Ga naar inhoud

laptop met vele virussen


Aanbevolen berichten

Simma,

 

welkom op PCH !

 

Voer je het onderstaande even uit en plaats je dan een logje? Als het zover is, verwittig ik de kenners op dit vlak wel

 

 

Download icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen


  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de

. aangepast door Passer
Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.10 (written by random/random)

Run by yassine at 2015-05-22 15:58:41

Microsoft Windows 7 Home Premium  Service Pack 1

System drive C: has 190 GB (67%) free of 285 GB

Total RAM: 3999 MB (38% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:58:45, on 22/05/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17801)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe

C:\Program Files (x86)\Tango\Tango.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe

C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\yassine.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_23c4c54c-f555-4c1a-8bc7-b9c40739ce5b

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\Program Files (x86)\Dynamo Combo\bin\Pac8807.js

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: Roll Around - {83c0e288-8fa0-43d3-acc7-c1e839d85abc} - C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [slimCleaner Plus] "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize

O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe

O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Users\yassine\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O20 - AppInit_DLLs:  

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Service Mgr RollAround - Unknown owner - C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Update Mgr RollAround - Unknown owner - C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 14272 bytes

 

======Listing Processes======

 

 

 

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\PC Speed Up\PCSUService.exe"

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"taskhost.exe"

"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"

"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 

"C:\Windows\System32\igfxtray.exe" 

"C:\Windows\System32\hkcmd.exe" 

"C:\Windows\System32\igfxpers.exe" 

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

"C:\Program Files\iTunes\iTunesHelper.exe" 

"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden

"C:\Windows\System32\StikyNot.exe" 

"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

"C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" 

"C:\Program Files (x86)\Tango\Tango.exe" -r

"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" 

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" 

"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" 

"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui

"C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Users\yassine\AppData\Local\Plex Media Server\Plug-ins\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Users\yassine\AppData\Local\Plex Media Server\Plug-ins\System.bundle"

\??\C:\Windows\system32\conhost.exe "-1823744411609875561-164109747819517477301132872662-1615354953-1096470457514124003

taskeng.exe {B89E6C36-28D2-442D-B397-248D5D4772AC}

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" 

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service

"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service

"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3208

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe" 

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe" frompopup

"C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden

"C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe" /pcm

"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"

"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"

"C:\Program Files\Realtek\RtVOsd\RtVOsd.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1992327750</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"

C:\Windows\System32\svchost.exe -k secsvcs

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\4\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\2\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\6\plugin.exe"

"C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2036.0.1511151640\359139105" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,42 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2086 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.1.1753271040\760717831" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.2.1856912624\1604723094" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.4.162071322\1386861306" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.5.876720798\2118164363" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.6.793899287\1496804167" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.7.1462613169\411332433" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.8.1432535063\1006963678" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.16.647722754\995198688" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2036.19.2134146318\252887749" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.27.154391253\9436045" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.58.1998721758\331455858" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.80.296567987\1734851883" /prefetch:673131151

"C:\Program Files\Windows NT\Accessories\wordpad.exe" 

 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.154.1870269973\1620708337" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/ExtensionUseSafeInstallation/Default/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevControlR4/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_88/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2036 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="2036.155.1899889272\1116298153" /prefetch:673131151

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 

"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 

"C:\Users\yassine\Downloads\RSITx64 (3).exe" 

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe  /dev0 /idle 

C:\Windows\tasks\PC-Mechanic Maintenance.job - C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe  -m 

C:\Windows\tasks\PC-Mechanic Startup.job - C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe  

C:\Windows\tasks\PC-Mechanic Subscription.job - C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe  -l 

C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - yassine).job - C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe   /doScheduledScan 

 

=========Mozilla firefox=========

 

ProfilePath - C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default

 



 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 17.0.0.169 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]

"Description"=Skype Web Plugin

"Path"=C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 17.0.0.169 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

 

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]

"Description"=Skype Web Plugin

"Path"=C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll

 

 

C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default\searchplugins\

yahoo.xml

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-19 705448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02 256456]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-02-19 357376]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83c0e288-8fa0-43d3-acc7-c1e839d85abc}]

Roll Around - C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll [2015-02-25 145648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-19 586968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02 194504]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01 297128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02 256456]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02 194504]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-13 2281256]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-29 166424]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-29 391192]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-29 410648]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2010-09-22 6489704]

"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-08-16 2736128]

"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31282304]

"SlimCleaner Plus"=C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe /minimize []

"PCSpeedUp"=C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [2014-12-10 342472]

"Plex Media Server"=C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2014-12-21 5142664]

"Tango"=C:\Program Files (x86)\Tango\Tango.exe [2011-11-04 13489992]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe [2015-04-17 927920]

 

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-09-28 584760]

"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

""= []

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-31 5227648]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

 

C:\Users\yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\yassine\AppData\Roaming\Dropbox\bin\Dropbox.exe

MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-02-21 269824]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"SoftwareSASGeneration"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 month======

 

2015-05-19 17:01:35 ----D---- C:\Program Files (x86)\Mozilla Firefox

2015-05-12 23:44:44 ----D---- C:\2a354f814ce5c70c97a416

2015-05-12 23:42:53 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-12 23:42:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-12 21:39:32 ----A---- C:\Windows\system32\schannel.dll

2015-05-12 21:39:31 ----A---- C:\Windows\SYSWOW64\schannel.dll

2015-05-12 21:39:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2015-05-12 21:39:31 ----A---- C:\Windows\SYSWOW64\certcli.dll

2015-05-12 21:39:31 ----A---- C:\Windows\system32\msv1_0.dll

2015-05-12 21:39:31 ----A---- C:\Windows\system32\lsasrv.dll

2015-05-12 21:39:31 ----A---- C:\Windows\system32\certcli.dll

2015-05-12 21:39:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll

2015-05-12 21:39:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2015-05-12 21:39:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll

2015-05-12 21:39:30 ----A---- C:\Windows\system32\wdigest.dll

2015-05-12 21:39:30 ----A---- C:\Windows\system32\sspicli.dll

2015-05-12 21:39:30 ----A---- C:\Windows\system32\ncrypt.dll

2015-05-12 21:39:30 ----A---- C:\Windows\system32\kerberos.dll

2015-05-12 21:39:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2015-05-12 21:39:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2015-05-12 21:39:29 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2015-05-12 21:39:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2015-05-12 21:39:29 ----A---- C:\Windows\SYSWOW64\secur32.dll

