDump.dll

2014-11-13 08:34:20 ----A---- C:\Windows\system32\AudioSes.dll

2014-11-13 08:34:20 ----A---- C:\Windows\system32\AudioEng.dll

2014-11-13 08:34:17 ----A---- C:\Windows\system32\schannel.dll

2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\wdigest.dll

2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\schannel.dll

2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll

2014-11-13 08:34:16 ----A---- C:\Windows\system32\wdigest.dll

2014-11-13 08:34:16 ----A---- C:\Windows\system32\TSpkg.dll

2014-11-13 08:34:16 ----A---- C:\Windows\system32\ncrypt.dll

2014-11-13 08:34:16 ----A---- C:\Windows\system32\msv1_0.dll

2014-11-13 08:34:15 ----A---- C:\Windows\SYSWOW64\credssp.dll

2014-11-13 08:34:15 ----A---- C:\Windows\system32\credssp.dll

2014-11-13 08:34:07 ----A---- C:\Windows\SYSWOW64\packager.dll

2014-11-13 08:34:07 ----A---- C:\Windows\system32\packager.dll

2014-11-13 08:34:06 ----A---- C:\Windows\system32\win32k.sys

2014-11-13 08:34:05 ----A---- C:\Windows\system32\generaltel.dll

2014-11-13 08:34:05 ----A---- C:\Windows\system32\aepdu.dll

2014-11-13 08:34:04 ----A---- C:\Windows\system32\aeinv.dll

2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-11-13 08:34:01 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-11-13 08:34:01 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-11-13 08:34:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-11-13 08:34:00 ----A---- C:\Windows\system32\iernonce.dll

2014-11-13 08:34:00 ----A---- C:\Windows\system32\ie4uinit.exe

2014-11-13 08:33:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-11-13 08:33:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-11-13 08:33:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-11-13 08:33:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-11-13 08:33:58 ----A---- C:\Windows\system32\urlmon.dll

2014-11-13 08:33:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-11-13 08:33:58 ----A---- C:\Windows\system32\iedkcs32.dll

2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-11-13 08:33:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-11-13 08:33:57 ----A---- C:\Windows\system32\msfeeds.dll

2014-11-13 08:33:57 ----A---- C:\Windows\system32\dxtrans.dll

2014-11-13 08:33:56 ----A---- C:\Windows\system32\iesetup.dll

2014-11-13 08:33:56 ----A---- C:\Windows\system32\ieapfltr.dll

2014-11-13 08:33:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-11-13 08:33:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-11-13 08:33:55 ----A---- C:\Windows\system32\iertutil.dll

2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-11-13 08:33:54 ----A---- C:\Windows\system32\jsproxy.dll

2014-11-13 08:33:54 ----A---- C:\Windows\system32\ieUnatt.exe

2014-11-13 08:33:54 ----A---- C:\Windows\system32\dxtmsft.dll

2014-11-13 08:33:53 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-11-13 08:33:53 ----A---- C:\Windows\system32\mshtmled.dll

2014-11-13 08:33:53 ----A---- C:\Windows\system32\ieui.dll

2014-11-13 08:33:53 ----A---- C:\Windows\system32\ieframe.dll

2014-11-13 08:33:52 ----A---- C:\Windows\system32\wininet.dll

2014-11-13 08:33:52 ----A---- C:\Windows\system32\vbscript.dll

2014-11-13 08:33:52 ----A---- C:\Windows\system32\jscript9diag.dll

2014-11-13 08:33:52 ----A---- C:\Windows\system32\jscript9.dll

2014-11-13 08:33:51 ----A---- C:\Windows\system32\msrating.dll

2014-11-13 08:33:51 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-11-13 08:33:50 ----A---- C:\Windows\system32\mshtml.dll

2014-11-13 08:32:18 ----A---- C:\Windows\system32\msi.dll

2014-11-13 08:32:17 ----A---- C:\Windows\SYSWOW64\msi.dll

2014-11-11 22:26:59 ----D---- C:\ProgramData\NCH Software

2014-11-11 22:26:56 ----D---- C:\Program Files (x86)\NCH Software

2014-11-11 22:20:59 ----D---- C:\Windows\system32\ȰI

2014-11-11 22:20:59 ----D---- C:\Windows\system32\3쀀

2014-11-11 22:11:37 ----A---- C:\Windows\SYSWOW64\shoB84B.tmp

2014-11-11 18:59:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-11-11 11:49:34 ----D---- C:\Program Files (x86)\ESET

