Suez
Lid-
Items
62 -
Registratiedatum
-
Laatst bezocht
Suez's prestaties
-
Troep binnengehaald met Winzip
Suez reageerde op Suez's topic in Archief Bestrijding malware & virussen
Ook dat is helaas niet mogelijk. Optie verwijderen staat er bij dit programma niet bij. -
Troep binnengehaald met Winzip
Suez reageerde op Suez's topic in Archief Bestrijding malware & virussen
Ik heb het bekeken, maar ik heb niet alle opties die daarbij staan. Het lijkt erop dat deze virusscanner is beveiligd voor uitschakeling of verwijderen. -
Troep binnengehaald met Winzip
Suez reageerde op Suez's topic in Archief Bestrijding malware & virussen
Het lukt mij niet om de trendmicro virusscanner uit te schakelen, omdat hier een password voor nodig is en ik deze niet weet. Daardoor kan ik de zoek.exe niet openen, omdat hij deze blokkeert. -
Hallo, Ik had Winzip nodig om een bestand uit te pakken. Helaas heb ik daarmee een hoop troep binnengehaald. Zouden jullie kunnen helpen? En is er een alternatieve, veilige manier om zip-bestanden uit te pakken? Want ik heb al vaker ellende gehad met Winzip en mijn collega ook. Maar we krijgen toch regelmatig Zip bestanden binnen waar we iets mee moeten. Bij deze mijn log: Logfile of random's system information tool 1.10 (written by random/random) Run by MEE at 2015-01-27 09:36:10 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 359 GB (79%) free of 453 GB Total RAM: 8056 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:36:17, on 27-1-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Users\MEE.mee-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe C:\windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Users\MEE~1.MEE\AppData\Local\Temp\ICSW_0M0D1V1N1N1S1R.exe C:\Program Files (x86)\PC Speed Maximizer\SPMSchedule.exe C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.expext.exe C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.BrowserAdapter.exe C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\MEE.mee-HP\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\MEE.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/12 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Dynamo Combo 1.0.0.7 - {986c37a1-7b65-476f-80dc-54f80bd4b0d6} - C:\Program Files (x86)\Dynamo Combo\DynamoCombobho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [iFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = MEE.mee-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe O23 - Service: OfficeScan Common Client Solution Framework (tmccsf) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe O23 - Service: Trend Micro OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Update Dynamo Combo - Unknown owner - C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe O23 - Service: Util Dynamo Combo - Unknown owner - C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 23932 bytes ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\windows\tasks\HPCeeScheduleForMEE.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMEE (null) ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}] TmIEPlugInBHO Class - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll [2014-01-28 227888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}] File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{986c37a1-7b65-476f-80dc-54f80bd4b0d6}] Dynamo Combo 1.0.0.7 - C:\Program Files (x86)\Dynamo Combo\DynamoCombobho.dll [2015-01-27 269048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03 343456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03 343456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03 343456] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-14 56128] "IMSS"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [2013-11-14 134616] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 292088] "File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616] "IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800] "CitrixReceiver"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk [] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2012-07-27 380088] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296] "Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-12-03 41360] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-12-03 840592] "QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-02-10 336672] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-07-18 683656] "Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-05-26 2688920] "HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-09 185144] ""= [] "OfficeScanNT Monitor"=C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2014-04-07 2323320] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584] "AdobeBridge"= [] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe C:\Users\MEE.mee-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\MEE.mee-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP] C:\windows\SYSTEM32\DeviceNP.dll [2012-11-19 75648] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "msacm.siren"=sirenacm.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-27 09:36:10 ----D---- C:\rsit 2015-01-27 09:28:57 ----D---- C:\ProgramData\Norton 2015-01-27 09:28:57 ----D---- C:\Program Files (x86)\Norton 360 2015-01-27 09:28:51 ----D---- C:\ProgramData\NortonInstaller 2015-01-27 09:28:51 ----D---- C:\Program Files (x86)\NortonInstaller 2015-01-27 09:27:37 ----D---- C:\Users\MEE.mee-HP\AppData\Roaming\PC Speed Maximizer 2015-01-27 09:22:42 ----D---- C:\Program Files (x86)\Dynamo Combo 2015-01-27 09:22:35 ----D---- C:\Program Files (x86)\PC Speed Maximizer 2015-01-14 10:04:45 ----A---- C:\windows\SysWOW64\nlaapi.dll 2015-01-14 10:04:45 ----A---- C:\windows\SysWOW64\ncsi.dll 2015-01-14 10:04:43 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe 2015-01-14 10:04:42 ----A---- C:\windows\SysWOW64\srclient.dll 2015-01-14 10:04:42 ----A---- C:\windows\SysWOW64\ntoskrnl.exe 2015-01-12 14:16:18 ----D---- C:\Users\MEE.mee-HP\AppData\Roaming\GemistDownloader 2015-01-06 14:59:31 ----D---- C:\Program Files (x86)\Image Resizer for Windows ======List of files/folders modified in the last 1 month====== 2015-01-27 09:36:17 ----D---- C:\Program Files (x86)\Trend Micro 2015-01-27 09:34:29 ----D---- C:\Windows 2015-01-27 09:33:22 ----D---- C:\windows\Temp 2015-01-27 09:32:44 ----D---- C:\windows\inf 2015-01-27 09:31:08 ----SHD---- C:\System Volume Information 2015-01-27 09:30:58 ----D---- C:\windows\Panther 2015-01-27 09:30:57 ----D---- C:\windows\Logs 2015-01-27 09:30:57 ----D---- C:\windows\debug 2015-01-27 09:29:27 ----A---- C:\windows\win.ini 2015-01-27 09:28:57 ----RD---- C:\Program Files (x86) 2015-01-27 09:28:57 ----HD---- C:\ProgramData 2015-01-27 09:26:43 ----RD---- C:\Program Files 2015-01-27 09:12:55 ----D---- C:\windows\System32 2015-01-27 09:12:54 ----A---- C:\windows\cfgall.ini 2015-01-27 09:08:52 ----A---- C:\windows\SysWOW64\log.txt 2015-01-27 09:08:46 ----D---- C:\Users\MEE.mee-HP\AppData\Roaming\Dropbox 2015-01-27 09:06:54 ----D---- C:\ProgramData\PDFC 2015-01-26 16:38:50 ----D---- C:\windows\Tasks 2015-01-26 14:00:01 ----D---- C:\ProgramData\WinZip 2015-01-26 13:59:54 ----SHD---- C:\windows\Installer 2015-01-26 11:01:45 ----D---- C:\windows\SysWOW64 2015-01-26 11:01:42 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe 2015-01-26 10:14:47 ----D---- C:\windows\Prefetch 2015-01-21 08:19:31 ----D---- C:\windows\winsxs 2015-01-12 14:16:18 ----D---- C:\Program Files (x86)\GemistDownloader 2015-01-06 14:59:29 ----D---- C:\ProgramData\Package Cache ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [] R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [] R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma; C:\windows\system32\DRIVERS\iusb3hcs.sys [] R0 MfeEpeOpal;MfeEpeOpal; C:\windows\SysWOW64\drivers\MfeEpeOpal.sys [] R0 MfeEpePc;MfeEpePc; C:\windows\SysWOW64\drivers\MfeEpePc.sys [] R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [] R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS [] R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS [] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-09-26 1525848] R1 ccSet_N360;N360 Settings Manager; C:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [] R1 ctxusbm;Citrix USB Monitor Driver; C:\windows\system32\DRIVERS\ctxusbm.sys [] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVia64.sys [2013-09-24 520280] R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [] R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [] R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [] R1 tmcomm;tmcomm; C:\windows\system32\DRIVERS\tmcomm.sys [] R1 tmtdi;Trend Micro TDI Driver; C:\windows\system32\DRIVERS\tmtdi.sys [] R2 tmactmon;tmactmon; C:\windows\system32\DRIVERS\tmactmon.sys [] R2 tmevtmgr;tmevtmgr; C:\windows\system32\DRIVERS\tmevtmgr.sys [] R2 TmFilter;Trend Micro Filter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2014-08-30 351032] R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2014-08-30 44856] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [] R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [] R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [] R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [] R3 btwaudio;Bluetooth-audioapparaat; C:\windows\system32\drivers\btwaudio.sys [] R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [] R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [] R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcDAud;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [] R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\windows\system32\DRIVERS\iusb3hub.sys [] R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\windows\system32\DRIVERS\iusb3xhc.sys [] R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [] R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [] R3 MEIx64;Intel® Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [] R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\ENG64.SYS [2013-10-04 126040] R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\EX64.SYS [2013-10-04 2099288] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [] R3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\windows\system32\DRIVERS\stwrt64.sys [] R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [] R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [] S0 TMEBC;TMEBC; C:\windows\system32\DRIVERS\TMEBC64.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [] S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [] S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [] S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [] S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [] S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [] S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [] S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-07-29 772064] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-03-06 1008344] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-10-11 631024] R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824] R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-02-10 683296] R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-14 13632] R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800] R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440] R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160] R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-11-14 131032] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-11-14 165336] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-11-14 279000] R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-22 1327104] R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-10-08 264360] R2 ntrtscan;OfficeScan NT RealTime Scan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2014-04-07 4632056] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-07-18 1143432] R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-10-11 154864] R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-25 327680] R2 tmlisten;OfficeScan NT Listener; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2014-04-07 4612744] R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-11-14 366040] R2 Update Dynamo Combo;Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [2015-01-27 673016] R2 Util Dynamo Combo;Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [2015-01-27 673016] R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-09 1448248] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [2014-03-19 575024] R3 TmProxy;Trend Micro OfficeScan NT Proxy Service; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2014-01-28 929328] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26 267440] S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET-statusservice; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 cphs;Intel® Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-06 279000] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-11-19 477056] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-11 194032] S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V [] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2013-03-08 68096] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-10-11 284912] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480] S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 tmccsf;OfficeScan Common Client Solution Framework; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [2014-04-07 701064] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552] -----------------EOF-----------------
-
Zo te zien is hij verdwenen.
