Ga naar inhoud

joderoo

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    10

  • Registratiedatum

  • Laatst bezocht

Over joderoo

  • Verjaardag 26-11-1969

PC Specificaties

  • Besturingssysteem
    XP home

joderoo's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. joderoo
    nee,ik heb nog altijd hetzelfde probleem. ik denk dat ik mijn systeem ga formateren zonder backup te maken,en dan alles er terug op instaleren. in ieder geval bedankt voor dr hulp. Keep up the good pace
  2. joderoo
    hallo,sorry voor het laat reageren maar het lukt nog altijd niet.
  3. joderoo
    Hallo, ik ben echt versteld om hoeveel mensen me hier willen helpen. KEEP UP THE GOOD JOB people. Ik heb adware gedraaid en hierbij zend ik jullie het logje. Ik moet jullie er wel bij vertellen dat ik sindsdien ik "adware" heb laten lopen dat ik wel terug scherm heb gekregen op bepaalde sites. Is er ergens een verband en indien ja zou ik dolgraag willen weten wat het probleem is of was. Bedankt mensen. vriendelijke groeten joery # AdwCleaner v4.201 - Logbestand aangemaakt 21/04/2015 op 08:34:02 # Laatste update 08/04/2015 door Xplode # Database : 2015-04-20.1 [server] # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64) # Gebruikersnaam : joderoo - JODEROO-PC # Gestart vanuit : D:\Joderoo(D)\PC safety\PC-Helpforum 04-2015\adwcleaner_4.201.exe # Optie : Scannen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Bestand Gevonden : C:\Windows\System32\log\iSafeKrnlCall.log Map Gevonden : C:\Users\joderoo\AppData\Local\Hola ***** [ Geplande taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Gevonden : HKCU\Software\estdemin Sleutel Gevonden : [x64] HKCU\Software\estdemin Sleutel Gevonden : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\PCSU.Registry Sleutel Gevonden : HKLM\SOFTWARE\Classes\PCSU.SysUtils Sleutel Gevonden : HKU\.DEFAULT\Software\Elex-tech ***** [ Webbrowsers ] ***** -\\ Internet Explorer v11.0.9600.17728 -\\ Mozilla Firefox v38.0 (x86 nl) [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.defaultenginename,S", "WebSearch"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.order.1", "SearchAlgo"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.order.1,S", "WebSearch"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.selectedEngine,S", "WebSearch"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.4vcTV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...] [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...] [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...] [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1400104413740"); [2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.zkVd6S.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...] -\\ Google Chrome v42.0.2311.90 -\\ Opera v28.0.1750.51 ************************* AdwCleaner[R0].txt - [11907 bytes] - [04/02/2015 13:56:56] AdwCleaner[R1].txt - [3215 bytes] - [20/04/2015 21:14:08] AdwCleaner[R2].txt - [3094 bytes] - [21/04/2015 08:34:02] AdwCleaner[s0].txt - [9338 bytes] - [04/02/2015 14:00:24] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3212 bytes] ##########
  4. joderoo
    hallo ik stuur u het logje van ""Zoek.exe"" langs deze weg want ik kan nikske uploaden via jullie site bedankt voor de medewerking. joery, Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by joderoo on wo 15/04/2015 at 23:58:10,24. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Joderoo(D)\Rapget\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 15/04/2015 23:59:37 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Citrix deleted successfully C:\PROGRA~2\Gecko Software deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Bitrix deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\WinZip deleted successfully C:\Users\joderoo\AppData\Roaming\Awesomium deleted successfully C:\Users\joderoo\AppData\Roaming\idesktop deleted successfully C:\Users\joderoo\AppData\Roaming\Vso deleted successfully C:\Users\joderoo\AppData\Roaming\WiseUpdate deleted successfully C:\Users\joderoo\AppData\Local\Canon Easy-PhotoPrint EX deleted successfully C:\Users\joderoo\AppData\Local\Unity deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E421D566-29E5-F629-2C56-E5BC07586950}] ==== Deleting Files \ Folders ====================== "C:\Users\joderoo\AppData\Roaming\FHIGIC.exe" not found C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\artur.dubovoy@gmail.com deleted C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\clickclean@hotcleaner.com deleted C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-4P0kohSJxU1qGg@jetpack deleted C:\ProgramData\{20797b0b-ff14-a8ec-2079-97b0bff1ec2f} deleted C:\Program Files (x86)\43d45ddb-733d-4a4f-9d91-4e3253112627 deleted "C:\Windows\tasks\FHIGIC.job" deleted "C:\Windows\SYSWOW64\RENBF1E.tmp" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\joderoo\AppData\Local\Temp ==== 2015-04-13 20:12:56 E82AB1F1B22D4AE5A38B28F94BF7888F 15252424 ----a-w- C:\Users\joderoo\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.455.exe 2015-04-12 21:30:10 0944AF122EF33168F38D858DAE0CF263 561576 ----a-w- C:\Users\joderoo\AppData\Local\Temp\jre-8u40-windows-au.exe 2015-04-12 20:56:53 F76D4ECF94DC677C13061EAEE9D6745A 312832 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\IntlProvider.dll 2015-04-12 20:56:53 EC664AAB47C27667256DDFBD13986239 127488 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\OSProvider.dll 2015-04-12 20:56:53 CD564F5637BBBEB6E5F3464EDD573C80 438272 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DmiProvider.dll 2015-04-12 20:56:53 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismCorePS.dll 2015-04-12 20:56:53 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismProv.dll 2015-04-12 20:56:53 A77A8EB5E9BA6D63A121811F0830F565 302080 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\UnattendProvider.dll 2015-04-12 20:56:53 8DF4C8E300C8D32468F6141D22BBAF24 271360 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\SmiProvider.dll 2015-04-12 20:56:53 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\wdscore.dll 2015-04-12 20:56:53 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\TransmogProvider.dll 2015-04-12 20:56:53 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismCore.dll 2015-04-12 20:56:53 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\FolderProvider.dll 2015-04-12 20:56:53 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismHost.exe 2015-04-12 20:56:53 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\MsiProvider.dll 2015-04-12 20:56:53 3A9C49943047DE6C6F8DC68CB986A0EC 183296 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\CompatProvider.dll 2015-04-12 20:56:53 2961AB067AE61440ADF11C4BFE085151 1672192 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\CbsProvider.dll 2015-04-12 20:56:53 27EC9795973FB7790059892EF2F363B1 107008 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\LogProvider.dll 2015-04-12 20:56:53 26981358EA5F82938387F6998F861978 471040 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\WimProvider.dll ====== Java Cache ===== 2015-04-12 21:28:05 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-123db069 2015-04-12 21:28:02 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-376d0312 2015-04-12 21:28:02 A8D75DB9A0808D3A3DAC0B4CE70CDD1E 425 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-04-12 21:28:01 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3d7894d3-7cbeae23 2015-04-12 21:28:02 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-706d8bff 2015-04-13 18:47:20 B5484710FD46B5204FB01AE9F3F3E8BE 286754 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-761599d1 2015-04-13 18:47:19 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-50f85066 2015-04-13 18:47:19 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-7603798a 2015-04-13 18:47:20 246ADA1B4B3367C8A1F00C3B2D748E32 438 ----a-w- C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2015-04-12 22:47:24 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-04-12 22:47:24 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll 2015-04-12 22:47:23 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll 2015-04-12 22:47:23 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll 2015-04-12 22:47:23 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-04-12 22:47:22 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2015-04-12 22:47:22 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2015-04-12 22:47:22 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2015-04-12 22:47:21 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_4.dll 2015-04-12 22:47:21 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\SysWOW64\XAudio2_6.dll 2015-04-12 22:47:19 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_6.dll 2015-04-12 22:47:19 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_7.dll 2015-04-12 22:47:18 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll 2015-04-12 22:47:16 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll 2015-04-12 22:47:16 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\SysWOW64\D3DCompiler_42.dll 2015-04-12 22:47:15 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\SysWOW64\d3dx11_42.dll 2015-04-12 22:47:15 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\SysWOW64\D3DX9_42.dll 2015-04-12 22:47:15 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\SysWOW64\d3dcsx_42.dll 2015-04-12 22:47:15 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll 2015-04-12 22:47:14 781E8B5B6FDB3C9B4E4A4A9FB019960D 1846632 ----a-w- C:\Windows\SysWOW64\D3DCompiler_41.dll 2015-04-12 22:47:14 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll 2015-04-12 22:47:14 1AA571774936717EE776DBED51E9EDF4 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_41.dll 2015-04-12 22:47:12 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll 2015-04-12 22:47:12 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-04-12 22:47:11 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_6.dll 2015-04-12 22:47:11 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll 2015-04-12 22:47:11 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll 2015-04-12 22:47:11 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll 2015-04-12 22:47:10 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll 2015-04-12 22:47:09 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll 2015-04-12 22:47:09 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-04-12 22:47:07 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll 2015-04-12 22:47:07 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-04-12 22:47:06 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-04-12 22:47:06 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll 2015-04-12 22:47:04 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll 2015-04-12 22:47:04 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll 2015-04-12 22:47:04 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-04-12 22:47:04 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll 2015-04-12 22:47:02 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll 2015-04-12 22:47:02 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll 2015-04-12 22:47:01 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll 2015-04-12 22:47:01 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll 2015-04-12 22:47:00 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll 2015-04-12 22:47:00 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll 2015-04-12 22:47:00 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll 2015-04-12 22:46:58 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll 2015-04-12 22:46:57 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll 2015-04-12 22:46:57 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll 2015-04-12 22:46:57 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll 2015-04-12 22:46:57 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll 2015-04-12 22:46:56 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll 2015-04-12 22:46:55 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll 2015-04-12 22:46:54 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll 2015-04-12 22:46:54 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll 2015-04-12 22:46:54 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll 2015-04-12 22:46:52 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_35.dll 2015-04-12 22:46:52 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\SysWOW64\D3DCompiler_35.dll 2015-04-12 22:46:52 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\SysWOW64\xactengine2_9.dll 2015-04-12 22:46:52 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\SysWOW64\d3dx9_35.dll 2015-04-12 22:46:50 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll 2015-04-12 22:46:50 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\SysWOW64\D3DCompiler_34.dll 2015-04-12 22:46:50 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_34.dll 2015-04-12 22:46:50 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll 2015-04-12 22:46:49 77F595DEE5FFACEA72B135B1FCE1312E 81768 ----a-w- C:\Windows\SysWOW64\xinput1_3.dll 2015-04-12 22:46:49 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\SysWOW64\d3dx9_34.dll 2015-04-12 22:46:48 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\SysWOW64\D3DCompiler_33.dll 2015-04-12 22:46:48 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\SysWOW64\xactengine2_7.dll 2015-04-12 22:46:48 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_33.dll 2015-04-12 22:46:47 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\SysWOW64\d3dx9_33.dll 2015-04-12 22:46:46 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\SysWOW64\xactengine2_6.dll 2015-04-12 22:46:44 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\SysWOW64\xactengine2_5.dll 2015-04-12 22:46:44 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\SysWOW64\d3dx10.dll 2015-04-12 22:46:44 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll 2015-04-12 22:46:42 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\Windows\SysWOW64\d3dx9_31.dll 2015-04-12 22:46:42 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\SysWOW64\xactengine2_4.dll 2015-04-12 22:46:42 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\SysWOW64\x3daudio1_1.dll 2015-04-12 22:46:41 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\SysWOW64\xactengine2_3.dll 2015-04-12 22:46:40 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\SysWOW64\xinput1_2.dll 2015-04-12 22:46:39 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\SysWOW64\xinput1_1.dll 2015-04-12 22:46:39 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\SysWOW64\xactengine2_2.dll 2015-04-12 22:46:38 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\SysWOW64\xactengine2_1.dll 2015-04-12 22:46:36 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll 2015-04-12 22:46:35 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\SysWOW64\d3dx9_29.dll 2015-04-12 22:46:35 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\SysWOW64\x3daudio1_0.dll 2015-04-12 22:46:35 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\SysWOW64\xactengine2_0.dll 2015-04-12 22:46:34 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll 2015-04-12 22:46:34 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\SysWOW64\d3dx9_27.dll 2015-04-12 22:46:33 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\SysWOW64\d3dx9_25.dll 2015-04-12 22:46:33 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\SysWOW64\d3dx9_26.dll 2015-04-12 22:46:32 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\SysWOW64\d3dx9_24.dll 2015-04-12 21:41:45 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\REN5EC2.tmp 2015-04-12 21:05:16 5AD80C5A295030C3657AB25BE587E9F5 119837704 ----a-w- C:\Windows\SysWOW64\MRT.exe 2015-04-12 21:04:21 E981C27FA6C2F45C135DB4AF78D6FE1F 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-04-12 21:04:21 C7E498E41D92CF8C2EAED9995781A7F7 29696 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-04-12 21:04:21 9D68CE45935C439D5082ECB56902124D 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-04-12 21:04:21 751C4859FD46A1461B3FB57252F541D8 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-04-12 21:04:21 031C03C9639CE0D294695968C68A5775 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-04-12 22:47:24 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll 2015-04-12 22:47:24 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll 2015-04-12 22:47:23 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll 2015-04-12 22:47:23 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll 2015-04-12 22:47:23 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll 2015-04-12 22:47:22 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2015-04-12 22:47:22 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2015-04-12 22:47:22 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2015-04-12 22:47:21 A9724EB3D6CC032D0C4ECAFF4AD8C17F 78680 ----a-w- C:\Windows\Sysnative\XAPOFX1_4.dll 2015-04-12 22:47:21 05E88C8D8E652DFF03B469331F474CCE 530776 ----a-w- C:\Windows\Sysnative\XAudio2_6.dll 2015-04-12 22:47:19 B4FF2A39685C1A6D43F0E56EB350AF3A 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_7.dll 2015-04-12 22:47:19 936DCC640B2991905D909395E03B64F9 176984 ----a-w- C:\Windows\Sysnative\xactengine3_6.dll 2015-04-12 22:47:18 C291AEFD47A587FF5F509E2F96613F7D 517960 ----a-w- C:\Windows\Sysnative\XAudio2_5.dll 2015-04-12 22:47:16 E92D2E4AFA43CD39A8C1C2C2DB59667E 2582888 ----a-w- C:\Windows\Sysnative\D3DCompiler_42.dll 2015-04-12 22:47:16 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll 2015-04-12 22:47:15 F13B90F5090EBA9041558BC6AAED79B8 5554512 ----a-w- C:\Windows\Sysnative\d3dcsx_42.dll 2015-04-12 22:47:15 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll 2015-04-12 22:47:15 522749761B6CC69F8630F4B472DCA623 285024 ----a-w- C:\Windows\Sysnative\d3dx11_42.dll 2015-04-12 22:47:15 1AF7AE1FDE027A30B9097280819A0A86 2475352 ----a-w- C:\Windows\Sysnative\D3DX9_42.dll 2015-04-12 22:47:14 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll 2015-04-12 22:47:14 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll 2015-04-12 22:47:14 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll 2015-04-12 22:47:12 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll 2015-04-12 22:47:12 37B348A79C4C9B8AB925B18FFD241E96 73544 ----a-w- C:\Windows\Sysnative\XAPOFX1_3.dll 2015-04-12 22:47:11 EEE871CC4F5563FF8B3C8385B32B0C5F 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_6.dll 2015-04-12 22:47:11 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll 2015-04-12 22:47:11 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll 2015-04-12 22:47:11 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll 2015-04-12 22:47:10 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll 2015-04-12 22:47:09 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll 2015-04-12 22:47:09 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll 2015-04-12 22:47:07 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll 2015-04-12 22:47:07 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll 2015-04-12 22:47:06 E335DF094836EE7030F1B9CE7429E884 513544 ----a-w- C:\Windows\Sysnative\XAudio2_2.dll 2015-04-12 22:47:06 0F2DB378FBE2D124E4D3631B329688AE 72200 ----a-w- C:\Windows\Sysnative\XAPOFX1_1.dll 2015-04-12 22:47:04 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll 2015-04-12 22:47:04 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll 2015-04-12 22:47:04 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll 2015-04-12 22:47:04 7505C133FC704B40CFDDFD38777BAAC3 4992520 ----a-w- C:\Windows\Sysnative\D3DX9_39.dll 2015-04-12 22:47:02 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll 2015-04-12 22:47:02 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll 2015-04-12 22:47:01 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll 2015-04-12 22:47:01 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll 2015-04-12 22:47:00 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll 2015-04-12 22:47:00 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll 2015-04-12 22:47:00 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll 2015-04-12 22:46:58 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll 2015-04-12 22:46:57 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll 2015-04-12 22:46:57 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll 2015-04-12 22:46:57 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll 2015-04-12 22:46:57 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll 2015-04-12 22:46:56 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll 2015-04-12 22:46:55 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll 2015-04-12 22:46:54 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll 2015-04-12 22:46:54 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll 2015-04-12 22:46:54 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll 2015-04-12 22:46:52 B21427EDF0449E92000FF497DAAF89C9 1985904 ----a-w- C:\Windows\Sysnative\D3DCompiler_35.dll 2015-04-12 22:46:52 A69C32C2BD01522A088D254342826866 411496 ----a-w- C:\Windows\Sysnative\xactengine2_9.dll 2015-04-12 22:46:52 84116AA94672D623B95217648AE5B5B9 508264 ----a-w- C:\Windows\Sysnative\d3dx10_35.dll 2015-04-12 22:46:52 1B3AF16A27D390096925576202A64037 5073256 ----a-w- C:\Windows\Sysnative\d3dx9_35.dll 2015-04-12 22:46:50 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll 2015-04-12 22:46:50 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll 2015-04-12 22:46:50 9D9407F52B8E24E99358D9944B0D5FA3 1401200 ----a-w- C:\Windows\Sysnative\D3DCompiler_34.dll 2015-04-12 22:46:50 1ED4E7A82BD5C7DEED082F00E63BB7A0 506728 ----a-w- C:\Windows\Sysnative\d3dx10_34.dll 2015-04-12 22:46:49 BFB3091B167550EC6E6454813D3DB244 107368 ----a-w- C:\Windows\Sysnative\xinput1_3.dll 2015-04-12 22:46:49 AE5D5439525B4A4CBF206058D493685D 4496232 ----a-w- C:\Windows\Sysnative\d3dx9_34.dll 2015-04-12 22:46:48 8C970509E0AE10061E3ED6D51E34FEB9 403304 ----a-w- C:\Windows\Sysnative\xactengine2_7.dll 2015-04-12 22:46:48 839C3921005BB41D441E3752C74F2292 506728 ----a-w- C:\Windows\Sysnative\d3dx10_33.dll 2015-04-12 22:46:48 3EBF620536A13CA343E52ECA4F0DE7F8 1400176 ----a-w- C:\Windows\Sysnative\D3DCompiler_33.dll 2015-04-12 22:46:47 3172C3CAC8EA7CA1B5D5AF6699C037D6 4494184 ----a-w- C:\Windows\Sysnative\d3dx9_33.dll 2015-04-12 22:46:46 4837A54574A6105D404A8560984B93DD 393576 ----a-w- C:\Windows\Sysnative\xactengine2_6.dll 2015-04-12 22:46:44 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll 2015-04-12 22:46:44 8251826F04BA0822D08AD9B92C65A3D5 469264 ----a-w- C:\Windows\Sysnative\d3dx10.dll 2015-04-12 22:46:44 398FF46FF7354FED2F0F1AECDB546866 390424 ----a-w- C:\Windows\Sysnative\xactengine2_5.dll 2015-04-12 22:46:42 FAAA0BB9CD2905B25334132E5BA093EB 3977496 ----a-w- C:\Windows\Sysnative\d3dx9_31.dll 2015-04-12 22:46:42 58BB51253427A834A8807B9245CC5965 364824 ----a-w- C:\Windows\Sysnative\xactengine2_4.dll 2015-04-12 22:46:42 489E5B8BB1BD1028FF1C798EAAEC65E4 17688 ----a-w- C:\Windows\Sysnative\x3daudio1_1.dll 2015-04-12 22:46:41 0396D2A98B0CCD4419B572EBF618E81E 363288 ----a-w- C:\Windows\Sysnative\xactengine2_3.dll 2015-04-12 22:46:40 06F15D3CB1AE0EAFA50F595B3FF8D9F5 83736 ----a-w- C:\Windows\Sysnative\xinput1_2.dll 2015-04-12 22:46:39 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\Windows\Sysnative\xactengine2_2.dll 2015-04-12 22:46:39 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\Windows\Sysnative\xinput1_1.dll 2015-04-12 22:46:38 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\Windows\Sysnative\xactengine2_1.dll 2015-04-12 22:46:36 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\Windows\Sysnative\d3dx9_30.dll 2015-04-12 22:46:35 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\Windows\Sysnative\x3daudio1_0.dll 2015-04-12 22:46:35 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\Windows\Sysnative\xactengine2_0.dll 2015-04-12 22:46:35 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\Windows\Sysnative\d3dx9_29.dll 2015-04-12 22:46:34 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\Windows\Sysnative\d3dx9_27.dll 2015-04-12 22:46:34 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\Windows\Sysnative\d3dx9_28.dll 2015-04-12 22:46:33 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\Windows\Sysnative\d3dx9_25.dll 2015-04-12 22:46:33 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\Windows\Sysnative\d3dx9_26.dll 2015-04-12 22:46:32 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\Windows\Sysnative\d3dx9_24.dll 2015-04-12 21:04:21 C5D90D20035928387FE27E4485EE463F 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-04-12 21:04:21 AECC03D0A794619E15FF1CB92D65EF9E 191488 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-04-12 21:04:21 AEA602B4036CF95522818E911654F52E 135168 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-04-12 21:04:21 95A9A336CFF6AC51B33BBFDBEA6D848B 60416 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-04-12 21:04:21 6C21C983C1F83900DBEDE51DCA247B72 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-04-12 21:04:21 6BAC8DCC6C58755A1B9E6D3B04C28FC5 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-04-12 21:04:21 2ADEA6F221BBF0992FDF9A3E25BA9F59 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-04-12 21:04:21 2A77BD58F0A8D3743D4299434390922E 35328 ----a-w- C:\Windows\Sysnative\wups.dll 2015-04-12 21:04:21 21DF773EF8EFEF531E7E0BF477E03047 3298816 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-04-12 21:04:21 21CA4277E6918B019525ECCD748EF401 37376 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-04-12 21:04:21 0814A74C853F50B354F08F83DDA9F7FB 2553856 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-04-12 21:04:19 E72C92A252EC4B230287BC6E06F24296 957952 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-04-12 21:04:19 826A7F422014E4762C700B4254F5C588 1111552 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-04-12 21:04:19 5D0A492C42A43DCF73284F2865519712 30720 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-04-12 21:04:19 3FCD3FE7F58935A85ACC33019129358E 419840 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-04-12 21:04:19 3F0FFBA1765470F979D57F88248070CA 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-04-12 21:04:19 205EE22E14A9848FB2266FF035BE0C9C 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-04-12 21:04:19 0E0723E6D064ACD3D603BEF93EE0B950 769536 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-04-12 21:04:19 05ED759DD0821294F05A41F6A8F1E18F 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-04-12 20:47:01 1094F9E5D3E47B806E7E4F999D4CB5B1 2337976 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2015-04-13 00:04:49 7A054959CE0F51BFA4459FE7045E4595 1360 ----a-w- C:\Windows\Tasks\OEM.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-14 20:06:30 -------- d-----w- C:\Program Files\trend micro 2015-04-08 19:57:24 -------- d-----w- C:\Program Files\Unlocker 2015-04-06 15:36:50 -------- d-----w- C:\Program Files\Network Virtual Bridge 2015-04-06 15:36:34 -------- d-----w- C:\Program Files\Network Virtual Bridge Update Protocol ======= C:\PROGRA~2 ===== 2015-04-13 21:54:59 -------- d-----w- C:\PROGRA~2\Trend Micro 2015-04-13 18:44:04 -------- d-----w- C:\PROGRA~2\Java 2015-04-12 21:27:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-04-02 19:24:17 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird ======= C: ===== ====== C:\Users\joderoo\AppData\Roaming ====== 2015-04-13 18:47:27 -------- d-----w- C:\Users\joderoo\AppData\Roaming\Oracle 2015-04-12 21:36:18 62BA01F498400DD1518D045BDC2C8E11 110168 ----a-w- C:\Users\joderoo\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-12 21:21:22 -------- d-----w- C:\Users\joderoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2015-04-08 19:57:24 -------- d-----w- C:\Users\joderoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-04-06 15:36:38 -------- d-----w- C:\Users\joderoo\AppData\Roaming\InAppBrowser 2015-04-06 15:35:46 -------- d-----w- C:\Users\joderoo\AppData\Roaming\InAppBrowserInstaller 2015-03-25 21:07:34 -------- d-----w- C:\Users\joderoo\AppData\Local\Hola ====== C:\Users\joderoo ====== 2015-04-13 20:09:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2015-04-12 21:20:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-02 20:01:06 -------- d--h--w- C:\ProgramData\CanonIJEPPEX 2015-03-29 18:05:02 -------- d-----w- C:\Users\joderoo\Tracing 2015-03-22 15:50:48 -------- d-----w- C:\Users\joderoo\dwhelper ====== C: exe-files == 2015-04-14 20:06:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\joderoo.exe 2015-04-13 20:13:04 E82AB1F1B22D4AE5A38B28F94BF7888F 15252424 ----a-w- C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.2.exe 2015-04-13 20:13:04 CC29FDF0E680C0F3531C9F2A834CA2A6 126995 ----a-w- C:\Users\joderoo\AppData\Local\Hola\firefox\app\vlc\vlc.exe 2015-04-13 20:12:56 E82AB1F1B22D4AE5A38B28F94BF7888F 15252424 ----a-w- C:\Users\joderoo\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.455.exe 2015-04-13 20:10:25 7ED2DCC0DC8D3086BBF0827AE7DBF8B9 158000 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\FlashGot.exe 2015-04-13 20:08:59 7ED2DCC0DC8D3086BBF0827AE7DBF8B9 158000 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\FlashGot.exe 2015-04-13 18:52:09 7ED2DCC0DC8D3086BBF0827AE7DBF8B9 158000 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\FlashGot.exe 2015-04-13 18:44:11 F95C5163F6D8955BEF59A896C7F7112D 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe 2015-04-13 18:44:11 DFB1F31DD4A08FA5892886DC7117064A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe 2015-04-13 18:44:11 AF28DAA2B4EB3AD87203202264A2491C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe 2015-04-13 18:44:11 A29B7A1BAD1A1EB608ACF7684F1F1E37 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe 2015-04-13 18:44:11 946FD6292EAE3FBB93CC3BB01BA8763D 76712 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe 2015-04-13 18:44:11 7833052815087E5BF9346AC78FDCED68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe 2015-04-13 18:44:11 751E8649890CC42727D80F8D6DE1F1CB 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe 2015-04-13 18:44:11 7162180C98D1BE5D1315FC05B3C91E9D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe 2015-04-13 18:44:11 689916BDF4F58C7F7AD25F8B3ABB783A 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe 2015-04-13 18:44:11 3DB4CD42B36FD2C98E9B51E3CBC1670E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe 2015-04-13 18:44:11 32700B34EE49959FAF64EC46D96B3630 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe 2015-04-13 