Ga naar inhoud

berg444

Lid
  • Items

    16
  • Registratiedatum

  • Laatst bezocht

Over berg444

  • Verjaardag 09-09-1965

PC Specificaties

  • Besturingssysteem
    windows 7
  • Moederbord
    Hewwlet Packard 1651
  • Processor
    Intel Core i5 2430m
  • Geheugen
    DDR3 2 GB
  • Grafische Kaart
    Ardeon graphics 3000
  • Harde Schijf
    440GB
  • Behuizing
    Pavilion dm4

berg444's prestaties

  1. Systeemherstel gaf geen herstelpunten weer en deed helemaal niets. Nu deed herstelpunt het plotseling toch. Maar gaf na lange tijd en aut. herstart onbekende fout. Probeer een andere herstelpunt. Daarna kwam er een windows update. Die ik gisteravond rond het begin van mijn probleem ook gehad had. Nu doet de software het wel. Mogelijk had windows update ermee te maken of instabiel systeem. Hartelijk dank voor de reactie. Genoemd probleem is opgelost.
  2. Ik krijg van een softwareprogramma foutmelding dat ADO (MDAC) wel geïnstalleerd is maar een versie van 2.1 of hoger vereist is. Gebruik dagelijks labelprogramma en nooit een foutmelding gehad. Waarschijnlijk heb ik na spyhunter per ongeluk dingen gewist. Er is een herstelpunt gemaakt maar deze service werkt ook niet meer. Veel services waren uitgeschakeld en heb ik weer opgestart. Verder doet internet, software, verkenner installeren enz het gewoon. Wat kan ik het beste doen??
  3. pcalua.exe zegt me niets Ik heb de benchmarkt in veiligemodus 4 keer uitgevoerd. Hoop dat je er wat mee kan. ps filmpjes draaien in firefox beter dan in chrome maar het online programma waar ik dagelijks intensief mee werk draait niet in Firefox. Dat is bekend bij dit programma. Dus ik zit hoe dan ook vast aan chrome.
  4. Nee het lijkt dat ie na de start steeds onrustig beeld geeft en later veranderd. Allen in veilige modus: 1 na starten 2 nogmaals 3 na herstart 4 nogmaals internet had ik uitgeschakeld. Met draadloos netwerk werk ik nooit . Kan het zijn dat ie even tevergeefs zoekt?
  5. unetbootin-windows-585 Gebruik ik momenteel niet. Had op USB stick een lichte Linux versie voor andere oude laptop gezet. Hierbij de gevraagde screenshots van scans met HD tune. 1ste Benchmark is in veilige modus uitgevoerd.
  6. Heb meteen een paar programma's van IOBIT bij startup uitgevinkt. HIer is de startup van CCleaner [ATTACH]30206[/ATTACH] Error scan van HD tune was na ruim 2 uur bijna klaar. Omdat mijn scherm op de screensaver op zwart gaat heb ik per ongeluk de pc willen aandoen met de aan/uit knop zodat de error scan is afgebroken. Hiervan komt de uitslag later. Wat ik tot nu toe gezien heb was het allemaal ok : groene blokjes MvG Ellie startup.txt
  7. Opstarttijd in veilige modus: 45 sec daarna automatisch windows help opstarten: nog eens 25 sec Normale opstarttijd: ongeveer 140 sec na 177 sec gemeten met wise bootup booster.