-
AdwCleaner AdwCleaner[S0].txt
-
zoekresultaten 2 zoek-results2.txt
-
Bij deze zoek-results.txt
-
Logfile of random's system information tool 1.10 (written by random/random) Run by Gebruiker at 2014-07-14 21:27:38 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 77 GB (63%) free of 123 GB Total RAM: 4093 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:27:44, on 14-7-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Citrix\ICA Client\redirector.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Symbaloo | Je persoonlijke Startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [GameShadow] C:\Program Files (x86)\GameShadow\GameShadow.exe /q O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - Unknown owner - C:\Program Files\AVAST Software\Avast\afwServ.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11882 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe winlogon.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup /QuitInfo:0000000000000258;000000000000025C; /AddRef; atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1740 "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE /QuitInfo:0000000000000590;0000000000000594; /AddRef; /QuitInfo:0000000000000570;000000000000059C; /loadhooks /Parent:00000000000008E4 C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\File Association Helper\FAHWindow.exe" register "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup "C:\Program Files (x86)\Citrix\Receiver\Receiver.exe" -autoupdate -startplugins "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe" "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275561 /prefetch:2 "C:\Users\Gebruiker\Desktop\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7fb973550710.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-28 581824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-28 436600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2013-09-26 216248] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"= [] "GameShadow"=C:\Program Files (x86)\GameShadow\GameShadow.exe /q [] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-05-23 1564992] "KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2014-05-23 845120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "CitrixReceiver"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk [] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2013-06-14 395656] "Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2013-06-14 153992] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-05-23 311616] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-04 3890208] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-07-14 21:27:38 ----D---- C:\Program Files\trend micro 2014-07-14 21:27:37 ----D---- C:\rsit 2014-07-14 21:00:04 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-07-14 20:59:52 ----D---- C:\ProgramData\Malwarebytes 2014-07-14 20:59:52 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-14 20:59:52 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-07-14 20:59:52 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-07-14 20:59:52 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-07-14 20:51:28 ----D---- C:\ProgramData\WinZip 2014-07-14 20:51:25 ----D---- C:\Program Files\WinZip 2014-07-14 20:51:19 ----D---- C:\Users\Gebruiker\AppData\Roaming\sparta111 2014-07-14 20:49:29 ----SHD---- C:\Config.Msi 2014-07-10 13:04:07 ----A---- C:\Windows\system32\aepdu.dll 2014-07-10 13:04:07 ----A---- C:\Windows\system32\aeinv.dll 2014-07-10 13:04:00 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-10 13:04:00 ----A---- C:\Windows\system32\win32k.sys 2014-07-10 13:04:00 ----A---- C:\Windows\system32\osk.exe 2014-07-10 13:03:59 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-10 13:03:59 ----A---- C:\Windows\system32\qedit.dll 2014-07-10 13:03:59 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-10 13:03:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-07-10 13:03:53 ----A---- C:\Windows\system32\iernonce.dll 2014-07-10 13:03:53 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-07-10 13:03:53 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-10 13:03:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-10 13:03:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-10 13:03:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-10 13:03:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 13:03:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-10 13:03:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-10 13:03:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-10 13:03:51 ----A---- C:\Windows\system32\urlmon.dll 2014-07-10 13:03:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 13:03:50 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-07-10 13:03:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-10 