18:44:11 1FA2D0F07730F502A857BFC63DA6C193 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe 2015-04-13 18:44:11 0A9C7408BADBA5D2C841817C22ACBF07 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe 2015-04-13 18:44:11 08363434BEC1B0AE6420C77820BC12E9 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe 2015-04-13 18:44:11 042B789E469D238D5FA9DEC4241CE3FD 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe 2015-04-13 18:44:10 A07427A93E1133A7F0F4691CC54B9294 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe 2015-04-13 18:44:10 94017ABBDE345580542D8301793EFF7A 191400 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe 2015-04-13 18:44:10 79B6403F5BD398BB9880F00FAF7C69DA 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe 2015-04-13 18:44:10 6031BACB59D93E5ECB4ACDE6E12565EA 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe 2015-04-13 18:44:10 30E9397C2F0C8FF128219D6A25E172BB 190888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe 2015-04-13 18:44:10 2794D464D89260B0316C16A9FE24C660 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe 2015-04-12 21:56:09 2FBC280F4028CA1A5846403E1A893C2C 560456 ----a-w- C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\SwReporter\2.16.3\software_reporter_tool.exe 2015-04-12 21:30:32 EF73E92A6AF97EFFB2A122059A20F059 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\ktab.exe 2015-04-12 21:30:32 DF4FA42B945892EF7FB77632D203AA0F 66472 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\ssvagent.exe 2015-04-12 21:30:32 C8D289E47F1BB5C23023610A777B03CB 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\keytool.exe 2015-04-12 21:30:32 C8341BEA099FB527B9B2835EEDC85D22 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\orbd.exe 2015-04-12 21:30:32 7F97D98DC620D8E8205666D3DA269F92 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\pack200.exe 2015-04-12 21:30:32 746D1F93A6F74973FBB1A0CFC0E7012B 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\kinit.exe 2015-04-12 21:30:32 5890696E88BDAFEC29E98C798C9C1260 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\tnameserv.exe 2015-04-12 21:30:32 4E86870309E0A22DCA1B7E0A1EFDAD9B 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\klist.exe 2015-04-12 21:30:32 47D7A95EC56EA2AADC7BF56C50779811 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\servertool.exe 2015-04-12 21:30:32 2B6D67C8E051F8A7964320BEB7D4D759 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\rmid.exe 2015-04-12 21:30:32 2A2678E9BDA1F7857CD24371B96D3F93 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\policytool.exe 2015-04-12 21:30:32 1DDA585AA916C69C0232E5D5515DEBE6 197544 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\unpack200.exe 2015-04-12 21:30:32 02FAF51F9BC84BD23D8F83FA9AF1CBBC 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\rmiregistry.exe 2015-04-12 21:30:31 FC6F9DD57A52CE0D880F183BF9AA0553 99752 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jp2launcher.exe 2015-04-12 21:30:31 C7725999CDF552180F2315F792794A32 319912 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javaws.exe 2015-04-12 21:30:31 A16556165ACA24F0E9154C6AB674CAFB 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\java-rmi.exe 2015-04-12 21:30:31 7D3683A6B418DAA49FD72EAB69E251E6 207272 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javaw.exe 2015-04-12 21:30:31 7D2E7B9CE4BA09107CEF46F9CDDD55DF 34216 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jabswitch.exe 2015-04-12 21:30:31 5AF9591C94C23E6F4128C525BAAC24EE 77224 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe 2015-04-12 21:30:31 57F35EE5C0526435035B5BFBBEE1064D 206760 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\java.exe 2015-04-12 21:30:31 5016BB70E6ABF17D19E90AB85331D547 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jjs.exe 2015-04-12 21:30:10 0944AF122EF33168F38D858DAE0CF263 561576 ----a-w- C:\Users\joderoo\AppData\Local\Temp\jre-8u40-windows-au.exe 2015-04-12 21:20:06 DA8AC392E864489F127D64048D12E043 41460816 ----a-w- C:\Program Files (x86)\Google\Update\Install\{47D95103-0ADA-4C74-BFC4-B792891F8CE6}\41.0.2272.118_chrome_installer.exe 2015-04-12 21:20:06 DA8AC392E864489F127D64048D12E043 41460816 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\41.0.2272.118\41.0.2272.118_chrome_installer.exe 2015-04-12 21:05:16 5AD80C5A295030C3657AB25BE587E9F5 119837704 ----a-w- C:\Windows\SysWOW64\MRT.exe 2015-04-12 21:04:21 C5D90D20035928387FE27E4485EE463F 36864 ----a-w- C:\Windows\System32\wuapp.exe 2015-04-12 21:04:21 AEA602B4036CF95522818E911654F52E 135168 ----a-w- C:\Windows\System32\wuauclt.exe 2015-04-12 21:04:21 751C4859FD46A1461B3FB57252F541D8 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-04-12 21:04:19 17D815AD21D4325CD589E57A9582E311 70840 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2015-04-12 20:56:53 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismHost.exe 2015-04-12 17:21:08 E82AB1F1B22D4AE5A38B28F94BF7888F 15252424 ----a-w- C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.exe 2015-04-12 17:21:08 E82AB1F1B22D4AE5A38B28F94BF7888F 15252424 ----a-w- C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.1.exe 2015-04-09 01:31:30 FF5275C3F6B8EF5AFA93D3885C46AE00 73336 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.51\wow_helper.exe 2015-04-09 01:31:30 5DD9CBD42308CA43E0009FDE7DB92E2F 484472 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.51\opera_crashreporter.exe 2015-04-09 01:31:30 199C1A5195BFF2CBF11DFD8F5F691911 1862776 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.51\opera_autoupdate.exe 2015-04-09 01:31:29 8BDBFBB4223DC15039E33A6ED94F3F48 51807864 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe 2015-04-09 01:31:29 4EAF7AB20CF42F7F349E5950E7C1AD7A 1255544 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.51\installer.exe === C: other files == 2015-04-15 20:12:37 26A741CF18BEC27E2A4A63FED3E3C53A 54374 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\staged\yesscript@userstyles.org.xpi 2015-04-13 20:12:39 ED2B29F52525B29FF9FF26BF68528A23 500930 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2015-04-13 20:10:25 81E1D982BF67BB23723CDFCA1DA72650 218 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\CT2865317\toolbarImages\storage.conduit.com 2015-04-13 20:10:23 E53CA224EC1BFAD22B97C50FF191C1D9 970672 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2015-04-13 20:10:23 7D7B014579DB7B90E0CD356EF9C18EEF 732089 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi 2015-04-13 20:10:23 4155DB098E14F2A8CB7BAC0FD10D9FB0 210138 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi 2015-04-13 20:10:23 36B939ADDA2A8D8D4237F7DDB8387EF1 1004018 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi 2015-04-13 20:10:23 1A5763EE52481E9501A13F49ADAF7BA6 53620 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\yesscript@userstyles.org.xpi 2015-04-13 20:10:23 1113D0317013E9635E0CA2612E07268F 21093 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi 2015-04-13 20:10:22 2C51403B5E4BC4108BF36717434A865E 97191 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi 2015-04-13 20:10:22 1C1E198E95535DF2AF63587E0EBDC702 372693 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\s3download@statusbar.xpi 2015-04-13 20:10:22 1BDE6B9387F77B7DC6A4C6389DC07D05 95142 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\multirevenue@googlemail.com.xpi 2015-04-13 20:10:21 6C702001B52B46BC97434B4CEFDAF55E 20959 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\belgiumeid@eid.belgium.be.xpi 2015-04-13 20:10:19 A6927C4AC46FAEA60D263D87C06062A9 133000 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\adblockpopups@jessehakanen.net.xpi 2015-04-13 20:09:01 F8262859D8BBA81D040A9D9BF1441578 393588 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi 2015-04-13 20:09:01 ED2B29F52525B29FF9FF26BF68528A23 500930 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2015-04-13 20:09:01 E53CA224EC1BFAD22B97C50FF191C1D9 970672 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2015-04-13 20:09:01 CFA30D28CBE46768F911FEB6929F3742 163315 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi 2015-04-13 20:09:01 7D7B014579DB7B90E0CD356EF9C18EEF 732089 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi 2015-04-13 20:09:01 36B939ADDA2A8D8D4237F7DDB8387EF1 1004018 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi 2015-04-13 20:09:01 1C1E198E95535DF2AF63587E0EBDC702 372693 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\s3download@statusbar.xpi 2015-04-13 20:09:01 1A5763EE52481E9501A13F49ADAF7BA6 53620 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\yesscript@userstyles.org.xpi 2015-04-13 20:09:01 1113D0317013E9635E0CA2612E07268F 21093 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi 2015-04-13 20:09:00 F0AEF5202F071D8B69B909AB0ABF8BAF 20158 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi 2015-04-13 20:09:00 81E1D982BF67BB23723CDFCA1DA72650 218 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\CT2865317\toolbarImages\storage.conduit.com 2015-04-13 20:09:00 6C702001B52B46BC97434B4CEFDAF55E 20959 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\belgiumeid@eid.belgium.be.xpi 2015-04-13 20:09:00 2C51403B5E4BC4108BF36717434A865E 97191 ----a-w- C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi 2015-04-13 19:32:01 F8262859D8BBA81D040A9D9BF1441578 393588 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi 2015-04-13 19:31:59 CFA30D28CBE46768F911FEB6929F3742 163315 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi 2015-04-13 19:31:57 F0AEF5202F071D8B69B909AB0ABF8BAF 20158 ----a-w- C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi 2015-04-13 18:52:09 F8262859D8BBA81D040A9D9BF1441578 393588 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi 2015-04-13 18:52:09 F0AEF5202F071D8B69B909AB0ABF8BAF 20158 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi 2015-04-13 18:52:09 ED2B29F52525B29FF9FF26BF68528A23 500930 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2015-04-13 18:52:09 E53CA224EC1BFAD22B97C50FF191C1D9 970672 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2015-04-13 18:52:09 CFA30D28CBE46768F911FEB6929F3742 163315 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi 2015-04-13 18:52:09 7D7B014579DB7B90E0CD356EF9C18EEF 732089 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi 2015-04-13 18:52:09 36B939ADDA2A8D8D4237F7DDB8387EF1 1004018 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi 2015-04-13 18:52:09 2C51403B5E4BC4108BF36717434A865E 97191 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi 2015-04-13 18:52:09 1C1E198E95535DF2AF63587E0EBDC702 372693 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\s3download@statusbar.xpi 2015-04-13 18:52:09 1A5763EE52481E9501A13F49ADAF7BA6 53620 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\yesscript@userstyles.org.xpi 2015-04-13 18:52:09 1113D0317013E9635E0CA2612E07268F 21093 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi 2015-04-13 18:52:07 81E1D982BF67BB23723CDFCA1DA72650 218 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\CT2865317\toolbarImages\storage.conduit.com 2015-04-13 18:52:07 6C702001B52B46BC97434B4CEFDAF55E 20959 ----a-w- C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\belgiumeid@eid.belgium.be.xpi 2015-04-13 18:44:12 9DCBFF045A2A43212A4763C3461A50B9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip 2015-04-12 21:30:32 F0D051E5286557DBFE73842D1CF34A57 14130 ----a-w- C:\Program Files\Java\jre1.8.0_40\lib\deploy\ffjcext.zip 2015-04-12 21:04:19 7EBB5DAD11B1D0B12317A191C8325991 21128 ----a-w- C:\Windows\System32\appraiser\nxquery.