  8. Hierna ga ik Speccy uitvoeren. Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Hendriks on zo 02-02-2014 at 12:51:50,13. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hendriks\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-02-01-160119.log 35501 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2200064268-249005537-2647804445-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB41F8EF-7F81-4B98-B828-458D6170BAE3} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default user.js not found ---- Lines spigot removed from prefs.js ---- user_pref("browser.startup.homepage", "http://nl.search.yahoo.com/?type=198484&fr=spigot-yhp-ff"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- FireFox user.js and prefs.js backups ---- prefs_02-02-2014_1303_.backup ==== Deleting Files \ Folders ====================== C:\Users\Hendriks\AppData\LocalLow\ADSRemoval deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{22119944-ED35-4ab1-910B-E619EA06A115}"="C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox" [29-12-2013 09:43] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default 2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash 2D389D314D1928AA30778229090F9AD3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll - Shockwave for Director / Shockwave for Director E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Hendriks\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Hendriks\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 3A8B50B4FFD1DBFF77E14C8AA5E6C6A5 - C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\plugins\npida.dll - Internet Download Accelerator click monitoring plug-in ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaanplonkoccjbnlleoidjplmhgeahe - No path found[] hdhihajbmafmgilcciomnamcjfkdhikl - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[13-04-2011 23:21] heloeniedaijefpgpikdfhdjpojnndbn - C:\Program Files (x86)\IDA\ida_chrome.crx[23-01-2012 19:17] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22-11-2012 10:30] nfengeggddojhakldhlpjdlddgkkjkdd - \BrowerProtect\ASC_GhromePlugin.crx[] Google Docs - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Search - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Block site - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh Google Wallet - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB41F8EF-7F81-4B98-B828-458D6170BAE3}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {BB41F8EF-7F81-4B98-B828-458D6170BAE3} Yahoo Url="http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Hendriks\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Hendriks\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Hendriks\Desktop\Clean Disk With 1-Click.lnk - C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe -a -adv C:\Users\Hendriks\Desktop\DelisPrint etiketvel print onderbreken HUISNUMMER .lnk - C:\Users\Hendriks\Desktop\Favorieten.lnk - C:\Users\Hendriks\Documents\Werkbalkfavorieten C:\Users\Hendriks\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Hendriks\Desktop\vertaal google.LNK - C:\Users\Hendriks\Documents\roboform\vertaal google.rfb -l C:\Users\Hendriks\Desktop\zoek.exe pc-hulp.lnk - C:\Users\Hendriks\Downloads\zoek.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Advanced SystemCare 7 7-10 minuten.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual C:\Users\Public\Desktop\avast SafeZone DUBBELKLIK.lnk - C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Toolbox.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /toolbox C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Turbo Boost.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /turboboost C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Verwijder Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Internet Security.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast SafeZone.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\DELISprint Handbuch (PDF).lnk - C:\DPD\DELISprint\DELISprint Handbuch (D).pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\DELISprint manual (PDF).lnk - C:\DPD\DELISprint\DELISprint Handbuch (E).pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\DELISprint.lnk - C:\DPD\DELISprint\DelisPrint.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\RemoteSupport Netviewer.lnk - C:\DPD\DELISprint\Tools\netviewer_o2o.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\RemoteSupport pcvisit 4.lnk - C:\DPD\DELISprint\Tools\pcvisit4.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\RemoteSupport pcvisit 8.lnk - C:\DPD\DELISprint\Tools\pcvisit8.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint\Repair & Compress of DELISprint Database.lnk - C:\DPD\DELISprint\Tools\CompactDB\DPDCompactAccess.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Verwijder Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eusing Cleaner\Eusing Cleaner on the Web.lnk - C:\Program Files (x86)\Eusing Cleaner\SCleaner.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eusing Cleaner\Eusing Cleaner.lnk - C:\Program Files (x86)\Eusing Cleaner\SCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eusing Cleaner\Uninstall Eusing Cleaner.lnk - C:\Program Files (x86)\Eusing Cleaner\UNWISE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\help.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter\RegHunter.lnk - C:\Program Files (x86)\Enigma Software Group\RegHunter\RegHunter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter\Uninstall RegHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {F94A63D7-9A61-403B-8F6F-90B1BF77211A} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Verwijder Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365\Wise Care 365.lnk - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner\Wise Registry Cleaner.lnk - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2013.lnk - C:\Program Files (x86)\CPUID\PC Wizard 2013\PC Wizard.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Eusing Cleaner 59error registry 9min.lnk - C:\Program Files (x86)\Eusing Cleaner\SCleaner.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\IObit Malware Fighter 25 min.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Malwarebytes Anti-Malware 51min 353605.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\OpenOffice.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.NET.lnk - C:\Program Files (x86)\Paint.NET\PaintDotNet.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PC Wizard 2013.lnk - C:\Program Files (x86)\CPUID\PC Wizard 2013\PC Wizard.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wise Care 365 Tuneup startup services.lnk - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wise Registry Cleaner.lnk - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\avast SafeZone DUBBELKLIK.lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DelisPrint etiketvel print onderbreken HUISNUMMER .lnk - C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\email Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MWSnap 3.lnk - C:\Program Files (x86)\MWSnap\MWSnap.exe C:\Users\Hendriks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaanplonkoccjbnlleoidjplmhgeahe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare Ultimate deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendriks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Hendriks\AppData\Local\Mozilla\Firefox\Profiles\1c6ovwda.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Hendriks\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=275 folders=92 2298924853 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Hendriks\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hendriks\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 02-02-2014 at 13:14:20,36 ====================== - - - Updated - - - Dit is de gevraagde link met speccy: http://speccy.piriform.com/results/NgsY1LOBVfz63TEWMcsw1tZ Ik wacht rustig af.
  9. Probleem met zoekmachine heb ik opgelost. Advanced systemcare 7.1 had ik homepagebescherming aangezet en deze stond nog ingesteld op niet gewenste zoekmachine. Andere problemen zijn er nog wel: Opstarttijd pc 160 á 180 sec. Laadtijd van grafische pagina's is lang. Bij grote bewerkingen in bv excel lijkt het geheugen al gauw vol.