2014-11-11 00:01:12 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-11-09 09:42:10 ----A---- C:\Windows\system32\eamclean.exe

2014-11-09 09:42:10 ----A---- C:\Windows\system32\eamclean.dat

2014-11-09 09:31:26 ----D---- C:\ProgramData\gimmishop

2014-11-09 09:31:10 ----D---- C:\ProgramData\takegif

2014-11-08 22:43:27 ----D---- C:\ProgramData\Emsisoft

2014-11-08 08:36:47 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware

2014-11-05 20:19:23 ----D---- C:\Windows\Temp

2014-10-30 11:02:25 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys

2014-10-27 15:06:07 ----D---- C:\Program Files (x86)\VideoCnv

======List of files/folders modified in the last 1 month======

2014-11-23 15:59:44 ----D---- C:\Windows\Prefetch

2014-11-23 15:59:43 ----D---- C:\Program Files\trend micro

2014-11-23 15:46:55 ----D---- C:\Windows\system32\config

2014-11-22 17:21:04 ----D---- C:\Windows\System32

2014-11-22 17:21:04 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-11-22 17:19:31 ----A---- C:\Windows\system32\deviceAppeared.txt

2014-11-22 15:01:04 ----HD---- C:\ProgramData

2014-11-22 15:00:59 ----RD---- C:\Program Files (x86)

2014-11-22 15:00:05 ----D---- C:\Users\Yasser\AppData\Roaming\DAEMON Tools Lite

2014-11-22 14:59:40 ----D---- C:\Windows\system32\drivers

2014-11-22 14:59:40 ----D---- C:\Windows\inf

2014-11-22 14:59:39 ----D---- C:\Windows\system32\DriverStore

2014-11-22 14:59:31 ----SHD---- C:\System Volume Information

2014-11-22 14:58:54 ----D---- C:\Windows\system32\catroot

2014-11-22 09:58:01 ----D---- C:\Users\Yasser\AppData\Roaming\Dropbox

2014-11-21 21:59:00 ----D---- C:\Windows

2014-11-21 21:58:46 ----D---- C:\Windows\Cursors

2014-11-21 21:57:51 ----D---- C:\Users\Yasser\AppData\Roaming\uTorrent

2014-11-21 21:57:45 ----D---- C:\Windows\Tasks

2014-11-21 21:57:45 ----D---- C:\Windows\system32\Tasks

2014-11-20 09:43:17 ----D---- C:\Windows\winsxs

2014-11-20 09:40:16 ----D---- C:\Windows\SysWOW64

2014-11-19 21:55:36 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-11-16 21:47:36 ----HD---- C:\Config.Msi

2014-11-16 21:47:35 ----SHD---- C:\Windows\Installer

2014-11-16 21:46:04 ----RD---- C:\Program Files

2014-11-16 21:45:21 ----D---- C:\Program Files\Common Files

2014-11-15 20:34:30 ----D---- C:\Windows\rescache

2014-11-15 15:33:38 ----D---- C:\Windows\Minidump

2014-11-15 15:33:38 ----D---- C:\Windows\debug

2014-11-15 03:30:07 ----D---- C:\Windows\Microsoft.NET

2014-11-15 03:29:11 ----RSD---- C:\Windows\assembly

2014-11-15 03:15:43 ----SD---- C:\Windows\system32\CompatTel

2014-11-15 03:15:40 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-11-15 03:15:39 ----D---- C:\Windows\system32\nl-NL