13:03:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-10 13:03:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-10 13:03:50 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-10 13:03:50 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-07-10 13:03:50 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-10 13:03:49 ----A---- C:\Windows\system32\iesetup.dll 2014-07-10 13:03:49 ----A---- C:\Windows\system32\iertutil.dll 2014-07-10 13:03:49 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-07-10 13:03:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-07-10 13:03:48 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-10 13:03:47 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-10 13:03:47 ----A---- C:\Windows\system32\ieui.dll 2014-07-10 13:03:47 ----A---- C:\Windows\system32\ieframe.dll 2014-07-10 13:03:47 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-10 13:03:46 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-07-10 13:03:46 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-10 13:03:46 ----A---- C:\Windows\system32\jscript9diag.dll 2014-07-10 13:03:46 ----A---- C:\Windows\system32\jscript9.dll 2014-07-10 13:03:46 ----A---- C:\Windows\system32\ieUnatt.exe 2014-07-10 13:03:45 ----A---- C:\Windows\system32\wininet.dll 2014-07-10 13:03:45 ----A---- C:\Windows\system32\vbscript.dll 2014-07-10 13:03:45 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-07-10 13:03:45 ----A---- C:\Windows\system32\ieapfltr.dll 2014-07-10 13:03:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 13:03:44 ----A---- C:\Windows\system32\msrating.dll 2014-07-10 13:03:44 ----A---- C:\Windows\system32\mshtml.dll 2014-07-10 13:03:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-07-10 13:03:38 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-07-10 13:03:38 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-07-10 13:03:38 ----A---- C:\Windows\SYSWOW64\certcli.dll 2014-07-10 13:03:38 ----A---- C:\Windows\system32\schannel.dll 2014-07-10 13:03:38 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-10 13:03:38 ----A---- C:\Windows\system32\certcli.dll 2014-07-10 12:11:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2014-07-01 23:13:01 ----D---- C:\Users\Gebruiker\AppData\Roaming\GemistDownloader 2014-07-01 23:13:00 ----D---- C:\Program Files (x86)\GemistDownloader 2014-06-10 20:49:13 ----A---- C:\Windows\system32\usp10.dll 2014-06-10 20:49:12 ----A---- C:\Windows\SYSWOW64\usp10.dll 2014-06-10 20:49:12 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-10 20:49:12 ----A---- C:\Windows\system32\drivers\netio.sys 2014-06-10 20:49:12 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-10 20:49:10 ----A---- C:\Windows\SYSWOW64\msxml6r.dll 2014-06-10 20:49:10 ----A---- C:\Windows\SYSWOW64\msxml6.dll 2014-06-10 20:49:10 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-06-10 20:49:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-10 20:49:10 ----A---- C:\Windows\system32\msxml6r.dll 2014-06-10 20:49:10 ----A---- C:\Windows\system32\msxml6.dll 2014-06-10 20:49:10 ----A---- C:\Windows\system32\msxml3r.dll 2014-06-10 20:49:10 ----A---- C:\Windows\system32\msxml3.dll 2014-06-10 20:49:08 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-06-10 20:49:07 ----A---- C:\Windows\system32\rdpcorets.dll 2014-05-29 13:00:43 ----A---- C:\Windows\system32\drivers\ssudmdm.sys 2014-05-29 13:00:43 ----A---- C:\Windows\system32\drivers\ssudbus.sys 2014-05-29 12:58:56 ----D---- C:\Program Files (x86)\MarkAny 2014-05-28 11:24:04 ----A---- C:\Windows\system32\drivers\aswHwid.sys 2014-05-28 11:23:59 ----A---- C:\Windows\avastSS.scr 2014-05-13 19:08:38 ----A---- C:\Windows\system32\shell32.dll 2014-05-13 19:08:37 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-05-13 19:08:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2014-05-13 19:08:23 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-05-13 19:08:23 ----A---- C:\Windows\system32\kerberos.dll 2014-05-13 19:08:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2014-05-13 19:08:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-05-13 19:08:22 ----A---- C:\Windows\system32\winlogon.exe 2014-05-13 19:08:22 ----A---- C:\Windows\system32\msv1_0.dll 2014-05-13 19:08:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-05-13 19:08:21 ----A---- C:\Windows\system32\objsel.dll 2014-05-13 19:08:21 ----A---- C:\Windows\system32\kernel32.dll 2014-05-13 19:08:20 ----A---- C:\Windows\system32\adtschema.dll 2014-05-13 19:08:19 ----A---- C:\Windows\SYSWOW64\objsel.dll 2014-05-13 19:08:19 ----A---- C:\Windows\SYSWOW64\cngprovider.dll 2014-05-13 19:08:19 ----A---- C:\Windows\SYSWOW64\capiprovider.dll 2014-05-13 19:08:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\wow64win.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\winsrv.