2015-05-12 21:39:29 ----A---- C:\Windows\SYSWOW64\credssp.dll

2015-05-12 21:39:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe

2015-05-12 21:39:29 ----A---- C:\Windows\system32\TSpkg.dll

2015-05-12 21:39:29 ----A---- C:\Windows\system32\sspisrv.dll

2015-05-12 21:39:29 ----A---- C:\Windows\system32\secur32.dll

2015-05-12 21:39:29 ----A---- C:\Windows\system32\lsass.exe

2015-05-12 21:39:29 ----A---- C:\Windows\system32\credssp.dll

2015-05-12 21:39:29 ----A---- C:\Windows\system32\auditpol.exe

2015-05-12 21:39:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll

2015-05-12 21:39:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll

2015-05-12 21:39:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll

2015-05-12 21:39:28 ----A---- C:\Windows\system32\msobjs.dll

2015-05-12 21:39:28 ----A---- C:\Windows\system32\msaudite.dll

2015-05-12 21:39:28 ----A---- C:\Windows\system32\adtschema.dll

2015-05-12 21:39:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2015-05-12 21:39:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2015-05-12 21:39:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2015-05-12 21:39:02 ----A---- C:\Windows\system32\ieetwproxystub.dll

2015-05-12 21:39:02 ----A---- C:\Windows\system32\ieetwcollector.exe

2015-05-12 21:39:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2015-05-12 21:38:59 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2015-05-12 21:38:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-05-12 21:38:59 ----A---- C:\Windows\system32\iernonce.dll

2015-05-12 21:38:59 ----A---- C:\Windows\system32\ie4uinit.exe

2015-05-12 21:38:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2015-05-12 21:38:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2015-05-12 21:38:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2015-05-12 21:38:56 ----A---- C:\Windows\system32\iedkcs32.dll

2015-05-12 21:38:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2015-05-12 21:38:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2015-05-12 21:38:55 ----A---- C:\Windows\SYSWOW64\jscript.dll

2015-05-12 21:38:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2015-05-12 21:38:55 ----A---- C:\Windows\system32\urlmon.dll

2015-05-12 21:38:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2015-05-12 21:38:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2015-05-12 21:38:54 ----A---- C:\Windows\SYSWOW64\ieui.dll

2015-05-12 21:38:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2015-05-12 21:38:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2015-05-12 21:38:54 ----A---- C:\Windows\system32\msfeeds.dll

2015-05-12 21:38:54 ----A---- C:\Windows\system32\dxtrans.dll

2015-05-12 21:38:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2015-05-12 21:38:52 ----A---- C:\Windows\system32\iesetup.dll

2015-05-12 21:38:52 ----A---- C:\Windows\system32\ieapfltr.dll

2015-05-12 21:38:50 ----A---- C:\Windows\system32\iertutil.dll

2015-05-12 21:38:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2015-05-12 21:38:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2015-05-12 21:38:49 ----A---- C:\Windows\system32\vbscript.dll

2015-05-12 21:38:48 ----A---- C:\Windows\SYSWOW64\wininet.dll

2015-05-12 21:38:48 ----A---- C:\Windows\SYSWOW64\msrating.dll

2015-05-12 21:38:48 ----A---- C:\Windows\system32\jsproxy.dll

2015-05-12 21:38:48 ----A---- C:\Windows\system32\ieUnatt.exe

2015-05-12 21:38:47 ----A---- C:\Windows\system32\dxtmsft.dll

2015-05-12 21:38:46 ----A---- C:\Windows\system32\ieui.dll

2015-05-12 21:38:46 ----A---- C:\Windows\system32\ieframe.dll

2015-05-12 21:38:45 ----A---- C:\Windows\system32\mshtmled.dll

2015-05-12 21:38:44 ----A---- C:\Windows\system32\mshtmlmedia.dll

2015-05-12 21:38:44 ----A---- C:\Windows\system32\jscript.dll

2015-05-12 21:38:43 ----A---- C:\Windows\system32\jscript9diag.dll

2015-05-12 21:38:43 ----A---- C:\Windows\system32\jscript9.dll

2015-05-12 21:38:42 ----A---- C:\Windows\system32\wininet.dll

2015-05-12 21:38:41 ----A---- C:\Windows\system32\MshtmlDac.dll

2015-05-12 21:38:40 ----A---- C:\Windows\system32\msrating.dll

2015-05-12 21:38:40 ----A---- C:\Windows\system32\mshtml.dll

2015-05-12 21:35:56 ----A---- C:\Windows\system32\services.exe

2015-05-12 21:35:51 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2015-05-12 21:35:51 ----A---- C:\Windows\system32\FntCache.dll

2015-05-12 21:35:51 ----A---- C:\Windows\system32\DWrite.dll

2015-05-12 21:35:49 ----A---- C:\Windows\system32\win32k.sys

2015-05-12 21:35:30 ----A---- C:\Windows\SYSWOW64\InkEd.dll

2015-05-12 21:35:30 ----A---- C:\Windows\system32\InkEd.dll

2015-05-12 21:35:16 ----A---- C:\Windows\SYSWOW64\poqexec.exe

2015-05-12 21:35:15 ----A---- C:\Windows\system32\poqexec.exe

2015-05-07 20:19:12 ----SD---- C:\Windows\SYSWOW64\Microsoft

2015-04-27 23:40:10 ----D---- C:\Program Files (x86)\Tango

 

======List of files/folders modified in the last 1 month======

 

2015-05-22 15:58:44 ----D---- C:\Program Files\trend micro

2015-05-22 15:58:43 ----D---- C:\Windows\Temp

2015-05-22 15:05:39 ----D---- C:\Windows\system32\config

2015-05-22 14:50:50 ----D---- C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf

2015-05-22 14:46:44 ----D---- C:\Program Files (x86)\PC Speed Up

2015-05-21 21:28:19 ----D---- C:\Users\yassine\AppData\Roaming\Skype

2015-05-21 20:43:08 ----D---- C:\Windows\system32\NDF

2015-05-21 18:43:39 ----D---- C:\Windows\Prefetch

2015-05-19 21:06:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2015-05-19 19:34:41 ----SHD---- C:\System Volume Information

2015-05-19 18:14:10 ----RD---- C:\Program Files (x86)

2015-05-17 02:01:03 ----SHD---- C:\Windows\Installer

2015-05-17 01:56:11 ----D---- C:\Windows\Tasks

2015-05-16 23:27:26 ----D---- C:\Windows\system32\LogFiles

2015-05-15 00:54:19 ----D---- C:\Users\yassine\AppData\Roaming\uTorrent

2015-05-14 23:07:38 ----D---- C:\Users\yassine\AppData\Roaming\DVDVideoSoft

2015-05-14 23:04:40 ----D---- C:\Users\yassine\AppData\Roaming\vlc

2015-05-14 22:48:04 ----D---- C:\Windows\System32

2015-05-14 22:48:04 ----D---- C:\Windows\inf

2015-05-14 22:48:04 ----A---- C:\Windows\system32\PerfStringBackup.INI

2015-05-14 11:24:24 ----D---- C:\Windows\rescache

2015-05-13 23:48:26 ----D---- C:\Windows\Microsoft.NET

2015-05-13 23:48:19 ----RSD---- C:\Windows\assembly

2015-05-13 17:42:39 ----D---- C:\Windows\winsxs

2015-05-13 17:39:52 ----D---- C:\Windows\SYSWOW64\nl-NL

2015-05-13 17:39:51 ----D---- C:\Windows\SysWOW64

2015-05-13 17:39:50 ----D---- C:\Windows\system32\nl-NL

2015-05-13 17:39:50 ----D---- C:\Windows\system32\drivers

2015-05-13 17:39:50 ----D---- C:\Program Files\Internet Explorer

2015-05-13 17:39:49 ----D---- C:\Windows\SYSWOW64\en-US

2015-05-13 17:39:47 ----D---- C:\Windows\system32\en-US

2015-05-13 17:39:46 ----D---- C:\Program Files (x86)\Internet Explorer

2015-05-13 16:57:34 ----D---- C:\Program Files\Microsoft Silverlight

2015-05-13 16:57:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2015-05-12 23:44:53 ----D---- C:\Windows\system32\MRT

2015-05-12 23:44:49 ----A---- C:\Windows\system32\MRT.exe

2015-05-12 21:32:01 ----D---- C:\Windows\system32\catroot2

2015-05-07 15:44:46 ----D---- C:\ProgramData\Skype

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-19 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-19 267632]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-19 93568]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-19 1050432]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-19 436624]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-19 29208]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-19 87912]

R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-19 116728]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-09-29 31088]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-21 10300800]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-22 2494056]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-09-10 1014624]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-23 347680]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-13 1390640]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]

S3 cpuz134;cpuz134; \??\C:\Users\yassine\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-02-18 16152]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-20 77128]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-19 50344]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]

R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]

R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-10-07 126008]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-09-17 92216]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-09-28 26680]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-08-16 73728]

R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2014-12-10 437704]

R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]

R2 Service Mgr RollAround;Service Mgr RollAround; C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe [2015-05-22 556304]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]

R2 Update Mgr RollAround;Update Mgr RollAround; C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe [2015-05-22 478992]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-09-17 735288]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]

S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-11-25 53320]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-24 107912]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]

S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17 268464]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-24 107912]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-01-23 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-19 148080]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-26 1255736]

 

-----------------EOF-----------------
Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
{83c0e288-8fa0-43d3-acc7-c1e839d85abc};c
C:\Program Files (x86)\Roll Around;fs
C:\Program Files (x86)\MyPC Backup;fs
C:\Program Files (x86)\Common Files\DVDVideoSoft;fs
MyPC Backup;s
BackupStack;s
Service Mgr RollAround;s
Update Mgr RollAround;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83c0e288-8fa0-43d3-acc7-c1e839d85abc}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}];r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
""=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]:r64
"AppInit_DLLs"=-;r64
C:\2a354f814ce5c70c97a416;fs
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf;fs
C:\Users\yassine\AppData\Roaming\DVDVideoSoft;fs
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites

 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by yassine on za 23/05/2015 at  0:23:46,50.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\yassine\Downloads\zoek (1).exe [scan all users] [script inserted] [Checkboxes used]

 

==== Older Logs ======================

 

C:\zoek-results2015-02-18-132753.log 65750 bytes

 

==== Empty Folders Check ======================

 

C:\Users\yassine\AppData\Roaming\hpqLog deleted successfully

C:\Users\yassine\AppData\Local\Adobe deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83c0e288-8fa0-43d3-acc7-c1e839d85abc} deleted successfully

HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83c0e288-8fa0-43d3-acc7-c1e839d85abc} deleted successfully

HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{83c0e288-8fa0-43d3-acc7-c1e839d85abc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83c0e288-8fa0-43d3-acc7-c1e839d85abc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== Running Processes ======================

 

C:\Program Files (x86)\PC Speed Up\PCSUService.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe

C:\Program Files (x86)\Tango\Tango.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\4\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\2\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\6\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\plugin.exe

C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\yassine\Downloads\zoek (1).exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

 

==== Deleting Services ======================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service Mgr RollAround deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Service Mgr RollAround deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCSUService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCSUService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Mgr RollAround deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Mgr RollAround deleted successfully

 

==== Registry Fix Code x64 ======================

 

Windows Registry Editor Version 5.00

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83c0e288-8fa0-43d3-acc7-c1e839d85abc}] 

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 

""=- 

"AppInit_DLLs"=- 

 

==== Deleting Files \ Folders ======================

 

C:\Program Files (x86)\Roll Around deleted

C:\Program Files (x86)\Common Files\DVDVideoSoft deleted

C:\2a354f814ce5c70c97a416 deleted

C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf deleted

C:\Users\yassine\AppData\Roaming\DVDVideoSoft deleted

C:\PROGRA~2\COMMON~1\2a617352-d396-46a3-a71b-5d89535356cf deleted

C:\1805.tmp deleted

C:\Users\yassine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC-Mechanic.lnk deleted