2014-11-15 03:15:37 ----D---- C:\Program Files\Internet Explorer

2014-11-15 03:15:36 ----D---- C:\Windows\SYSWOW64\en-US

2014-11-15 03:15:34 ----D---- C:\Windows\system32\en-US

2014-11-15 03:15:29 ----D---- C:\Program Files (x86)\Internet Explorer

2014-11-14 23:55:34 ----A---- C:\Windows\wininit.ini

2014-11-14 18:09:56 ----D---- C:\Windows\system32\MRT

2014-11-14 17:56:36 ----A---- C:\Windows\system32\MRT.exe

2014-11-13 19:12:56 ----A---- C:\Windows\system32\devicelist.txt

2014-11-13 19:12:56 ----A---- C:\Windows\system32\devicealertlist.txt

2014-11-13 08:31:06 ----D---- C:\Windows\system32\catroot2

2014-11-12 17:17:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-11-11 22:20:58 ----RD---- C:\Users

2014-11-11 21:29:00 ----D---- C:\Users\Yasser\AppData\Roaming\vlc

2014-11-11 18:06:22 ----D---- C:\zoek_backup

2014-11-11 13:14:43 ----D---- C:\AdwCleaner

2014-11-11 13:05:34 ----D---- C:\ProgramData\AVG2014

2014-11-11 13:05:27 ----D---- C:\ProgramData\MFAData

2014-11-11 13:00:11 ----D---- C:\Games

2014-11-09 21:31:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-11-09 21:20:20 ----D---- C:\Windows\pss

2014-11-09 20:41:24 ----D---- C:\Windows\Logs

2014-11-09 15:27:31 ----D---- C:\Windows\system32\drivers\etc

2014-11-09 10:12:31 ----D---- C:\Windows\system32\wbem

2014-11-09 10:12:30 ----D---- C:\Windows\system32\CodeIntegrity

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}

2014-11-09 10:12:19 ----HD---- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704}

2014-11-09 10:12:19 ----D---- C:\ProgramData\Avg_Update_0414b

2014-11-09 10:12:15 ----D---- C:\Program Files (x86)\MyFree Codec

2014-11-09 10:12:10 ----D---- C:\Program Files (x86)\AVG Web TuneUp

2014-11-09 10:12:08 ----SHD---- C:\$RECYCLE.BIN

2014-11-09 10:06:50 ----D---- C:\Windows\registration

2014-11-09 10:06:05 ----D---- C:\ProgramData\AVG Web TuneUp

2014-11-09 10:05:51 ----D---- C:\Program Files (x86)\Common Files

2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe

2014-11-01 04:01:51 ----D---- C:\Windows\system32\LogFiles

2014-10-29 12:50:55 ----D---- C:\ProgramData\Malwarebytes

2014-10-27 20:11:59 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]

R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]

R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-09-22 14456]

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]

R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2014-07-10 93160]

R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2014-07-10 102992]

R1 cbfs3;cbfs3; \??\C:\Windows\system32\drivers\cbfs3.sys [2011-12-02 348560]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-22 283064]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320]

R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-07-16 96896]

R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-29 10210304]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-29 317952]

R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-07-16 214144]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]

R3 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2014-08-21 727592]

R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2014-08-21 261056]

R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-09-21 133672]

R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-05-29 4747840]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-11 80384]

R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2011-09-21 620584]

R3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2011-09-21 167976]

R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-09-21 178728]

R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-09-21 89640]

R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-21 39976]

R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-21 21544]

R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [2014-07-10 150256]

R3 L6TPortA;Service - Line 6 TonePort UX1; C:\Windows\System32\Drivers\L6TPortA64.sys [2013-07-11 772864]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-31 338536]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-05-29 535552]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 4598AC4582F0E60C;4598AC4582F0E60C; \??\C:\Users\Yasser\AppData\Local\Temp\7DDBCE06F.sys []

S3 a2djavs;Audio 2 DJ WDM Audio; C:\Windows\System32\Drivers\a2djavs.sys [2012-12-18 359784]

S3 a2djusb_svc;Audio 2 DJ; C:\Windows\System32\Drivers\a2djusb.sys [2012-12-18 98664]

S3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2014-08-21 601360]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []

S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280]

S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-10-30 32512]

S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2013-06-26 772864]

S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]

S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]

S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]

S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2014-07-10 389240]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-29 89600]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-29 204288]

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-09-20 1085216]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]

R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-08-26 260424]

R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-09-16 662104]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]

R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]

R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056]

R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-22 714208]

R2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-10-10 1379840]

R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-30 75136]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-29 311808]

R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]

R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]

R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648]

S2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [2014-10-15 707888]

S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-07-28 1511872]