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\TSpkg.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\ncrypt.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\dimsroam.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\cngprovider.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\capiprovider.dll 2014-05-13 19:08:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\dimsroam.dll 2014-05-13 19:08:18 ----A---- C:\Windows\SYSWOW64\adprovider.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\wow64.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\wincredprovider.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\wdigest.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-05-13 19:08:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2014-05-13 19:08:18 ----A---- C:\Windows\system32\drivers\appid.sys 2014-05-13 19:08:18 ----A---- C:\Windows\system32\dpapiprovider.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\conhost.exe 2014-05-13 19:08:18 ----A---- C:\Windows\system32\appidsvc.dll 2014-05-13 19:08:18 ----A---- C:\Windows\system32\adprovider.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-05-13 19:08:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\wow32.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\setup16.exe 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\instnm.exe 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2014-05-13 19:08:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\wow64cpu.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\sspisrv.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\sspicli.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\smss.exe 2014-05-13 19:08:17 ----A---- C:\Windows\system32\secur32.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\ntvdm64.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\msobjs.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\msaudite.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\lsass.exe 2014-05-13 19:08:17 ----A---- C:\Windows\system32\csrsrv.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\credssp.dll 2014-05-13 19:08:17 ----A---- C:\Windows\system32\auditpol.exe 2014-05-13 19:08:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2014-05-13 19:08:17 ----A---- C:\Windows\system32\appidapi.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-05-13 19:08:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-05-13 19:08:16 ----A---- C:\Windows\SYSWOW64\user.exe 2014-05-13 19:08:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2014-05-13 19:08:16 ----A---- C:\Windows\system32\apisetschema.dll 2014-05-07 16:06:09 ----D---- C:\ProgramData\hps 2014-05-07 16:05:12 ----D---- C:\Program Files (x86)\ALDI 2014-05-01 18:52:39 ----SD---- C:\Windows\system32\CompatTel 2014-05-01 18:51:29 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-05-01 18:51:25 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-05-01 18:51:25 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-05-01 18:51:25 ----A---- C:\Windows\SYSWOW64\java.exe ======List of files/folders modified in the last 3 months====== 2014-07-14 21:27:38 ----RD---- C:\Program Files 2014-07-14 21:26:03 ----D---- C:\Windows\Temp 2014-07-14 21:24:16 ----D---- C:\Windows\System32 2014-07-14 21:24:16 ----D---- C:\Windows\inf 2014-07-14 21:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-14 21:20:26 ----D---- C:\Windows\system32\config 2014-07-14 21:13:40 ----SHD---- C:\Windows\Installer 2014-07-14 21:13:40 ----D---- C:\Windows\system32\drivers 2014-07-14 21:12:36 ----D---- C:\ProgramData\saVyennsharre 2014-07-14 21:12:36 ----D---- C:\ProgramData\saovvenusshaRe 2014-07-14 20:59:52 ----RD---- C:\Program Files (x86) 2014-07-14 20:59:52 ----HD---- C:\ProgramData 2014-07-14 20:53:33 ----D---- C:\Windows\Tasks 2014-07-14 20:53:33 ----D---- C:\Windows\system32\Tasks 2014-07-14 20:51:38 ----D---- C:\Windows 2014-07-14 20:49:31 ----D---- C:\Windows\Prefetch 2014-07-14 20:49:15 ----SHD---- C:\System Volume Information 2014-07-10 21:42:35 ----D---- C:\Windows\rescache 2014-07-10 17:53:44 ----D---- C:\Windows\winsxs 2014-07-10 17:51:39 ----D---- C:\Windows\SYSWOW64\Dism 2014-07-10 17:51:39 ----D---- C:\Windows\system32\Dism 2014-07-10 17:51:39 ----D---- C:\Program Files\Windows Journal 2014-07-10 17:51:38 ----D---- C:\Windows\SysWOW64 2014-07-10 17:51:38 ----D---- C:\Windows\ehome 2014-07-10 17:51:37 ----D---- C:\Program Files\Internet Explorer 2014-07-10 17:51:36 ----D---- C:\Windows\SYSWOW64\en-US 2014-07-10 17:51:36 ----D---- C:\Windows\system32\en-US 2014-07-10 17:51:36 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-10 13:11:21 ----D---- C:\Windows\system32\MRT 2014-07-10 13:10:21 ----A---- C:\Windows\system32\MRT.exe 2014-07-10 13:03:30 ----D---- C:\Windows\system32\catroot2 2014-07-10 13:03:30 ----D---- C:\Windows\system32\catroot 