  10. Opstarttijd pc 160 á 180 sec. Laadtijd van grafische pagina's is lang. Bij grote bewerkingen in bv excel lijkt het geheugen al gauw vol. Chrome omnibox ( zoeken in adresbalk ) springt na pc opnieuw starten terug op standaardzoekmachine yahoo ipv ingestelde google. Dit heeft niet geholpen: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo Zoeken - zoeken op het web O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file) Klik op 'Fix checked' om de items te verwijderen.
  11. Zoek results log: Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Hendriks on za 01-02-2014 at 16:31:06,86. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Hendriks\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 1-2-2014 16:39:54 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Bonjour deleted successfully C:\Program Files\Common Files\Apple deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\Hendriks\AppData\Roaming\Common deleted successfully C:\Users\Hendriks\AppData\Roaming\FlashGetBHO deleted successfully C:\Users\Hendriks\AppData\Roaming\FlashgetSetup deleted successfully C:\Users\Hendriks\AppData\Roaming\OfferMosquito deleted successfully C:\Users\Hendriks\AppData\Roaming\TP deleted successfully C:\Users\Hendriks\AppData\Local\CrashDumps deleted successfully C:\Users\Hendriks\AppData\Local\DriverTuner deleted successfully C:\Users\Hendriks\AppData\Local\FuzeZip deleted successfully C:\Users\Hendriks\AppData\Local\MigWiz deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2200064268-249005537-2647804445-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB41F8EF-7F81-4B98-B828-458D6170BAE3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2200064268-249005537-2647804445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default user.js not found ---- Lines spigot removed from prefs.js ---- user_pref("browser.startup.homepage", "http://nl.search.yahoo.com/?type=198484&fr=spigot-yhp-ff"); ---- Lines mybrowserbar modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So ---- FireFox user.js and prefs.js backups ---- prefs_01-02-2014_1652_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}] ==== Deleting Files \ Folders ====================== C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\savingsslider@mybrowserbar.com deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\idamm@westbyte.com deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\idapluginff@westbyte.com deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\idaremote@westbyte.com deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\searchads@instair.net deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} deleted C:\Program Files (x86)\MyPC Backup deleted C:\ProgramData\ProductData deleted C:\Windows\syswow64\appdata deleted C:\ProgramData\eSellerate deleted C:\Users\Hendriks\AppData\Roaming\Sammsoft deleted C:\Users\Hendriks\AppData\Local\BearShare deleted C:\Users\Hendriks\AppData\Local\blekkotb_031 deleted C:\Users\Hendriks\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito deleted C:\Users\Hendriks\AppData\LocalLow\ADSRemoval deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AskToolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\bearsharetoolbargaw deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\ilividtoolbargaw deleted C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\adsremoval@adsremoval.net deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml" deleted "C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\searchplugins\yahoo_ff.xml" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Hendriks\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-01-23 21:31:54 4D5D8058F17C873B4F0792678BAA6534 34080 ----a-w- C:\Windows\Sysnative\SmartDefragBootTime.exe 2014-01-23 21:31:11 6A6E91C06ACDBE1D85A4EC469BBB8EBB 121856 ----a-w- C:\Windows\Sysnative\IObitSmartDefragExtension.dll ====== C:\Windows\Sysnative\drivers ===== 2014-01-20 15:30:42 2BB3EAE2EA641515D4B205CAB29E1624 64624 ----a-w- C:\Windows\Sysnative\drivers\HECIx64.sys 2014-01-20 15:30:27 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2014-01-20 15:30:16 5476D773EE180AEB9CADA786EA131777 32496 ----a-w- C:\Windows\Sysnative\drivers\Smb_driver_Intel.sys 2014-01-15 08:23:30 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-01-15 08:23:29 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-01-15 08:23:29 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-01-15 08:23:29 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-01-15 08:23:29 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-01-15 08:23:29 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-01-15 08:23:29 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-01-15 08:23:27 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2014-01-06 22:55:39 AAB5F5336EDBB5D99CC7E1A9F4D8F63F 79672 ----a-w- C:\Windows\Sysnative\drivers\aswstm.sys ====== C:\Windows\Tasks ====== 2014-02-01 07:58:56 23A3DD995DE995015DDF5C067B757193 3100 ----a-w- C:\Windows\Sysnative\Tasks\ASC7_PerformanceMonitor 2014-01-23 21:31:55 F534CA892FC5D3A72B41B2B7E0AFE391 3170 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag3_Update 2014-01-22 17:35:00 36EB60F4E231A2D50A2288C0AE94F3E4 2856 ----a-w- C:\Windows\Sysnative\Tasks\ASC7_SkipUac_Hendriks ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-26 21:41:41 -------- d-----w- C:\Program Files\trend micro 2014-01-20 15:30:26 -------- d-----w- C:\Program Files\Synaptics ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Hendriks\AppData\Roaming ====== 2014-01-31 23:13:27 7C96A4585234C06B71C7028112E31286 65848 ----a-w- C:\Users\Hendriks\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-27 16:42:56 -------- d-----w- C:\Users\Hendriks\AppData\Roaming\Eusing 2014-01-07 09:09:25 -------- d-----w- C:\Users\Hendriks\AppData\Roaming\TeamViewer ====== C:\Users\Hendriks ====== 2014-02-01 11:20:44 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Hendriks\Downloads\RSITx64.exe 2014-01-31 23:13:59 D52DC3CD5A3AF6F0CAA14A7FC79E95E3 11201344 ----a-w- C:\Users\Hendriks\Downloads\iobituninstaller3.1.exe 2014-01-31 22:56:06 F16AF3E14035BEECFAF2EAB2D6ECB40A 241664 ----a-w- C:\Windows\serviceprofiles\Localservice\ntuser.rhk 2014-01-31 22:56:06 6664FCD405B43E6E823B775E1C30432D 245760 ----a-w- C:\Windows\serviceprofiles\networkservice\ntuser.rhk 2014-01-26 01:04:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter 2014-01-23 21:31:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3 2014-01-22 17:35:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2014-01-22 