S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]

S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[kape]

Zo kunnen we bezig blijven ... je hebt alweer nieuwe malware binnengehaald. Gebruik je vaak Popcorn en het torrent-programma ? Dan zou ik daar toch wat beter mee gaan opletten, want het pakket besmettingen komt (vermoedelijk) langs die weg telkens op je PC.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
 WindowsMangerProtect;s
 C:\ProgramData\WindowsMangerProtect;fs
 C:\Program Files (x86)\SupTab;fs
 C:\ProgramData\IePluginServices;fs
 C:\Program Files (x86)\Mozilla Firefox\extensions\[email="websitelogon@truesuite.com"]websitelogon@truesuite.com[/email];fs
 C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\[email="2020Player_IKEA@2020Technologies.com"]2020Player_IKEA@2020Technologies.com[/email];fs
 C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\[email="wUM2@U1ElYj.edu"]wUM2@U1ElYj.edu[/email];fs
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce];r64
"daemontoolslite"=-;r64
 C:\zoek_backup;fs
 C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9};fs
C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418};fd
C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D};fs
C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14};fs
C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325};fs
C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704};fs
C:\ProgramData\Avg_Update_0414b;fs
autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[Notroch]

popcorn gebruik ik niet, dus gewist intussen. Torrent wel, zal idd wat voorzichtiger moeten zijn.

Zoek.exe v5.0.0.0 Updated 23-11-2014

Tool run by Yasser on zo 23/11/2014 at 19:12:02,15.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Yasser\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-04-10-112126.log 24645 bytes

C:\zoek-results2014-11-05-194629.log 30172 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\VideoCnv deleted successfully

C:\Users\Yasser\AppData\Roaming\Publish Providers deleted successfully

C:\Users\Administrator\AppData\Local\Comodo deleted successfully

C:\Users\Administrator\AppData\Local\Google deleted successfully

C:\Users\Gast\AppData\Local\Comodo deleted successfully

C:\Users\Gast\AppData\Local\Google deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully

C:\Users\Yasser\AppData\Local\Comodo deleted successfully

C:\Users\Yasser\AppData\Local\CrashDumps deleted successfully

C:\Users\Yasser\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fa6789c5 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default

user.js not found

---- Lines BrowseFox removed from prefs.js ----

user_pref("extensions.BrowseFox.aul", 1687764190);

user_pref("extensions.BrowseFox.irl", true);

user_pref("extensions.BrowseFox.is", "grbbfbe");

user_pref("extensions.BrowseFox.ug", "19F5BEE4-8A07-48CC-ADB3-36EEA93C50BF");

---- Lines PacFunction removed from prefs.js ----

user_pref("extensions.PacFunction.asul", "1397111692664");

user_pref("extensions.PacFunction.aul", "1397111680765");

user_pref("extensions.PacFunction.irl", true);

user_pref("extensions.PacFunction.is", "fmxqtbe");

user_pref("extensions.PacFunction.ug", "A95D8C99-EE52-4FC6-8C0F-DA483F61058E");

---- Lines quick_start removed from prefs.js ----

user_pref("extensions.quick_start.enable_search1", false);

user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

---- Lines mysearch removed from prefs.js ----

user_pref("avg.wtu.ext.extHomepage", "https://mysearch.avg.com?pid=wtu&sg=&cid=%7B1b32e2e4-098e-4167-a6df-77ee9794d68b%7D&mid=1d8ba2e51a9d47d3b3f1ada0

---- FireFox user.js and prefs.js backups ----

prefs_20142311_1929_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"daemontoolslite"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\WindowsMangerProtect deleted

C:\ProgramData\IePluginServices deleted

C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com deleted

C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\2020Player_IKEA@2020Technologies.com deleted

C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\wUM2@U1ElYj.edu deleted

C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} deleted

C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D} deleted

C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} deleted

C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325} deleted

C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} deleted

C:\ProgramData\Avg_Update_0414b deleted

C:\Users\Yasser\AppData\Local\AVG Web TuneUp deleted

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted

C:\PROGRA~2\AVG Web TuneUp deleted

C:\Users\Yasser\AppData\Roaming\mcp.ico deleted

C:\PROGRA~3\AVG Web TuneUp deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted

C:\Users\Yasser\AppData\LocalLow\AVG Web TuneUp deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted

C:\Windows\wininit.ini deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

C:\Windows\Syswow64\shoB84B.tmp deleted

"C:\Windows\Installer\c2b5ff.msi" deleted

"C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}\Guitar Rig 5 Setup PC.exe" deleted

"C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}\Guitar Rig 5 Setup PC.msi" deleted

"C:\Program Files (x86)\SupTab\Loader32.exe" deleted

"C:\Program Files (x86)\SupTab\Loader64.exe" deleted

"C:\Program Files (x86)\SupTab\msvcp110.dll" deleted

"C:\Program Files (x86)\SupTab\msvcr110.dll" not deleted

"C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll" deleted

"C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not deleted

"C:\PROGRA~2\SupTab\Loader32.exe" deleted

"C:\PROGRA~2\SupTab\Loader64.exe" deleted

"C:\PROGRA~2\SupTab\msvcp110.dll" deleted

"C:\PROGRA~2\SupTab\msvcr110.dll" not deleted

"C:\PROGRA~2\SupTab\WindowsSupportDll32.dll" deleted

"C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not deleted

"C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}" deleted

"C:\Program Files (x86)\SupTab" not deleted

"C:\zoek_backup" deleted

"C:\PROGRA~2\SupTab" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default

- Undetermined - 2020Player_IKEA@2020Technologies.com

- Undetermined - optout@google.com

- Afmelden voor advertentiecookie - %ProfilePath%\extensions\optout@google.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default

67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash

40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Users\Yasser\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update

3CD19649B2C3023D65E67C056457A2BC - C:\Users\Yasser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

debkinhcgejcbfgjiaalomcmkedjmiaa - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx[25/08/2011 04:41]

Google Cast - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd

Videostream for Google Chromecastâ„¢ - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl

Website Logon - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa

LocalChromecast Player - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.be/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}"

"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}"

"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.be/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}"

{07F202EA-A471-44A9-AC55-B3C726D27203} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yasser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Yasser\AppData\Local\Mozilla\Firefox\Profiles\1sxd1l5p.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Yasser\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Yasser\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Yasser\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\SupTab\msvcr110.dll" not found

"C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not found

"C:\PROGRA~2\SupTab\msvcr110.dll" not found

"C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

"C:\Program Files (x86)\SupTab" not found

"C:\PROGRA~2\SupTab" not found

==== EOF on zo 23/11/2014 at 19:42:36,83 ======================

[kape]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik op Scan.
  
• Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\\AdwCleaner\\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[Notroch]

# AdwCleaner v4.102 - Rapport aangemaakt 28/11/2014 op 21:00:40

# Laatste Update 23/11/2014 door Xplode

# Database : 2014-11-27.1 [Live]

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : Yasser - YASSER-HP

# Gestart vanuit : C:\Users\Yasser\Desktop\adwcleaner_4.102.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\ProgramData\NCH Software

Map Verwijderd : C:\Program Files (x86)\NCH Software

Map Verwijderd : C:\Users\Yasser\AppData\Roaming\NCH Software

***** [ Taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\SupHpUISoft

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\adawarebp

Sleutel Verwijderd : HKLM\SOFTWARE\SupTab

Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsMangerProtect

Sleutel Verwijderd : HKLM\SOFTWARE\supWPM

Sleutel Verwijderd : HKLM\SOFTWARE\mystartsearchSoftware

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Mozilla Firefox v33.1 (x86 nl)

-\\ Google Chrome v39.0.2171.71

*************************

AdwCleaner[R0].txt - [1791 octets] - [12/04/2014 13:58:05]

AdwCleaner[R1].txt - [9706 octets] - [06/11/2014 18:14:19]

AdwCleaner[R2].txt - [6728 octets] - [06/11/2014 18:27:05]

AdwCleaner[s0].txt - [1635 octets] - [12/04/2014 13:59:01]

AdwCleaner[s1].txt - [4733 octets] - [11/11/2014 13:14:40]

AdwCleaner[s2].txt - [1585 octets] - [28/11/2014 21:00:40]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1645 octets] ##########

[kape]

En hoe is de toestand nu ?