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1496205931-4010645900-4173059788-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DT HPC"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/04/2015 02:28] C:\Windows\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000.job --a------ C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe [29/03/2015 03:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/12/2014 06:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/12/2014 06:37] C:\Windows\tasks\OEM.job --a------ C:\Users\joderoo\AppData\Roaming\OEM.exe [] C:\Windows\tasks\Wise Care 365 PC Checkup Task.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [03/04/2015 18:20] C:\Windows\tasks\Wise Care 365.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [03/04/2015 18:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS.exe] "C:\Windows\SysNative\tasks\FHIGIC" [C:\Users\joderoo\AppData\Roaming\FHIGIC.exe] "C:\Windows\SysNative\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000" [C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OEM" [C:\Users\joderoo\AppData\Roaming\OEM.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1418920053" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\Wise Care 365" [C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe] "C:\Windows\SysNative\tasks\Wise Care 365 PC Checkup Task" [C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS AI Suite II Execute" [C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS DigiPowerControl Help" [C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe] "C:\Windows\SysNative\tasks\ASUS\RC TweakIt Server Execute" [C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe] "C:\Windows\SysNative\tasks\ASUS\USB 3.0 Boost Service" [C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402 user_pref("browser.startup.homepage", "http://www.google.be/"); user_pref("browser.newtab.url", "http://www.google.com"); user_pref("browser.search.defaultenginename", "Google "); user_pref("browser.search.selectedEngine", "Google "); user_pref("services.sync.prefs.sync.browser.search.selectedEngine", true); ProfilePath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974 user_pref("browser.startup.homepage", "https://www.google.be/?gws_rd=ssl"); user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402 - Undetermined - C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\clickclean@hotcleaner.com - Clickamp;Clean - %ProfilePath%\extensions\clickclean@hotcleaner.com - Hola Better Internet - %ProfilePath%\extensions\jid1-4P0kohSJxU1qGg@jetpack - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi - YouTube Flash Player - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi - Download Manager S3 - %ProfilePath%\extensions\s3download@statusbar.xpi - YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi - FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi - Download Status Bar - %ProfilePath%\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi - ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi ProfilePath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974 - Undetermined - %ProfilePath%\extensions\staged - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi - YouTube Flash Player - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi - betterFox - Make your browsing experience 15 faster. - %ProfilePath%\extensions\multirevenue@googlemail.com.xpi - Download Manager S3 - %ProfilePath%\extensions\s3download@statusbar.xpi - YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi - FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi - Download Status Bar - %ProfilePath%\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi - ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi - JavaScript Debugger - %ProfilePath%\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\joderoo\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 2642ACC72BCF9038BAD3CA2719297416 - C:\Users\joderoo\AppData\Local\Hola\firefox\app\vlc\npvlc.dll - Hola VLC Web Plugin E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\joderoo\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 A7E6EA4CF1A87A235EAC315146CDC1B4 - C:\Users\joderoo\AppData\Roaming\Mozilla\plugins\npatgpc.dll - ActiveTouch General Plugin Container 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\joderoo\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Reset Google Chrome ====================== C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=695 folders=59 34645446 bytes) ==== EOF on do 16/04/2015 at 0:03:44,65 ======================
  5. joderoo
    Heel fel bedankt om zo snel te reageren. Zoals u gevraagd heb ,zend ik in bijlage de "log.txt" van RSIT. Bedankt want ik lees het nieuwsblad altijd online en dit is nu niet meer mogelijk. Sorry dat ik het log.txt hier plaats ,ik kan geen bestand bijvoegen.Het venstertje tussen ""bestanden bijvoegen en voeg dit bestand bij""Wordt nirt getoond bij mij. mijn exuses. Logfile of random's system information tool 1.10 (written by random/random) Run by joderoo at 2015-04-14 22:06:30 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 100 GB (58%) free of 172 GB Total RAM: 16285 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:06:32, on 14/04/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\XM MT4\terminal.exe C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Phone\Skype.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\joderoo.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [DT HPC] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: Converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASUS\ROG GameFirst II\spd.exe O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Network Virtual Bridge - www.otp.ccc - C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe O23 - Service: Network Virtual Bridge S - Unknown owner - C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe O23 - Service: Network Virtual Bridge Update Protocol - Unknown owner - C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 16365 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe" "C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe" "C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe" "C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe" "C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe" "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files\ASUS\ROG GameFirst II\spd.exe" -service "C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe" "C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe" "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe" --service "C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe" "C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" taskeng.exe {939E80F2-4593-49C7-922A-2A8D5A9C89E0} "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe" -StartTray "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe" "C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe" "C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open "C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init "C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide "C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --parent-handle=304 "C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe" -Customer=HPC -startup_folder -DT_Startup "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="812.0.1626909397\353157273" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x6739 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.1.1156638684\437143004" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.3.516090807\1460118434" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.4.722185593\416438280" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.5.752696230\2084455962" /prefetch:673131151 C:\Windows\System32\svchost.exe -k LocalServicePeerNet -dumy -customer=HPC -install "C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe" -customer=HPC -install C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe" "C:\Program Files (x86)\XM MT4\terminal.exe" "C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe" "C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe" "C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe" taskmgr.exe /3 "C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Users\joderoo\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\joderoo\AppData\Local\Hola\firefox --firefox "C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Phone\Skype.