17:34:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7 2014-01-16 18:22:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-07 09:17:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint ====== C: exe-files == 2014-02-01 11:20:44 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Hendriks\Downloads\RSITx64.exe 2014-01-31 23:13:59 D52DC3CD5A3AF6F0CAA14A7FC79E95E3 11201344 ----a-w- C:\Users\Hendriks\Downloads\iobituninstaller3.1.exe 2014-01-31 22:31:29 A7AD059307CB4F2B9784FEE589157BAE 1243272 ----a-w- C:\Program Files (x86)\Wise\Wise Registry Cleaner\unins000.exe 2014-01-28 18:11:46 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe 2014-01-26 21:42:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hendriks.exe 2014-01-26 21:11:10 A36B48B1CCE73F596E628282CA878CD4 3944400 ----a-w- C:\Users\Hendriks\AppData\Roaming\Internet Download Accelerator\temp\idasetup_update.exe 2014-01-26 01:10:19 BD2C06273B10B84198BCE3970010E56E 1243272 ----a-w- C:\Program Files (x86)\Wise\Wise Care 365\unins001.exe 2014-01-26 01:02:53 9F04C8F41F522F8CB233B436E2B420B3 919936 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\Downloads\RegHunter_Web_Setup.exe.exe === C: other files == 2014-01-26 01:51:45 F51DBD962DE213C2A22BF6F6C3C9A102 248 ----a-w- C:\Program Files (x86)\Opera\k.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2200064268-249005537-2647804445-1000\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 6] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Advanced SystemCare 6" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare Ultimate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Advanced SystemCare Ultimate" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCTray.exe\" /AutoStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Anti-phishing Domain Advisor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Anti-phishing Domain Advisor" "hkey"="HKLM" "command"="\"C:\\ProgramData\\Anti-phishing Domain Advisor\\visicom_antiphishing.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Apoint" "hkey"="HKLM" "command"="C:\\Program Files\\Apoint2K\\Apoint.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BlueStacks Agent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\BlueStacks\\HD-Agent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Hendriks\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FreeAC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeAC" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\FreeAlarmClock\\FreeAlarmClock.exe -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="\"C:\\Windows\\system32\\hkcmd.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP CoolSense] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP CoolSense" "hkey"="HKLM" "command"="c:\\program files (x86)\\hewlett-packard\\hp coolsense\\coolsense.exe -byrunkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="c:\\program files (x86)\\hp\\hp software update\\hpwuschd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPOSD] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPOSD" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP On Screen Display\\HPOSD.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="\"C:\\Windows\\system32\\igfxtray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IObit Malware Fighter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="\"C:\\Windows\\system32\\igfxpers.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SetDefault] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SetDefault" "hkey"="HKLM" "command"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShowBatteryBar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ShowBatteryBar" "hkey"="HKCU" "command"="\"c:\\program files\\batterybar\\showbatterybar.exe\" show" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkinnyClock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SkinnyClock" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\XDTK\\Skinny Clock\\SkinnyClock.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"c:\\program files (x86)\\skype\\phone\\skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData\Local] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData\Local\Microsoft] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData\Local\Microsoft\SkyDrive] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Hendriks\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Uninstall C:\\Users\\Hendriks\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6013.0910\\amd64" "hkey"="HKCU" "command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Hendriks\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6013.0910\\amd64\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RapportMgmtService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasAuto] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasMan] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RemoteAccess] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RemoteRegistry] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RpcLocator] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SamSs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SCardSvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SCPolicySvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDRSVC] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\seclogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SecureUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SENS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SensrSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SessionEnv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sftlist] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sftvsa] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SharedAccess] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ShellHWDetection] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SNMPTRAP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Spooler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sppuinotify] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SpyHunter 4 Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SSDPSRV] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SstpSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\STacSV] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\stisvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\swprv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TabletInputService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TapiSrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TBS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TermService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Themes] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\THREADORDER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrkWks] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrustedInstaller] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UI0Detect] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\upnphost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UxSms] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VaultSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vds] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VSS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\W32Time] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WatAdminSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wbengine] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WbioSrvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wcncsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WcsPlugInService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WdiServiceHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WdiSystemHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WebClient] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wecsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wercplsupport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WerSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinDefend] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinHttpAutoProxySvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Winmgmt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinRM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wlidsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wmiApSrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPDBusEnum] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wscsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WSearch] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wudfsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WwanSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-01-2014 09:50] C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [04-11-2013 11:01] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000Core.job --a------ C:\Users\Hendriks\AppData\Local\Facebook\Update\FacebookUpdate.exe [28-05-2013 20:53] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000UA.job --a------ C:\Users\Hendriks\AppData\Local\Facebook\Update\FacebookUpdate.exe [28-05-2013 20:53] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-02-2012 00:21] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-02-2012 00:21] C:\Windows\tasks\Wise Care 365 PC Checkup Task.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [21-01-2014 15:25] C:\Windows\tasks\Wise Disk Cleaner Schedule Task.job --a------ C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [13-11-2013 17:29] C:\Windows\tasks\Wise Memory Optimizer Task.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseMemoryOptimzer.exe [21-01-2014 15:25] C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job --a------ C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [23-01-2014 10:34] C:\Windows\tasks\Wise Turbo Checker.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [21-01-2014 15:25] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_Hendriks" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000Core" [C:\Users\Hendriks\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000UA" [C:\Users\Hendriks\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMJJKJKMKJMJJJLJLMCNNMJMJJLJCNLMKJLJOJCNOJNMPMIMCNMMMMLJJJKJLMNJLMMMOMPMLJJNJICMIMCNGMCNNMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMGMIMNMJNHICMMJBJKJLIMJJNBJCMKLDJDJGJKJJNKJCMNJKJNIIJLMLMLMPLGIOJHJAJAJBNMJAJCJJNNICMJNDJCMBJDJ"] "C:\Windows\SysNative\tasks\Run RoboForm TaskBar Icon" [C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{DCFCCCDC-7634-45A4-AF9A-386BE334F9A6}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Wise Care 365 PC Checkup Task" [C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe] "C:\Windows\SysNative\tasks\Wise Disk Cleaner Schedule Task" [C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe] "C:\Windows\SysNative\tasks\Wise Memory Optimizer Task" [C:\Program Files (x86)\Wise\Wise Care 365\WiseMemoryOptimzer.exe] "C:\Windows\SysNative\tasks\Wise Registry Cleaner Schedule Task" [C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe] "C:\Windows\SysNative\tasks\Wise Turbo Checker" [C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{22119944-ED35-4ab1-910B-E619EA06A115}"="C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox" [29-12-2013 09:43] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default 2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash 2D389D314D1928AA30778229090F9AD3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll - Shockwave for Director / Shockwave for Director E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Hendriks\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Hendriks\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 3A8B50B4FFD1DBFF77E14C8AA5E6C6A5 - C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\plugins\npida.dll - Internet Download Accelerator click monitoring plug-in ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaanplonkoccjbnlleoidjplmhgeahe - No path found[] hdhihajbmafmgilcciomnamcjfkdhikl - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[13-04-2011 23:21] heloeniedaijefpgpikdfhdjpojnndbn - C:\Program Files (x86)\IDA\ida_chrome.crx[23-01-2012 19:17] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22-11-2012 10:30] nfengeggddojhakldhlpjdlddgkkjkdd - \BrowerProtect\ASC_GhromePlugin.crx[] Google Docs - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Search - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Block site - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh Google Wallet - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hendriks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Search Bar"="http://www.bing.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB41F8EF-7F81-4B98-B828-458D6170BAE3}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {BB41F8EF-7F81-4B98-B828-458D6170BAE3} Yahoo Url="http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}"