C:\Users\yassine\AppData\Roaming\dlg deleted

C:\Users\yassine\AppData\Roaming\RHEng deleted

C:\Users\yassine\AppData\Roaming\31464E43-1424827021-4E33-324E-984BE1AB2B06 deleted

C:\Users\yassine\AppData\Roaming\VOPackage deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\yassine\AppData\Local\31464E43-1424827173-4E33-324E-984BE1AB2B06 deleted

C:\Users\yassine\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted

C:\Users\yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted

C:\Users\yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted

C:\Users\yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted

C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-2682619030-2652341359-2438336200-1000 deleted

C:\windows\SysNative\Tasks\PC SpeedUp Service Deactivator deleted

C:\Windows\Tasks\PC SpeedUp Service Deactivator.job deleted

C:\Users\yassine\Downloads\FreeYouTubeToMP3Converter.exe deleted

C:\windows\SysNative\Tasks\LaunchSignup deleted

C:\Windows\tasks\PC-Mechanic Maintenance.job deleted

C:\Windows\tasks\PC-Mechanic Startup.job deleted

C:\Windows\tasks\PC-Mechanic Subscription.job deleted

C:\windows\SysNative\tasks\PC-Mechanic Maintenance deleted

C:\windows\SysNative\tasks\PC-Mechanic Startup deleted

C:\windows\SysNative\tasks\PC-Mechanic Subscription deleted

C:\Users\yassine\Documents\PCSpeedUp deleted

C:\Users\Public\Desktop\PC Mechanic.lnk deleted

C:\Users\yassine\Desktop\Sync Folder.lnk deleted

C:\Users\yassine\Desktop\MyPC Backup.lnk deleted

C:\Users\yassine\Desktop\PC Speed Up.lnk deleted

"C:\Program Files (x86)\MyPC Backup\AlphaFS.dll" deleted

"C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll" deleted

"C:\Program Files (x86)\MyPC Backup\GetText.dll" deleted

"C:\Program Files (x86)\MyPC Backup\LinqBridge.dll" deleted

"C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll" deleted

"C:\Program Files (x86)\MyPC Backup\MPCBClient.dll" deleted

"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe" deleted

"C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll" deleted

"C:\Program Files (x86)\MyPC Backup\ObjectListView.dll" deleted

"C:\Program Files (x86)\MyPC Backup\Shared Stack.dll" deleted

"C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\icudt.dll" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\libcef.dll" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\library.dat" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\pc-mechanic.exe" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\resources.dat" deleted

"C:\PROGRA~2\PC Speed Up\PCSUNotifier.exe" deleted

"C:\PROGRA~2\PC Speed Up\PopupNotification.dll" deleted

"C:\PROGRA~2\PC Speed Up\Sqlite3.dll" deleted

"C:\PROGRA~2\MyPC Backup\AlphaFS.dll" deleted

"C:\PROGRA~2\MyPC Backup\BackupStackUI.dll" deleted

"C:\PROGRA~2\MyPC Backup\GetText.dll" deleted

"C:\PROGRA~2\MyPC Backup\LinqBridge.dll" deleted

"C:\PROGRA~2\MyPC Backup\Microsoft.Win32.TaskScheduler.dll" deleted

"C:\PROGRA~2\MyPC Backup\MPCBClient.dll" deleted

"C:\PROGRA~2\MyPC Backup\MyPC Backup.exe" deleted

"C:\PROGRA~2\MyPC Backup\Newtonsoft.Json.dll" deleted

"C:\PROGRA~2\MyPC Backup\ObjectListView.dll" deleted

"C:\PROGRA~2\MyPC Backup\Shared Stack.dll" deleted

"C:\PROGRA~2\MyPC Backup\System.Data.SQLite.DLL" deleted

"C:\Users\yassine\AppData\Roaming\Uniblue\PC-Mechanic\error.log" deleted

"C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-Bold.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-BoldItalic.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-ExtraBold.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-Italic.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-Light.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-LightItalic.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-Regular.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-Semibold.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts\OpenSans-SemiboldItalic.ttf" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\locales\en-US.pak" deleted

"C:\PROGRA~2\MyPC Backup\x64\SQLite.Interop.dll" deleted

"C:\Users\yassine\AppData\Roaming\Uniblue\PC-Mechanic\error.log" deleted

"C:\Program Files (x86)\MyPC Backup" not deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic" deleted

"C:\PROGRA~2\PC Speed Up" deleted

"C:\PROGRA~2\MyPC Backup" not deleted

"C:\Users\yassine\AppData\Roaming\Uniblue\PC-Mechanic" deleted

"C:\Users\yassine\AppData\Roaming\Uniblue" deleted

"C:\Program Files (x86)\MyPC Backup\x64" not deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\fonts" deleted

"C:\PROGRA~2\Uniblue\PC-Mechanic\locales" deleted

"C:\PROGRA~2\MyPC Backup\x64" not deleted

"C:\Users\yassine\AppData\Roaming\Uniblue\PC-Mechanic" deleted

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 3999 MB

CPU Info: Celeron® Dual-Core CPU       T3500  @ 2.10GHz

CPU Speed: 816,6 MHz

Sound Card: Luidsprekers (Realtek High Defi | 

Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm | 

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Ralink RT5390 802.11b/g/n WiFi Adapter | Realtek PCIe FE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp      CDDVDW TS-L633R

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C:  278,0GB | D:  19,8GB

Hard Disks - Free: C:  187,5GB | D:  2,9GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 04/07/11 | HPQOEM - 1

Time Zone: Romance (standaardtijd)

Motherboard *: Hewlett-Packard 1605

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: avast! Antivirus disabled (Outdated)

Default Browser: Firefox 38.0.1

Internet Explorer Version: 11.0.9600.17801 

Mozilla Firefox version: 38.0.1 (x86 nl)

Google Chrome version: 43.0.2357.65

Flash Player version: 17.0.0.169

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

====== C:\Users\yassine\AppData\Local\Temp ====

2015-05-22 21:39:37 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\yassine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttxmsg.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-05-12 21:42:53 858EB73F68B20A2A5C66B6C000D1C0DD 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-12 19:39:31 D8D4D751AC82BF3DDB28452878267DA5 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2015-05-12 19:39:31 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\SysWOW64\certcli.dll