2014-07-10 12:11:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-07-09 19:09:35 ----D---- C:\Users\Gebruiker\AppData\Roaming\Belastingdienst 2014-06-11 18:33:42 ----D---- C:\Windows\system32\DriverStore 2014-06-10 23:01:09 ----D---- C:\ProgramData\Microsoft Help 2014-05-29 13:52:30 ----D---- C:\Windows\Microsoft.NET 2014-05-29 12:45:13 ----D---- C:\Users\Gebruiker\AppData\Roaming\Samsung 2014-05-28 11:24:00 ----A---- C:\Windows\system32\aswBoot.exe 2014-05-14 09:36:57 ----RSD---- C:\Windows\assembly 2014-05-14 09:11:27 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-05-14 09:11:26 ----D---- C:\Windows\system32\nl-NL 2014-05-14 09:11:26 ----D---- C:\Windows\AppPatch 2014-05-13 22:27:53 ----D---- C:\Program Files (x86)\Common Files 2014-05-01 18:51:42 ----D---- C:\ProgramData\Oracle 2014-05-01 18:51:23 ----D---- C:\Program Files (x86)\Java 2014-04-23 18:59:54 ----D---- C:\Windows\PolicyDefinitions ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-28 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-28 208416] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-10-14 213888] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-28 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-28 1039096] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-28 423240] R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2013-06-04 95152] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2011-10-14 60416] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-28 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-28 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-28 85328] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504] R3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\Windows\system32\DRIVERS\AVerPola.sys [2011-01-04 534144] R3 AVPolDIR;AVerMedia USB Polaris Series Dummy IR Service; C:\Windows\system32\DRIVERS\AVPolDIR.sys [2011-01-04 7168] R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2010-07-13 69736] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2013-07-09 173656] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] S1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [] S1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-03-19 109056] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840] S3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-10-14 109056] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-03-19 206080] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-28 50344] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-09 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
Hallo, Ik heb weer eens wat raars binnengehaald met mijn PC, namelijk een 'speeddial browser'. Ik wil hier graag vanaf. Zou u mij kunnen helpen? Groeten, Suzanne
-
ik vind het nu niet meer terug
-
# AdwCleaner v2.301 - Verslag gemaakt op 20/05/2013 om 20:50:42 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Suzanne - SUZANNE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Suzanne\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Program Files (x86)\TornTV.com Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\ProgramData\Tarma Installer Map Verwijdert : C:\Users\Suzanne\AppData\Local\Temp\boost_interprocess Map Verwijdert : C:\Users\Suzanne\AppData\Roaming\Babylon Map Verwijdert : C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Map Verwijdert : C:\Windows\SysWOW64\WNLT Verwijdert bij het opstarten : C:\ProgramData\BrowserProtect ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\1ClickDownload Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\536d8dae03aeb49 Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Verwijdert : HKLM\SOFTWARE\Tarma Installer ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.2166] : homepage = "hxxp://www1.delta-search.com/?affID=119776&tt=gc_&babsrc=HP_ss&mntrId=806300269E5708[...] ************************* AdwCleaner[s1].txt - [2617 octets] - [20/05/2013 20:50:42] ########## EOF - C:\AdwCleaner[s1].txt - [2677 octets] ##########
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:10:52, on 20-5-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe C:\Program Files (x86)\CyberLink\TV Enhance\TVEService.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Symbaloo | Je persoonlijke Startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [TVEService] "C:\Program Files (x86)\CyberLink\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: c:\progra~2\citrix\icacli~1\rshook.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12731 bytes
-
Hallo, Als ik mijn browser opstart heb ik ineens last van Delta Search. Graag jullie hulp om dit eraf te krijgen. Groeten, Suzanne
-
Computer start steeds met systeemherstel
Suez reageerde op Suez's topic in Archief Bestrijding malware & virussen
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!