  12. Foutmelding: C:\Users\Hendriks\Appdata\Local\Temp\Zoek.hta is geen geldige Win32-toepassing. Later deze tekst : Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Hendriks on za 01-02-2014 at 16:31:06,86. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Hendriks\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 16:39:07,23 ===== --- Create Environment Variables 16:39:07,98 --- Create System Restore Point 16:39:21,05 --- Checking Input 16:39:56,23 --- AU AppData Check 16:40:18,60 --- Remove From Windows Installer 16:40:25,26
  13. Hartelijk dank voor de hulp. Ik heb de twee regels verwijderd zoals uitgelegd. Hierbij de actuele log: MvG Ellie Logfile of random's system information tool 1.09 (written by random/random) Run by Hendriks at 2014-02-01 13:04:00 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 392 GB (87%) free of 451 GB Total RAM: 1996 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:04:09, on 1-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Wise\Wise Care 365\WiseMemoryOptimzer.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Hendriks.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~2\IDA\idaiehlp.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file) O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download ALL with IDA - C:\Program Files (x86)\IDA\idaieall.htm O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download remotely with IDA - C:\Program Files (x86)\IDA\remdown.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with IDA - C:\Program Files (x86)\IDA\idaie.htm O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: CNG Key Isolation (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Software Protection (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Credential Manager (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Virtual Disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Windows Activation Technologies-service (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 14494 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe" C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation atieclxx C:\Windows\system32\Hpservice.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-dfd64b50-3197-4347-bee9-2a307a69e2a8 -SystemEventPortName:HostProcess-83b149bd-f4ef-4ce9-9618-a3a8a6adf1db -IoCancelEventPortName:HostProcess-bb902ea2-3c79-49a3-8390-b20140048788 -NonStateChangingEventPortName:HostProcess-9443a45e-eef5-43d5-bcb9-4c3be7a7c8a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2ee0939f-2303-41a9-bad3-d1ee2e51f35e -DeviceGroupId: "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\AVAST Software\Avast\afwServ.exe" "C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\System32\spoolsv.exe taskeng.exe {3A70FCCB-DB70-4C66-8393-64742860D148} C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "taskhost.exe" taskeng.exe {304E8E02-F1AB-435D-B17E-1DC080423921} "C:\Program Files (x86)\Wise\Wise Care 365\WiseMemoryOptimzer.exe" -a "C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe" /auto "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" C:\Windows\System32\alg.exe "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe" C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" taskeng.exe {7BEC607C-AAAF-4BC6-883E-ADEE5016B3E9} "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" "C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe" "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" "C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe" C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Windows\SysWow64\perfhost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\locator.exe C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\UI0Detect.exe "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\System32\vds.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\svchost.exe -k wcssvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\wbem\WmiApSrv.exe C:\Windows\system32\SearchIndexer.exe /Embedding WLIDSvcM.exe 4852 "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /showtip "exptip" C:\Windows\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077} "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\servicing\TrustedInstaller.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3736.0.1974306006\738351252" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3223 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3736.2.1268885690\896012742" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/np-rf-plugin.dll" --lang=nl --channel="3736.3.591189309\533856519" /prefetch:-390060480 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" C:\Windows\System32\msdtc.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\System32\svchost.exe -k swprv "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3736.4.1572871627\738136331" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3736.6.385019025\1189164585" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3736.8.60968474\1346539105" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\system32\AUDIODG.EXE 0x7f0 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3736.9.1139863828\1106160869" /prefetch:673131151 "C:\Users\Hendriks\Downloads\RSITx64.exe" "C:\Users\Hendriks\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Driver Booster Update.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2200064268-249005537-2647804445-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Wise Care 365 PC Checkup Task.job C:\Windows\tasks\Wise Disk Cleaner Schedule Task.job C:\Windows\tasks\Wise Memory Optimizer Task.job C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job C:\Windows\tasks\Wise Turbo Checker.job =========Mozilla firefox========= ProfilePath - C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default prefs.js - "browser.startup.homepage" - "http://nl.search.yahoo.com/?type=198484&fr=spigot-yhp-ff" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ websitelogon@truesuite.com {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ nppdf32.DEU nppdf32.dll nppdf32.FRA nppdf32.JPN npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class C:\Program Files (x86)\Mozilla Firefox\searchplugins\ yahoo.xml C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\extensions\ adsremoval@adsremoval.net idamm@westbyte.com idapluginff@westbyte.com idaremote@westbyte.com savingsslider@mybrowserbar.com searchads@instair.net {58d2a791-6199-482f-a9aa-9b725ec61362} C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\plugins\ npida.dll C:\Users\Hendriks\AppData\Roaming\Mozilla\Firefox\Profiles\1c6ovwda.default\searchplugins\ yahoo_ff.