2015-05-12 19:39:31 2665A3D34D1C62DF303723422215B001 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll

2015-05-12 19:39:30 86E23CD282F2AE7A95CB8F48A70C3188 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2015-05-12 19:39:30 6954B10C2CF2D99E3F138FB9BDF32547 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2015-05-12 19:39:30 2F47A9303208E8812660A3396EE31477 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2015-05-12 19:39:29 FA518D40DEE715D3399B561AE94A1E4F 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2015-05-12 19:39:29 D7DDFF16973763EDAA28C824E0EFDDF7 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2015-05-12 19:39:29 590AF89D7836C7C019A4410BC778063C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2015-05-12 19:39:29 4279AF72FD8493586422C60BFCA08E07 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2015-05-12 19:39:29 280B8EA3F529A8A41AE3BF98B5272E1B 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-05-12 19:39:28 F91A59FB95541E209971CCBB7F3D6AE5 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll

2015-05-12 19:39:28 A8822401C68B6080FB0C82FD667CF956 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll

2015-05-12 19:39:28 986E8181921B351C7D395DCFA1767DDC 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll

2015-05-12 19:39:02 CFCB89C0FE8EF502A7934C0D20E5DBD6 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2015-05-12 19:39:02 C3120D99E6DA7878A1DD2D88138AC60A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2015-05-12 19:39:02 9025CA7BCD6B7956366FC90B3D6E3933 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2015-05-12 19:39:01 8C00AB01B1BC1E2F69765776BBC5A5D1 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2015-05-12 19:38:59 C2EB0AA5570CF8BC881B36EE55A59337 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2015-05-12 19:38:59 C1A32612710492D0C3339E46EC15E333 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2015-05-12 19:38:59 AA2F2D55DEF98007839D0189D721D70B 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2015-05-12 19:38:59 7B4FA4B41FBDBB12C5038FCB6E6652AA 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2015-05-12 19:38:59 746BBC86351D07859D8B40056447F7B2 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-05-12 19:38:59 6388FC82897DDDA607BBE3580D75AE15 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2015-05-12 19:38:58 D74445161E58644309F858342F5E265C 19691008 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2015-05-12 19:38:56 E993B5E929F46A52E9F4EB68A7855CDF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2015-05-12 19:38:56 63A2E3E9C771B1D4D7D84942D6FCB661 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2015-05-12 19:38:56 28313FF0DE83EAD8F5EF1B963D9078C3 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2015-05-12 19:38:55 F2DB87F164BC13AB8EF90FBF5D866B65 664576 ----a-w- C:\Windows\SysWOW64\jscript.dll

2015-05-12 19:38:55 CC4974FCF9387F32A0FF87BCE093A5AD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2015-05-12 19:38:55 C525258A00ECFB4CE089F54C163268C3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2015-05-12 19:38:55 3CE5DE0730C22A54FE783DB8A989E8BD 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2015-05-12 19:38:55 136687227F11CE928CB05F4FD90319AC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2015-05-12 19:38:54 BCFA71A878903B5F92A7AFEFCCC5CA97 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll

2015-05-12 19:38:54 5AAC24BF6C4A54DA526CC6244DEBE227 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2015-05-12 19:38:54 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-05-12 19:38:53 0E22CD36FC3292CB812CC46CBCFD8444 12828672 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2015-05-12 19:38:49 6E2B4875B968324E5844F35A37A79260 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2015-05-12 19:38:49 1C5C5B5EF9CFDFC897D4549A2385DB3A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2015-05-12 19:38:48 CB5F450D21B9D76B7F01D006E4AEDB40 1882112 ----a-w- C:\Windows\SysWOW64\wininet.dll

2015-05-12 19:38:48 37625FC1DAF886F1980E2D8F315B93AC 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll

2015-05-12 19:38:48 07E82A31808C8BC053D1DE547082C58F 341504 ----a-w- C:\Windows\SysWOW64\html.iec

2015-05-12 19:35:51 C22AB1781BC6F0BB1C9B352CF66DBFFC 1250816 ----a-w- C:\Windows\SysWOW64\DWrite.dll

2015-05-12 19:35:30 418AEC0CE89A13200F2820079B9CDFD9 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll

2015-05-12 19:35:16 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2015-05-12 21:42:53 189FB45D7442083AE8A2E4E612233EF7 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll

2015-05-12 19:39:32 8AD8D17425C75D2621B2CDFE0DEABD21 342016 ----a-w- C:\Windows\Sysnative\schannel.dll

2015-05-12 19:39:31 ED4B980701D081AC42F7B121C1E42149 460800 ----a-w- C:\Windows\Sysnative\certcli.dll

2015-05-12 19:39:31 B6478E65EB03E84A1F01EB045A87AC19 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2015-05-12 19:39:31 2A165B5B5F198D845CF8CFCBB564FAE5 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2015-05-12 19:39:30 C6430870504E2D73EAD55A863D6FB310 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2015-05-12 19:39:30 966A19E354FF0568847CDCEF992BFBEB 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll

2015-05-12 19:39:30 6938D6D4991BC86978034795BCE55AC8 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2015-05-12 19:39:30 43A8CFA9E1D829B4D42A063A85179A05 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll

2015-05-12 19:39:29 95DC9317379EAD6C53D41FCE887CA621 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

2015-05-12 19:39:29 4C3FAC816925F73A34AD52F1F7C0A7EA 31232 ----a-w- C:\Windows\Sysnative\lsass.exe

2015-05-12 19:39:29 2B95EFD44D9AB6626DE0E28041D02EAA 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe

2015-05-12 19:39:29 119055C5ABE3DC76F8A3377FACA8EC71 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2015-05-12 19:39:29 0A69BDE8FC718F208BC4FA5BF4ADF251 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2015-05-12 19:39:29 0182C300EAAC66C60CA8B915F5C3439D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2015-05-12 19:39:28 D8B75DB69F6C0C4A48003FB19057B2CB 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll

2015-05-12 19:39:28 C39A5B69763458468AC3266B8AD752AB 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll