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.32.355628989\2131590175" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.35.1248701553\537762616" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.38.1168584976\1888849411" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="812.39.1591010747\1851838758" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.42.1032881769\1371539221" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.45.1649725071\1794463725" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe "D:\Joderoo(D)\Rapget\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\FHIGIC.job - C:\Users\joderoo\AppData\Roaming\FHIGIC.exe /infocmdline=BIq7BpQIE5ZHrlW1qDoAq8sMc0e0eMzy6h1swb6yUzJshj59DJ/4IIhasb/zhtO/GWHkpYoMf1T5GsDxqGUelD2Oeb46wsdmnS3VCKa7arblpHW73ELE1Bz3O9LW4v/6L3YafCmBOBV+0BO6C5y55CG/iDSmBGCZw+ocAQNFTUMVE29tAnpTQzkQ5Ua16b5nvltV1bd9N4+6++MkKWof9glBg9slC/Z2YjwhA2BSTZdoUoeWJ/tRlhh0WgmimdWxLbteg0lUbK4bCgsV0W82+a2ken+At5h7Du36u28p4RDRTEpDBI5oXNCoW45mueCazddW/6LqrufvBtpSbDR8OgFhgJ0Yfti/j+sZHRUOrMvN+bdfg8unD8EELw+g94E2DxwarpSJQO0m0/K3pDPukopIoSsdQxQsJ7zhhIjgoRhxbjit/p6wPhuPNIzSzSQ6I4som91rCHnXmbi6tMXRiaLuyajeVcDZr4M2x0SjJ2GHw3h/ZxAZ7DGKK8b+yAx+ C:\Windows\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000.job - C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\OEM.job - C:\Users\joderoo\AppData\Roaming\OEM.exe /infocmdline=hmr9X0ZNoSxa+hLMFzEAuwwzKgHwjPsFu2tVT2buubrMKW1jCZ/iESrSBrkszfUNeyrAYNnjH6cI/E1BvdOcYVX0CeuRvMCQMRjrjususOluhAJrYvzidhTYaHN6VZRyzcvjHZFLnG9v6+qBLQe6IFlvuLHazL5ZGecR2bgD7gMfsF97Z+Nywh5WILDr5E+1tjy+Xytzr/sL7+MyyDwqH0A1i8wHvLdWakx+xygdWdEk8Tvy+p0F12kv30CjLOKyVSZzZHgJ+GqPUPbEv4Iqd8dI/d5JV0UbL3ccCapWVPOfQ35Wrz5bcdxXTTjCzyyBDPpF2akUWCUIYKprFV08HBGLxGWjegj8+BtJEDUOhRuVjlcZkO/Uh9s8bFWAxaUY++LKiuJzWY8AAUU7vV7WQGoKZqt6XCkaGVW7E5k2ThaGtlpvbQ+wuAruKwnmPUkKOBNUE51OH6qXjxbhHDbzSYjbL9TFx3rT5ltK8zEKPjj5pgPFBk6Hut41PL6+y/ys C:\Windows\tasks\Wise Care 365 PC Checkup Task.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe -silent C:\Windows\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray =========Mozilla firefox========= ProfilePath - C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974 prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.be/?gws_rd=ssl" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 17.0.0.134 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon Easy-PhotoPrint EX "Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 17.0.0.134 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\ artur.dubovoy@gmail.com clickclean@hotcleaner.com jid1-4P0kohSJxU1qGg@jetpack ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-12 551848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-12 212904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E421D566-29E5-F629-2C56-E5BC07586950}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01 194504] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-12-05 39408] "GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-03-30 809288] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "DT HPC"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2014-06-27 122384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=221 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.l3codecp"=l3codecp.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave3"=wdmaud.drv "mixer3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "D:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2015-04-14 22:06:30 ----D---- C:\rsit 2015-04-14 22:06:30 ----D---- C:\Program Files\trend micro 2015-04-13 23:54:59 ----D---- C:\Program Files (x86)\Trend Micro 2015-04-13 20:47:27 ----D---- C:\Users\joderoo\AppData\Roaming\Oracle 2015-04-13 20:45:05 ----A---- C:\Windows\SYSWOW64\RENBF1E.tmp 2015-04-13 20:44:04 ----D---- C:\Program Files (x86)\Java 2015-04-13 00:47:24 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll 2015-04-13 00:47:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll 2015-04-13 00:47:24 ----A---- C:\Windows\system32\XAudio2_7.dll 2015-04-13 00:47:24 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll 2015-04-13 00:47:23 ----A---- C:\Windows\system32\xactengine3_7.dll 2015-04-13 00:47:23 ----A---- C:\Windows\system32\d3dcsx_43.dll 2015-04-13 00:47:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\system32\D3DX9_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\system32\d3dx11_43.dll 2015-04-13 00:47:22 ----A---- C:\Windows\system32\d3dx10_43.dll 2015-04-13 00:47:21 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll 2015-04-13 00:47:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll 2015-04-13 00:47:21 ----A---- C:\Windows\system32\XAudio2_6.dll 2015-04-13 00:47:21 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2015-04-13 00:47:19 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll 2015-04-13 00:47:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll 2015-04-13 00:47:19 ----A---- C:\Windows\system32\xactengine3_6.dll 2015-04-13 00:47:19 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2015-04-13 00:47:18 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll 2015-04-13 00:47:18 ----A---- C:\Windows\system32\XAudio2_5.dll 2015-04-13 00:47:16 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll 2015-04-13 00:47:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll 2015-04-13 00:47:16 ----A---- C:\Windows\system32\xactengine3_5.dll 2015-04-13 00:47:16 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\system32\D3DX9_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dx11_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dx10_42.dll 2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dcsx_42.dll 2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll 2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll 2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll 2015-04-13 00:47:14 ----A---- C:\Windows\system32\D3DX9_41.dll 2015-04-13 00:47:14 ----A---- C:\Windows\system32\d3dx10_41.dll 2015-04-13 00:47:14 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2015-04-13 00:47:12 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll 2015-04-13 00:47:12 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll 2015-04-13 00:47:12 ----A---- C:\Windows\system32\XAudio2_4.dll 2015-04-13 00:47:12 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll 2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll 2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll 2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll 2015-04-13 00:47:11 ----A---- C:\Windows\system32\xactengine3_4.dll 2015-04-13 00:47:11 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2015-04-13 00:47:11 ----A---- C:\Windows\system32\d3dx10_40.dll 2015-04-13 00:47:11 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2015-04-13 00:47:10 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll 2015-04-13 00:47:10 ----A---- C:\Windows\system32\D3DX9_40.dll 2015-04-13 00:47:09 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll 2015-04-13 00:47:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll 2015-04-13 00:47:09 ----A---- C:\Windows\system32\XAudio2_3.dll 2015-04-13 00:47:09 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2015-04-13 00:47:07 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll 2015-04-13 00:47:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll 2015-04-13 00:47:07 ----A---- C:\Windows\system32\xactengine3_3.dll 2015-04-13 00:47:07 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2015-04-13 00:47:06 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll 2015-04-13 00:47:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll 2015-04-13 00:47:06 ----A---- C:\Windows\system32\XAudio2_2.dll 2015-04-13 00:47:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll 2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll 2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll 2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll 2015-04-13 00:47:04 ----A---- C:\Windows\system32\xactengine3_2.dll 2015-04-13 00:47:04 ----A---- C:\Windows\system32\D3DX9_39.dll 2015-04-13 00:47:04 ----A---- C:\Windows\system32\d3dx10_39.dll 2015-04-13 00:47:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2015-04-13 00:47:02 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll 2015-04-13 00:47:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll 2015-04-13 00:47:02 ----A---- C:\Windows\system32\XAudio2_1.dll 2015-04-13 00:47:02 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2015-04-13 00:47:01 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll 2015-04-13 00:47:01 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll 2015-04-13 00:47:01 ----A---- C:\Windows\system32\xactengine3_1.dll 2015-04-13 00:47:01 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll 2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll 2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll 2015-04-13 00:47:00 ----A---- C:\Windows\system32\D3DX9_38.dll 2015-04-13 00:47:00 ----A---- C:\Windows\system32\d3dx10_38.dll 2015-04-13 00:47:00 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2015-04-13 00:46:58 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll 2015-04-13 00:46:58 ----A---- C:\Windows\system32\XAudio2_0.dll 2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll 2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll 2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll 2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll 2015-04-13 00:46:57 ----A---- C:\Windows\system32\xactengine3_0.dll 2015-04-13 00:46:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2015-04-13 00:46:57 ----A---- C:\Windows\system32\d3dx10_37.dll 2015-04-13 00:46:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2015-04-13 00:46:56 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll 2015-04-13 00:46:56 ----A---- C:\Windows\system32\D3DX9_37.dll 2015-04-13 00:46:55 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll 2015-04-13 00:46:55 ----A---- C:\Windows\system32\xactengine2_10.dll 2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll 2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll 2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll 2015-04-13 00:46:54 ----A---- C:\Windows\system32\d3dx9_36.dll 2015-04-13 00:46:54 ----A---- C:\Windows\system32\d3dx10_36.dll 2015-04-13 00:46:54 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll 2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll 2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll 2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll 2015-04-13 00:46:52 ----A---- C:\Windows\system32\xactengine2_9.dll 2015-04-13 00:46:52 ----A---- C:\Windows\system32\d3dx9_35.dll 2015-04-13 00:46:52 ----A---- C:\Windows\system32\d3dx10_35.dll 2015-04-13 00:46:52 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll 2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll 2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll 2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll 2015-04-13 00:46:50 ----A---- C:\Windows\system32\xactengine2_8.dll 2015-04-13 00:46:50 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2015-04-13 00:46:50 ----A---- C:\Windows\system32\d3dx10_34.dll 2015-04-13 00:46:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2015-04-13 00:46:49 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll 2015-04-13 00:46:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll 2015-04-13 00:46:49 ----A---- C:\Windows\system32\xinput1_3.dll 2015-04-13 00:46:49 ----A---- C:\Windows\system32\d3dx9_34.dll 2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll 2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll 2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll 2015-04-13 00:46:48 ----A---- C:\Windows\system32\xactengine2_7.dll 2015-04-13 00:46:48 ----A---- C:\Windows\system32\d3dx10_33.dll 2015-04-13 00:46:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2015-04-13 00:46:47 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll 2015-04-13 00:46:47 ----A---- C:\Windows\system32\d3dx9_33.dll 2015-04-13 00:46:46 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll 2015-04-13 00:46:46 ----A---- C:\Windows\system32\xactengine2_6.dll 2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll 2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll 2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\d3dx10.dll 2015-04-13 00:46:44 ----A---- C:\Windows\system32\xactengine2_5.dll 2015-04-13 00:46:44 ----A---- C:\Windows\system32\d3dx9_32.dll 2015-04-13 00:46:44 ----A---- C:\Windows\system32\d3dx10.dll 2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll 2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll 2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll 2015-04-13 00:46:42 ----A---- C:\Windows\system32\xactengine2_4.dll 2015-04-13 00:46:42 ----A---- C:\Windows\system32\x3daudio1_1.dll 2015-04-13 00:46:42 ----A---- C:\Windows\system32\d3dx9_31.dll 2015-04-13 00:46:41 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll 2015-04-13 00:46:41 ----A---- C:\Windows\system32\xactengine2_3.dll 2015-04-13 00:46:40 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll 2015-04-13 00:46:40 ----A---- C:\Windows\system32\xinput1_2.dll 2015-04-13 00:46:39 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll 2015-04-13 00:46:39 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll 2015-04-13 00:46:39 ----A---- C:\Windows\system32\xinput1_1.dll 2015-04-13 00:46:39 ----A---- C:\Windows\system32\xactengine2_2.dll 2015-04-13 00:46:38 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll 2015-04-13 00:46:38 ----A---- C:\Windows\system32\xactengine2_1.dll 2015-04-13 00:46:36 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll 2015-04-13 00:46:36 ----A---- C:\Windows\system32\d3dx9_30.dll 2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll 2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll 2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll 2015-04-13 00:46:35 ----A---- C:\Windows\system32\xactengine2_0.dll 2015-04-13 00:46:35 ----A---- C:\Windows\system32\x3daudio1_0.dll 2015-04-13 00:46:35 ----A---- C:\Windows\system32\d3dx9_29.dll 2015-04-13 00:46:34 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll 2015-04-13 00:46:34 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll 2015-04-13 00:46:34 ----A---- C:\Windows\system32\d3dx9_28.dll 2015-04-13 00:46:34 ----A---- C:\Windows\system32\d3dx9_27.dll 2015-04-13 00:46:33 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll 2015-04-13 00:46:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll 2015-04-13 00:46:33 ----A---- C:\Windows\system32\d3dx9_26.dll 2015-04-13 00:46:33 ----A---- C:\Windows\system32\d3dx9_25.dll 2015-04-13 00:46:32 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll 2015-04-13 00:46:32 ----A---- C:\Windows\system32\d3dx9_24.dll 2015-04-13 00:43:43 ----D---- C:\Windows\SYSWOW64\directx 2015-04-12 23:41:45 ----A---- C:\Windows\SYSWOW64\REN5EC2.tmp 2015-04-12 23:05:16 ----A---- C:\Windows\SYSWOW64\MRT.exe 2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuwebv.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wups2.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wups.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wudriver.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wucltux.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuaueng.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuauclt.exe 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuapp.exe 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuapi.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-04-12 23:04:21 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\invagent.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\generaltel.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\devinv.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\appraiser.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\aepic.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\aepdu.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\aeinv.dll 2015-04-12 23:04:19 ----A---- C:\Windows\system32\acmigration.dll 2015-04-12 22:47:01 ----A---- C:\Windows\system32\FNTCACHE.DAT 2015-04-10 20:57:24 ----D---- C:\Windows\Minidump 2015-04-08 21:57:24 ----D---- C:\Program Files\Unlocker 2015-04-07 21:05:09 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-04-06 17:36:50 ----D---- C:\Program Files\Network Virtual Bridge 2015-04-06 17:36:38 ----D---- C:\Users\joderoo\AppData\Roaming\InAppBrowser 2015-04-06 17:36:34 ----D---- C:\Program Files\Network Virtual Bridge Update Protocol 2015-04-06 17:35:46 ----D---- C:\Users\joderoo\AppData\Roaming\InAppBrowserInstaller 2015-04-06 10:23:56 ----D---- C:\Users\joderoo\AppData\Roaming\idesktop 2015-04-05 03:00:33 ----SD---- C:\Windows\SYSWOW64\GWX 2015-04-05 03:00:33 ----SD---- C:\Windows\system32\GWX 2015-04-02 22:01:06 ----HD---- C:\ProgramData\CanonIJEPPEX 2015-04-02 21:24:17 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2015-03-23 23:28:06 ----D---- C:\ProgramData\{20797b0b-ff14-a8ec-2079-97b0bff1ec2f} 2015-03-19 01:28:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2015-03-19 01:06:58 ----D---- C:\Windows\system32\log 2015-03-16 22:34:16 ----D---- C:\Program Files (x86)\43d45ddb-733d-4a4f-9d91-4e3253112627 2015-03-16 21:33:58 ----D---- C:\Users\joderoo\AppData\Roaming\2BrightSparks ======List of files/folders modified in the last 1 month====== 2015-04-14 22:06:33 ----D---- C:\Windows\Temp 2015-04-14 22:06:30 ----RD---- C:\Program Files 2015-04-14 22:05:13 ----D---- C:\Windows\system32\config 2015-04-14 22:02:11 ----D---- C:\Users\joderoo\AppData\Roaming\Skype 2015-04-13 23:54:59 ----D---- C:\Program Files (x86) 2015-04-13 22:07:49 ----D---- C:\Windows\System32 2015-04-13 22:07:49 ----D---- C:\Windows\inf 2015-04-13 22:07:49 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-04-13 21:31:25 ----D---- C:\Users\joderoo\AppData\Roaming\Wise Care 365 2015-04-13 21:31:10 ----HD---- C:\ProgramData 2015-04-13 21:30:10 ----A---- C:\Windows\PE_Rom.dll 2015-04-13 21:29:31 ----D---- C:\Windows\system32\wbem 2015-04-13 21:29:31 ----D---- C:\Windows 2015-04-13 21:28:53 ----SHD---- C:\Windows\Installer 2015-04-13 21:28:53 ----D---- C:\Windows\Tasks 2015-04-13 21:28:53 ----D---- C:\Windows\SysWOW64 2015-04-13 21:28:53 ----D---- C:\Windows\system32\DriverStore 2015-04-13 21:28:53 ----D---- C:\Windows\system32\drivers 2015-04-13 21:28:53 ----D---- C:\Windows\system32\catroot2 2015-04-13 21:28:53 ----D---- C:\Windows\registration 2015-04-13 21:21:25 ----SHD---- C:\System Volume Information 2015-04-13 20:45:23 ----D---- C:\ProgramData\Oracle 2015-04-13 02:43:17 ----D---- C:\Windows\Logs 2015-04-13 00:46:37 ----RSD---- C:\Windows\assembly 2015-04-13 00:46:31 ----D---- C:\Windows\Microsoft.NET 2015-04-13 00:24:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-04-12 23:38:48 ----D---- C:\Program Files\CCleaner 2015-04-12 23:38:47 ----D---- C:\Windows\system32\Tasks 2015-04-12 23:30:32 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll 2015-04-12 23:30:27 ----D---- C:\Program Files\Java 2015-04-12 23:27:32 ----D---- C:\Program Files (x86)\Common Files 2015-04-12 23:20:07 ----D---- C:\Program Files (x86)\Google 2015-04-12 23:14:51 ----D---- C:\Users\joderoo\AppData\Roaming\Google 2015-04-12 23:08:02 ----D---- C:\Windows\winsxs 2015-04-12 23:05:53 ----SD---- C:\Windows\system32\CompatTel 2015-04-12 23:05:53 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-04-12 23:05:53 ----D---- C:\Windows\system32\nl-NL 2015-04-12 23:05:53 ----D---- C:\Windows\system32\appraiser 2015-04-12 23:05:53 ----D---- C:\Windows\PolicyDefinitions 2015-04-12 23:05:53 ----D---- C:\Windows\AppPatch 2015-04-12 23:05:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2015-04-12 22:47:07 ----D---- C:\Windows\debug 2015-04-12 22:46:05 ----D---- C:\Windows\SYSWOW64\config 2015-04-12 22:36:50 ----D---- C:\Windows\SoftwareDistribution 2015-04-12 22:20:08 ----D---- C:\Users\joderoo\AppData\Roaming\TeamViewer 2015-04-12 22:16:47 ----D---- C:\Windows\pss 2015-04-12 19:45:37 ----D---- C:\Users\joderoo\AppData\Roaming\WiseUpdate 2015-04-12 15:29:04 ----D---- C:\Windows\system32\LogFiles 2015-04-09 03:31:30 ----D---- C:\Program Files (x86)\Opera 2015-04-08 20:01:53 ----D---- C:\ProgramData\Skype 2015-04-07 21:13:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-07 20:48:28 ----HD---- C:\ProgramData\CanonIJScan 2015-04-07 20:48:28 ----D---- C:\ProgramData\FLEXnet 2015-04-07 20:48:28 ----D---- C:\ProgramData\CanonIJ 2015-04-06 17:39:16 ----D---- C:\ProgramData\Package Cache 2015-04-06 10:20:32 ----D---- C:\Program Files (x86)\Aiseesoft Studio 2015-04-06 10:17:03 ----RHD---- C:\MSOCache 2015-04-02 22:09:09 ----D---- C:\ProgramData\CanonIJPLM 2015-04-02 22:01:06 ----D---- C:\Windows\system32\FxsTmp 2015-03-30 08:01:50 ----D---- C:\Users\joderoo\AppData\Roaming\MyPhoneExplorer 2015-03-29 20:04:44 ----D---- C:\Program Files (x86)\Skype 2015-03-27 22:45:49 ----D---- C:\Program Files\MPC-HC 2015-03-27 22:44:27 ----D---- C:\Users\joderoo\AppData\Roaming\MPC-HC 2015-03-23 21:25:52 ----D---- C:\Users\joderoo\AppData\Roaming\uTorrent 2015-03-23 21:25:49 ----D---- C:\Windows\Panther 2015-03-19 01:08:19 ----D---- C:\Windows\Prefetch 2015-03-18 09:46:39 ----D---- C:\Windows\system32\MRT 2015-03-18 09:43:06 ----A---- C:\Windows\system32\MRT.exe 2015-03-16 01:49:12 ----D---- C:\Program Files (x86)\MyDrive Connect ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-02-29 82560] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-02-29 42624] R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-12-05 513080] R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440] R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464] R1 cFosSpeed;cFosSpeed for faster Internet connections (NDIS 6); C:\Windows\system32\DRIVERS\cfosspeed6.sys [2012-04-27 1671552] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280] R1 VDiskBus;ASUS Disk Unlocker; C:\Windows\system32\DRIVERS\VDiskBus64.sys [2012-06-01 42656] R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616] R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968] R2 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2014-11-21 93400] R3 AiCharger;AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [2012-03-22 14848] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312] R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-06-02 31920] R3 ASFLTDrv.sys;ASFLTDrv.sys; \??\C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-09-16 16512] R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536] R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752] R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152] R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver); C:\Windows\system32\DRIVERS\ASUSstpt.sys [2011-09-15 24648] R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM); C:\Windows\system32\DRIVERS\ASUSumsc.sys [2011-09-15 141896] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720] R3 e1qexpress;Intel® PCI Express Network Connection Driver Q; C:\Windows\system32\DRIVERS\e1q62x64.sys [2011-10-13 356016] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2011-12-15 351392] R3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-12-15 4862368] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-14 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-12-13 56448] S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2014-11-13 62976] S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [2014-04-24 31160] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;Sony sa0107 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064] R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736] R2 ASDiskUnlocker;ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2012-06-18 262816] R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936] R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120] R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [2012-06-19 1457664] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [2012-06-28 756648] R2 DTSAudioSvc;DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-01-23 233328] R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [2014-06-27 138768] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-11-09 189608] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016] R2 Network Virtual Bridge S;Network Virtual Bridge S; C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe [2015-03-31 129024] R2 Network Virtual Bridge Update Protocol;Network Virtual Bridge Update Protocol; C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe [2015-04-03 131072] R2 Network Virtual Bridge;Network Virtual Bridge; C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe [2014-12-07 505364] R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2014-01-22 122384] R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-01-30 5429520] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 SkypeUpdate;Skype Updater; C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe [2015-02-18 315488] S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-10-28 580232] S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {nl_NL} ; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-13 268464] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-18 654848] S3 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-12-05 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-07 148080] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-05 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736] -----------------EOF----------------- met vriendelijke groeten.
  6. joderoo
    Hallo, sinds 2 weken krijg ik een blanco scherm als ik bv. naar "Knack.be" ga of naar "beleggerscompetitie.be" Ik snap er de ballen van(sorry) Ik heb denkelijk geen virus of malware. Ik gebruik NOD32 en Malwarebytes Anti-Malware. Ik heb java en flash-player geupdated. Ik gebruik Mozilla,Chrome,Opera en in geen enkele browser worden sommige pagina's meer geladen. Kan er mij iemand AUB uit de nood helpen. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:55:16, on 13/04/2015 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\XM MT4\terminal.exe C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [DT HPC] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: Converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1 O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASUS\ROG GameFirst II\spd.exe O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Network Virtual Bridge - www.otp.ccc - C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe O23 - Service: Network Virtual Bridge S - Unknown owner - C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe O23 - Service: Network Virtual Bridge Update Protocol - Unknown owner - C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 15975 bytes
  7. joderoo
    Het probleem is blijkbaar opgelost.Ik heb nu terug een download snelheid van +-1000Kbyte/sec. Hier het gevraagd hijackthis log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:21:15, on 10/06/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19048) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Topro\tppoll.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\TimeSlot\tmt.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\i-Buddy Manager\i-BuddyManager.exe C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\ProgramData\tmt\ct235.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [tmt] "C:\Program Files\TimeSlot\tmt.exe" O4 - HKLM\..\Run: [aaservice] "C:\Program Files/Timeslot/servicets.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: i-Buddy Manager.lnk = C:\Program Files\i-Buddy Manager\i-BuddyManager.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Phaedra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: i-Buddy IM Service - Unknown owner - C:\Program Files\i-Buddy Manager\IMService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 6398 bytes Hopelijk is nu alles opgelost. In ieder geval:Nen dikke MERCY en keep up the good work
  8. joderoo
    mijn vaste pc is een kloon pc(P4 2,4Ghz met 1GB ram)en is verbonden met een utp kabel.Mijn dochter hare pc (Medion T2300 @1,66Ghz met 1GB ram)is draadloos verbonden.Wij gebruiken allebei Firefox als browser.Mijne modem is een Bbox2 VDSL van belgacom en de router die ik gebruik is een Lynksys WRT300N wireless. hier het logje van hijackthis. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:58:57, on 6/06/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19048) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Topro\tppoll.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\i-Buddy Manager\i-BuddyManager.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: i-Buddy Manager.lnk = C:\Program Files\i-Buddy Manager\i-BuddyManager.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Phaedra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: i-Buddy IM Service - Unknown owner - C:\Program Files\i-Buddy Manager\IMService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 6327 bytes
  9. joderoo
    hallo,ik heb het volgende probleem. Op mijn vaste pc haal ik een downloadsnelheid van +- 900Kbyte terwijl op de laptop van mijn dochter iets van een 10Kbyte in bijlage een log. van hijackthis en een logje van MBAM. In ieder geval bedankt. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:58:57, on 6/06/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19048) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Topro\tppoll.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\i-Buddy Manager\i-BuddyManager.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: i-Buddy Manager.lnk = C:\Program Files\i-Buddy Manager\i-BuddyManager.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Phaedra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: i-Buddy IM Service - Unknown owner - C:\Program Files\i-Buddy Manager\IMService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 6327 bytesMalwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6787 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 6/06/2011 15:47:52 mbam-log-2011-06-06 (15-47-52).txt Scantype: Snelle scan Objecten gescand: 147350 Verstreken tijd: 6 minuut/minuten, 28 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 1 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\Users\Phaedra\downloads\installer_free_youtube_to_mp3_converter_3_9_28_nederlands_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully. c:\Windows\System32\homepage.txt (Stolen.Data) -> Quarantined and deleted successfully.
  10. joderoo
    Hallo,ik heb 't volgende probleem. Op mijne vaste computer haal ik een downloadsnelheid van 900Kbyte terwijl op de laptop van mijn dochter maar slechts iets van een 10Kbyte.Ik heb al vanalles geprobeerd mar niets helpt. Kan er mij iemand helpen. In bijlage een log. van hijackthis. In ieder geval bedankt hijackthis.log
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.