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-22 2486592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-06 1372864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-12-29 24536280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-05-05 1746760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-06 1372864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}] IE 4.x-6.x BHO for Internet Download Accelerator - C:\PROGRA~2\IDA\idaiehlp.dll [2013-09-20 168224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-12-29 18594008] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-05-05 1598280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-06 1138536] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-12-29 24536280] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-06 1372864] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-06 1372864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-12-29 18594008] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-06 1138536] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-12-29 109784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare Ultimate] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] C:\Program Files\Apoint2K\Apoint.exe [2011-02-19 569200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-08-07 601928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Hendriks\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-28 138096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [2011-11-22 1327440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\Windows\system32\hkcmd.exe [2013-10-11 399856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP CoolSense] c:\program files (x86)\hewlett-packard\hp coolsense\coolsense.exe [2011-05-31 1342008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2011-05-10 49208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-06-13 336440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\Windows\system32\igfxtray.exe [2013-10-11 172016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2013-12-13 1573184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] C:\Windows\system32\igfxpers.exe [2013-10-11 442352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-06-27 42808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowBatteryBar] c:\program files\batterybar\showbatterybar.exe [2013-04-11 89600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinnyClock] C:\Program Files (x86)\XDTK\Skinny Clock\SkinnyClock.exe [2013-01-18 1769472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] c:\program files (x86)\skype\phone\skype.exe [2013-10-02 20472992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:] [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-06 3764024] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\SYSTEM32\igfxdev.dll [2013-10-11 442880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=221 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-27 17:42:56 ----D---- C:\Users\Hendriks\AppData\Roaming\Eusing 2014-01-26 22:41:41 ----D---- C:\rsit 2014-01-26 22:41:41 ----D---- C:\Program Files\trend micro 2014-01-26 22:13:18 ----D---- C:\Program Files (x86)\MyPC Backup 2014-01-26 22:11:35 ----D---- C:\AdwCleaner 2014-01-23 22:31:54 ----A---- C:\Windows\system32\SmartDefragBootTime.exe 2014-01-23 22:31:11 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll 2014-01-22 18:35:20 ----D---- C:\ProgramData\ProductData 2014-01-22 18:35:03 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-20 16:30:42 ----A---- C:\Windows\system32\drivers\HECIx64.sys 2014-01-20 16:30:26 ----D---- C:\Program Files\Synaptics 2014-01-20 16:30:16 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys 2014-01-16 19:22:49 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-16 19:22:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-16 19:22:38 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-16 19:22:38 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-15 09:23:30 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 09:23:29 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 09:23:28 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 09:23:27 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-07 10:17:00 ----D---- C:\DPD 2014-01-07 10:09:25 ----D---- C:\Users\Hendriks\AppData\Roaming\TeamViewer 2014-01-06 23:55:39 ----A---- C:\Windows\system32\drivers\aswstm.sys ======List of files/folders modified in the last 1 month====== 2014-02-01 12:57:36 ----D---- C:\Windows 2014-02-01 12:56:13 ----D---- C:\Windows\Temp 2014-02-01 12:54:22 ----D---- C:\Users\Hendriks\AppData\Roaming\Wise Care 365 2014-02-01 12:54:14 ----D---- C:\Windows\system32\config 2014-02-01 12:53:33 ----A---- C:\Windows\SYSWOW64\log.txt 2014-02-01 12:52:48 ----D---- C:\Windows\registration 2014-02-01 12:51:48 ----D---- C:\Windows\debug 2014-02-01 12:31:27 ----D---- C:\Windows\system32\catroot2 2014-02-01 10:38:43 ----D---- C:\Users\Hendriks\AppData\Roaming\SoftGrid Client 2014-02-01 08:58:56 ----D---- C:\Windows\system32\Tasks 2014-02-01 08:50:30 ----D---- C:\Windows\SoftwareDistribution 2014-02-01 08:44:30 ----D---- C:\Windows\system32\LogFiles 2014-02-01 01:26:24 ----SHD---- C:\boot 2014-01-31 23:56:06 ----D---- C:\Windows\SYSWOW64\config 2014-01-31 23:46:22 ----SHD---- C:\System Volume Information 2014-01-31 23:45:11 ----SHD---- C:\Windows\Installer 2014-01-31 23:43:55 ----D---- C:\Windows\SysWOW64 2014-01-31 23:09:29 ----D---- C:\Users\Hendriks\AppData\Roaming\Skype 2014-01-30 17:14:47 ----D---- C:\Program Files\CCleaner 2014-01-30 12:28:16 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-01-28 00:31:43 ----D---- C:\Windows\system32\wdi 2014-01-27 17:42:50 ----D---- C:\Program Files (x86)\Eusing Cleaner 2014-01-27 12:00:31 ----D---- C:\Windows\System32 2014-01-27 12:00:31 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-27 12:00:30 ----D---- C:\Windows\inf 2014-01-27 01:07:25 ----D---- C:\Users\Hendriks\AppData\Roaming\Internet Download Accelerator 2014-01-26 23:57:47 ----D---- C:\Program Files (x86) 2014-01-26 22:41:41 ----RD---- C:\Program Files 2014-01-26 22:13:15 ----HD---- C:\ProgramData 2014-01-26 21:44:29 ----D---- C:\Program Files (x86)\Google 2014-01-26 09:41:08 ----D---- C:\Program Files (x86)\Opera 2014-01-26 02:04:41 ----D---- C:\Program Files\Enigma Software Group 2014-01-26 02:01:50 ----D---- C:\Users\Hendriks\AppData\Roaming\Common 2014-01-26 02:01:50 ----D---- C:\Program Files (x86)\SarbyxTrayClock 2014-01-26 02:01:44 ----D---- C:\Program Files (x86)\Common Files 2014-01-25 20:22:37 ----D---- C:\Program Files (x86)\IObit 2014-01-24 10:48:45 ----D---- C:\Windows\system32\FxsTmp 2014-01-23 22:31:09 ----D---- C:\Windows\system32\drivers 2014-01-23 22:31:03 ----D---- C:\Users\Hendriks\AppData\Roaming\IObit 2014-01-22 18:51:16 ----D---- C:\Windows\Panther 2014-01-22 18:34:59 ----D---- C:\ProgramData\IObit 2014-01-20 16:31:35 ----D---- C:\Windows\system32\catroot 2014-01-20 16:30:43 ----D---- C:\Windows\system32\DriverStore 2014-01-20 16:22:39 ----D---- C:\Windows\Tasks 2014-01-17 09:50:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-16 19:28:39 ----D---- C:\ProgramData\Oracle 2014-01-15 17:39:37 ----D---- C:\Windows\winsxs 2014-01-15 17:06:52 ----D---- C:\Windows\system32\MRT 2014-01-15 17:03:54 ----A---- C:\Windows\system32\MRT.exe 2014-01-07 10:17:00 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-01-06 23:55:28 ----A---- C:\Windows\system32\aswBoot.