2015-05-12 19:39:28 3434F7DB9B6607284BAA14E7608D2D1A 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll

2015-05-12 19:39:02 E802824B9B4A16355A5233A7B8215ECE 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2015-05-12 19:39:02 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2015-05-12 19:39:01 70EDB996FE1BCB699232A15CB0D0FA32 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2015-05-12 19:38:59 6D2787CD32595A91969502A399E7BA48 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2015-05-12 19:38:59 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2015-05-12 19:38:59 1122DD841CCB7E07EF41039CBD66A29E 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll

2015-05-12 19:38:56 D7B9EEF960F68DC18724BB5F89A464DD 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2015-05-12 19:38:55 ED4EB5A0CDD251A17B946C515CB94D70 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll

2015-05-12 19:38:55 010F562B961AB8CAEC7A0C72F8FDD690 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2015-05-12 19:38:54 EB9FCD39D65E23380CB2C2F0E6F2ED53 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2015-05-12 19:38:54 E20B5098C8707B2CF0858024568234FF 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2015-05-12 19:38:54 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2015-05-12 19:38:52 F28577138120BA7E5423820D4B4C4727 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll

2015-05-12 19:38:52 49B1935F131A44CD29857D6900CB643F 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2015-05-12 19:38:51 F918BE3C5ACA0B6485D725CC1A5348DC 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2015-05-12 19:38:50 843D063E75B19188759CBEC82828BCB1 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll

2015-05-12 19:38:49 B85ECB91C88F6E74045061B7F7DDEFA2 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll

2015-05-12 19:38:48 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2015-05-12 19:38:48 0B4E78E6E65D1FD2CE55C93CF1EFD623 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2015-05-12 19:38:47 CA0369799519F33DDE8FD26F5D87D014 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2015-05-12 19:38:46 E061B5A1D0F9BBACA41149201ADF4A3B 14401536 ----a-w- C:\Windows\Sysnative\ieframe.dll

2015-05-12 19:38:46 1D610F215769E4FF56C7B1847DE4B86D 633856 ----a-w- C:\Windows\Sysnative\ieui.dll

2015-05-12 19:38:45 1921A72BF1273BED72E569EF1F1A0611 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2015-05-12 19:38:44 FFC30231459FC44FD73E07532C707791 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2015-05-12 19:38:44 63061A0826839DE8F5B4713976C99F1B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2015-05-12 19:38:43 DC1200D3C3AC1E69A4DAD053BC26BF0D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2015-05-12 19:38:43 79A4C71CD8B610DE9F66B72B5654C450 6025728 ----a-w- C:\Windows\Sysnative\jscript9.dll

2015-05-12 19:38:42 F0289B3A341429117696F0279DA977B6 2352128 ----a-w- C:\Windows\Sysnative\wininet.dll

2015-05-12 19:38:41 C1D6BD834E69E8F77C8B4DDFCEE073F6 417792 ----a-w- C:\Windows\Sysnative\html.iec

2015-05-12 19:38:41 5A18ACE782C215300BE1C82D9EDC565B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2015-05-12 19:38:40 F2A1718334172C0F4E231E998F6CB8AB 199680 ----a-w- C:\Windows\Sysnative\msrating.dll

2015-05-12 19:38:40 C31D57F7A58FACDA2671075CEBA75199 24971776 ----a-w- C:\Windows\Sysnative\mshtml.dll

2015-05-12 19:35:56 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\Sysnative\services.exe

2015-05-12 19:35:51 E612E86FA15EA1EF9A52433A2743C447 1179136 ----a-w- C:\Windows\Sysnative\FntCache.dll

2015-05-12 19:35:51 490505F6E53EF046EC70A353BC9CD615 1647104 ----a-w- C:\Windows\Sysnative\DWrite.dll

2015-05-12 19:35:49 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\Sysnative\win32k.sys

2015-05-12 19:35:30 2B36E0C5C262437E1B098344DEFA55F8 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll

2015-05-12 19:35:15 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe

====== C:\Windows\Sysnative\drivers =====

2015-05-12 19:39:30 C93EB3A92540830168F2057ECA7DE49A 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2015-05-12 19:39:30 43F45C59A472993E5063F2DB2D22C509 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2015-04-27 21:40:10 -------- d-----w- C:\PROGRA~2\Tango

======= C: =====

====== C:\Users\yassine\AppData\Roaming ======

2015-05-06 21:02:14 -------- d-----w- C:\Users\yassine\AppData\Local\SkypeWebPlugin

2015-04-27 21:40:02 -------- d-----w- C:\Users\yassine\AppData\Local\tango

====== C:\Users\yassine ======

2015-05-22 13:58:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\yassine\Downloads\RSITx64 (3).exe

2015-04-27 21:40:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango

 

====== C: exe-files ==

2015-05-22 18:02:21 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1F509922-2CA0-45C7-825B-0EBE61A533B5}\43.0.2357.65_42.0.2311.152_chrome_updater.exe

2015-05-22 18:02:20 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.65\43.0.2357.65_42.0.2311.152_chrome_updater.exe

2015-05-22 13:58:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\yassine\Downloads\RSITx64 (3).exe

2015-05-16 23:56:10 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe

2015-05-16 23:56:10 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe

2015-05-16 23:56:10 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe

2015-05-16 23:56:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe

2015-05-16 23:56:05 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe

2015-05-16 23:56:02 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

2015-05-16 23:56:02 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

2015-05-16 23:55:29 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe

2015-05-16 23:55:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{EBA1FE76-FA66-4576-A945-28D31192B425}\GoogleUpdateSetup.exe

2015-05-16 23:55:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe

2015-05-16 13:48:19 EB81815F1628247337DCF5C44A137366 869192 ----a-w- C:\Users\yassine\AppData\Local\Google\Chrome\User Data\SwReporter\3.20.1\software_reporter_tool.exe

=== C: other files ==

2015-05-21 21:35:17 96D84019A186DA75538E89BF98DAA9BF 19159 ----a-w- C:\Users\yassine\Downloads\cv.zip

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"SlimCleaner Plus"="C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe /minimize"

"PCSpeedUp"="C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe"

"Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

"Tango"="C:\Program Files (x86)\Tango\Tango.exe -r"