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-28 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-06 207904] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848] R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2012-12-30 236216] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184] R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2013-10-28 28184] R1 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-01-08 439648] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-28 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-06 1034464] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-06 422216] R1 RapportCerberus_44365;RapportCerberus_44365; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_44365.sys [2012-12-10 508024] R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-12-30 224024] R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-12-30 357272] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-06 78648] R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-08-07 70984] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-02-22 351864] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-06 79672] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-11 5361920] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2014-01-20 64624] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-20 32496] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384] S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-08 9259520] S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-08 301568] S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-06-16 133160] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [] S3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-05-21 89640] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280] S3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RapportIaso;RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [2012-12-10 175352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-31 19456] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-25 337512] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-31 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-10-31 30208] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-08 203776] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-06 50344] R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-01-06 113704] R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-08-07 384840] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-04-08 26680] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592] R2 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-23 212944] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-22 326168] R2 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-12-30 1115992] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280] S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 257928] S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-08-07 393032] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176] S2 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120] S2 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-21 818232] S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S2 WatAdminSvc;Windows Activation Technologies-service; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-08 1255736] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-11 279024] S3 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-05-05 263496] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176] S3 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168] S3 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568] S4 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-01-14 1024384] -----------------EOF-----------------
  14. Hallo, Chrome omnibox om te zoeken in adresbalk springt steeds terug op standaardzoekmachine yahoo. Ook als ik deze heb verwijderd in beheer. alle apps en extenties uitgeschakeld. Pc start traag op. afbeeldingen in Java werkt traag. In Firefox werkt deze beter. malwarefighter malwarebytes uitgevoerd. Ik zou héééél blij zijn als ik alles eraf kan halen wat eventueel schadelijk en hinderlijk is op mijn PC. Onderstaand Hijack log. Groeten Ellie Logfile of Trend Micro HijackThis v2.0.5Scan saved at 19:20:23, on 30-1-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! FIREFOX: 26.0 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\Hendriks\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo Zoeken - zoeken op het web R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~2\IDA\idaiehlp.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - (no file) O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download ALL with IDA - C:\Program Files (x86)\IDA\idaieall.htm O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download remotely with IDA - C:\Program Files (x86)\IDA\remdown.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with IDA - C:\Program Files (x86)\IDA\idaie.htm O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: CNG Key Isolation (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Software Protection (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Credential Manager (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Virtual Disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Windows Activation Technologies-service (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 13587 bytes
  15. Geweldig! batterybar geeft heel duidelijk continue in werkbalk resterende tijd aan dat ie nog nodig heeft om op te laden. En als accu klaar is met opladen de tekst "op netstroom" dat continue in beeld blijft. Ik hoop dat het gratis blijft. Het scheelt dat ie bij mij nooit hele dagen en nachten aan staat. Ik kan zelfs lezen hoe groot percentage is dat de accu is versleten. Samen met usb aardingsstekker is het voor mij mogelijk om redelijk te kunnen werken met laptop.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.