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"SlimCleaner Plus"="C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe /minimize"

"PCSpeedUp"="C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe"

"Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

"Tango"="C:\Program Files (x86)\Tango\Tango.exe -r"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

 

==== Startup Folders ======================

 

2015-03-07 16:46:59 1103 ----a-w- C:\Users\yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/04/2015 00:08]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/11/2014 18:42]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/11/2014 18:42]

C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - yassine).job --a------ C:f6C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe []

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1000 J110 series" ["C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe"]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\SlimCleaner Plus (Scheduled Scan - yassine)" [C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

 

==== Firefox Start and Search pages ======================

 

ProfilePath: C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default



user_pref("browser.search.selectedEngine", "Yahoo Search!");


 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/02/2015 02:15]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 12:36]

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default

- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi

- Roll Around - %ProfilePath%\extensions\{e3d880ce-aecd-4f8f-a17a-897f59eafe08}.xpi

 

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

==== Firefox Plugins ======================

 

Profilepath: C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default

9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash

 

 

==== Chromium Look ======================

 

Google Chrome Version: 43.0.2357.65

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[19/02/2015 15:51]

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19/02/2015 15:51]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 19:22]

 

Google Slides - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

selector is not a valid CSS selector - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Avast SafePrice - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

Google Sheets - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Bookmark Manager DEV - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik

Avast Online Security - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

iLivid - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf

Google Wallet - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Chromium Startpages ======================

 

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Preferences

182000},{\"custom_display_name\":\"Envelop nr. 10\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104700},{\"custom_display_name\":\"Envelop DL\",\"height_microns\":220000,\"name\":\"ISO_DL\",\"vendor_id\":\"27\",\"width_microns\":110000},{\"custom_display_name\":\"Envelop C5\",\"height_microns\":229000,\"name\":\"ISO_C5\",\"vendor_id\":\"28\",\"width_microns\":162000},{\"custom_display_name\":\"Envelop C6\",\"height_microns\":162000,\"name\":\"ISO_C6\",\"vendor_id\":\"31\",\"width_microns\":114000},{\"custom_display_name\":\"Japanse briefkaart\",\"height_microns\":148000,\"name\":\"JPN_HAGAKI\",\"vendor_id\":\"43\",\"width_microns\":100000},{\"custom_display_name\":\"A6\",\"height_microns\":148000,\"name\":\"ISO_A6\",\"vendor_id\":\"70\",\"width_microns\":105000},{\"custom_display_name\":\"Japanse envelop Chou nr. 3\",\"height_microns\":235000,\"name\":\"JPN_CHOU3\",\"vendor_id\":\"73\",\"width_microns\":120000},{\"custom_display_name\":\"4x6inch\",\"height_microns\":152400,\"name\":\"NA_INDEX_4X6\",\"vendor_id\":\"119\",\"width_microns\":101600},{\"custom_display_name\":\"5x7inch\",\"height_microns\":177800,\"name\":\"NA_5X7\",\"vendor_id\":\"120\",\"width_microns\":127000},{\"custom_display_name\":\"B5 (ISO)\",\"height_microns\":249900,\"name\":\"ISO_B5\",\"vendor_id\":\"121\",\"width_microns\":176000},{\"custom_display_name\":\"8x10inch\",\"height_microns\":254000,\"name\":\"NA_GOVT_LETTER\",\"vendor_id\":\"122\",\"width_microns\":203200},{\"custom_display_name\":\"Cabinet-formaat\",\"height_microns\":165100,\"vendor_id\":\"126\",\"width_microns\":119800},{\"custom_display_name\":\"Ofuku hagaki\",\"height_microns\":199800,\"name\":\"JPN_OUFUKU\",\"vendor_id\":\"129\",\"width_microns\":148000},{\"custom_display_name\":\"Envelop voor kaart\",\"height_microns\":152400,\"vendor_id\":\"130\",\"width_microns\":111100},{\"custom_display_name\":\"Indexkaart 5x8inch\",\"height_microns\":203200,\"name\":\"NA_INDEX_5X8\",\"vendor_id\":\"133\",\"width_microns\":127000},{\"custom_display_name\":\"6x8inch\",\"height_microns\":203200,\"name\":\"NA_INDEX_4X6_EXT\",\"vendor_id\":\"134\",\"width_microns\":152400},{\"custom_display_name\":\"JIS Chou 2\",\"height_microns\":146000,\"name\":\"JPN_CHOU2\",\"vendor_id\":\"135\",\"width_microns\":110900},{\"custom_display_name\":\"8,5x13inch\",\"height_microns\":330200,\"name\":\"JIS_EXEC\",\"vendor_id\":\"136\",\"width_microns\":215900}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"HP Deskjet 1000 J110 series\",\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"isColorEnabled\":false}"}},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]www.netflix.com,*":{"setting":1},"[*.]www.tvl.be,*":{"setting":1},"https://[*.]www.bingel.be:443,*":{"setting":1},"https://[*.]www.facebook.com:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{"https://www.google.be:443,*":{"setting":1}},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]www.netflix.com,*":{"fullscreen":1},"[*.]www.tvl.be,*":{"fullscreen":1},"https://[*.]www.bingel.be:443,*":{"fullscreen":1},"https://[*.]www.facebook.com:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://www.google.be:443,*":{"last_used":{"media-stream-mic":1430479911.160123},"media-stream-mic":1}},"pref_version":1},"created_by_version":"40.0.2214.111","exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Persoon 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\yassine\\Desktop"},"selectfile":{"last_directory":"C:\\Users\\yassine\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13068739414980888"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":2},"translate_last_denied_time":1424296443981.0,"translate_too_often_denied":true,"translate_whitelists":{}}

A785DB5266720FF95FEF12703A8E2237A7835F12BE81F0BB42BDD177B","mfehgcgbbipciphmccgaenjidiccnmng":"18257436AFC1EB2DD6A0171290698E6E3AB6A5858491BB3499D08D1C9129D369","mgndgikekgjfcpckkfioiadnlibdjbkf":"3ED70B9FF180EAF1F76D41E08D3429FC8E5C4AF5636871106DC90C96A85524F5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"2BC8DD278509120C194A187093137E8FFF42AC0DFCD3E434334DAB01F47A67E0","nafaimnnclfjfedmmabolbppcngeolgf":"32E3CE4E78238FD14CCCE52AFBBCD5EA2B3CA2A836877085A312B1C8D1C65222","neajdppkdcdipfabeoofebfddakdcjhd":"61D8F0C7A38996FC89F588815A0A0081DBABDADBD45FF5D6B6B6FA039E3C91DD","nkeimhogjdpnpccoofpliimaahmaaome":"8F6E11D3C42EF893AC03359B9D719621655E1A64571A86154D4B57FFAFA4C75B","nmmhkkegccagdldgiimedpiccmgmieda":"3F6FC2371A16B33734261038ED93B5B9416D6B9BD888C626C373B032706809B1","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"E9AB021492B576702407246AC13373E60F155783575B5BC20F457CC85CA5F47D","pjkljhegncpnkpknbcohdijeoejaedia":"3D313FC7B8F25F960DE245322656B5A1E33F2B710F64742618118AF9AA1E6EA0"}},"google":{"services":{"last_username":"C03E00B62A8E7C148982C8CDC9581B612469422F10B50AD842F1CDCD8EFFD133","username":"E1430A2B31522B25C4F8A04075B221DD8A8D283FDAC626A58EBDBCEC7FADE611"}},"homepage":"28D385316C8D802BBCE8A8DCF1C1E0C5A5065C9F645D76B8F67EB1A01B754E66","homepage_is_newtabpage":"01976A36B372DE84D66E7CEFB46D839F672661A3BF9E2BDA3A7CC3C188C1A684","pinned_tabs":"5ACAC3393A7A9E1C382333944E0A9AC736966DAB224DBB3A2EE0B93B57E2C75D","prefs":{"preference_reset_time":"91B80ADFAA36038644C75A9BB70E9B0A9FAB7E2642EE19A7741AAC4AAD493D35"},"profile":{"reset_prompt_memento":"A60D8F59C5B8D03FEB6C61772B2EE934840FB3459EB644549CAA714A526D89EB"},"safebrowsing":{"incidents_sent":"5200F3FF9F5467746C8EA281A9ECFCD512BA96795AFF409654471BFC967F8726"},"search_provider_overrides":"2732AE8D54C2CA3E1CEB19D682BC44E0031981E2EF12831734D3F8E1A6DA7053","session":{"restore_on_startup":"D91F0F7D8E7DE4EFFBD04A4DE304F8C0E63D7F80813FA8E2D1A4CB5976C28262","startup_urls":"B0CB6CCF461A6E8367FB12B5BA9A7ACAA9E414C73EF6D7F8647366CB0437BDE4"},"software_reporter":{"prompt_reason":"044D8B96534D999319237965AD8C350407A300C47D49FF3A5730F22E5DAE1665","prompt_seed":"84C2148A7EDB3B2BC2D8DE6D16B436EE0F15763F19A70FEBA0783AEC24772B9F","prompt_version":"A15B808A31C592EBAF5F74E9CC80FA8A61D44749F668F48075201CC25BFEFDCE"},"sync":{"remaining_rollback_tries":"7237A3D381D5E1BA152229A0DF9E8C9EC5B3C9B0D9991D43B95DA9D6D6CC3B4F"}},"super_mac":"0C5F1322DA25A67CCAE9AD7747A9AC773D22795D4CBA1CCBB2AA6644E2C813A1"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.com/?trackid=sp-006]}}

 

 

==== Chromium Fix ======================

 

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.extcontent00.extcontent.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.extcontent00.extcontent.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.nl.softonic.com_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage deleted successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal deleted successfully

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F88FC5D-4D46-448A-AF59-7061FFC6ABBF}_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage deleted successfully

 

==== HijackThis Entries ======================

 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [slimCleaner Plus] "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize

O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe

O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Users\yassine\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O20 - AppInit_DLLs:  

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

==== Empty IE Cache ======================

 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\yassine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\yassine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

 

==== Empty FireFox Cache ======================

 

C:\Users\yassine\AppData\Local\Mozilla\Firefox\Profiles\a8gel9y0.default\cache2 emptied successfully

 

==== Empty Chrome Cache ======================

 

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

No Java Cache Found

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=1817 folders=506 715868701 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\yassine\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\yassine\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Program Files (x86)\MyPC Backup"  not found

"C:\PROGRA~2\MyPC Backup"  not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

 

==== EOF on za 23/05/2015 at  1:19:57,15 ======================

 

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
[HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Windows\CurrentVersion\Run];r64

"PCSpeedUp"=-;r64

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64

"PCSpeedUp"=-;r64

C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi;f

C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default\extensions\{e3d880ce-aecd-4f8f-a17a-897f59eafe08}.xpi,f

PCSpeedUp;s

C:\Program Files (x86)\PC Speed Up;fs

C:\Program Files (x86)\Common Files\DVDVideoSoft;fs

CHRdefaults;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites

 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by yassine on za 23/05/2015 at 14:52:43,96.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\yassine\Downloads\zoek.exe [scan all users] [script inserted] 

 

==== Older Logs ======================

 

C:\zoek-results2015-02-18-132753.log 65750 bytes

C:\zoek-results2015-05-22-231957.log 60942 bytes

 

==== Deleting Services ======================

 

 

==== Registry Fix Code x64 ======================

 

Windows Registry Editor Version 5.00

 

[HKEY_USERS\S-1-5-21-2682619030-2652341359-2438336200-1000\Software\Microsoft\Windows\CurrentVersion\Run] 

"PCSpeedUp"=- 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 

"PCSpeedUp"=- 

 

==== Deleting Files \ Folders ======================

 

C:\Program Files (x86)\PC Speed Up not found

C:\Program Files (x86)\Common Files\DVDVideoSoft not found

"C:\Users\yassine\AppData\Roaming\Mozilla\Firefox\Profiles\a8gel9y0.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi" deleted

 

==== Reset Google Chrome ======================

 

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\yassine\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

 

==== C:\zoek_backup content ======================

 

 

==== EOF on za 23/05/2015 at 14:54:22,73 ======================
Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.

De download start automatisch na enkele seconden.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.