hidde565
Lid-
Items
33 -
Registratiedatum
-
Laatst bezocht
hidde565's prestaties
-
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Hoi, De laptop had gister de hele dag aangestaan, dus daarom was de temperatuur daarom zo hoog denk ik. Heb 'm laatst nog 'stofvrij' gemaakt. En daarnaast kan ik niet klikken op vorig stuurprogramma! Hij is zeg maar niet selecteerbaar! Groeten -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Bij het publiceren komt er een foutmelding, dus hierbij het tekstbestand: [ATTACH]30718[/ATTACH] LAPTOP.txt -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Ik zou niet weten hoe dat zou moeten haha , ik moet trwns zeggen dat de laptop het flikkeren minder doet dan eerst! -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
[ATTACH]30701[/ATTACH] log.txt -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Nee, helaas niet. Systeemherstel loopt tot een week terug! Weet u nog iets anders? -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
De laptop vertoont alsnog dat probleem, het kwam voor sinds ik de driver Nvidia heb upgedate. Het lijkt alsof er een popup in het scherm flikkert en het heeft volgensmij te maken met de taakbalk. -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
[ATTACH]30682[/ATTACH] AdwCleaner[S0].txt -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
[ATTACH]30611[/ATTACH] Dit is de goeie! zoek-results.log -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
[ATTACH]30601[/ATTACH] zoek-results3.log -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Aub[ATTACH]30600[/ATTACH] zoek-results3.log -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Hoi, ik wordt al geholpen onder een andere titel op dit forum! Ik plaatste het per ongeluk twee keer, maar krijg het niet verwijderd! In ieder geval bedankt voor de moeite! -
Laptop traag + eventueel virus
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Elon on wo 26-02-2014 at 20:09:30,82. Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Elon\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 20:14:15,27 ===== --- Create Environment Variables 20:14:16,94 --- Create System Restore Point 20:14:25,93 --- Checking Input 20:14:58,74 --- AU AppData Check 20:15:22,10 --- Remove From Windows Installer 20:15:29,61 --- Empty Folders Check 20:17:03,16 --- IE Startpage Check 20:17:13,08 --- Program Files DB Check 20:18:03,88 --- C:\Users\Default\AppData\Roaming DB Check 20:18:51,02 --- C:\Users\Default User\AppData\Roaming DB Check 20:18:51,02 --- C:\Users\Elon\AppData\Roaming DB Check 20:18:51,02 --- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 20:18:51,02 --- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 20:18:51,02 --- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 20:18:51,02 --- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 20:18:51,02 --- C:\Users\Elon DB Check 20:20:53,90 --- C:\PROGRA~3 DB Check 20:21:11,26 --- C:\Users\Default\AppData\Local DB Check 20:21:12,15 --- C:\Users\Default User\AppData\Local DB Check 20:21:12,15 --- C:\Users\Elon\AppData\Local DB Check 20:21:12,15 --- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 20:21:12,15 --- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 20:21:12,15 --- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 20:21:12,15 --- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 20:21:12,15 --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 20:22:33,13 --- C:\Users\Elon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 20:22:41,64 --- Tasks DB Check 20:22:46,33 --- Downloads DB Check 20:22:49,84 --- C:\Users\Elon\AppData\LocalLow DB Check 20:23:48,92 --- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 20:23:48,92 --- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 20:23:48,92 -
Laptop traag + eventueel virus
hidde565 plaatste een topic in Archief Bestrijding malware & virussen
Hallo, Sinds ik vanochtend via Windows Update mijn laptop heb 'upgedate', flikkert het scherm soms. Daarnaast download ik wel eens films via uTorrent, maar Avast geeft iets aan over het zelfde virus bij alle films! Ik hoop dat jullie mij kunnen helpen, groeten. Log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Elon at 2014-02-26 16:24:04 Microsoft Windows 7 Enterprise Service Pack 1 System drive C: has 146 GB (77%) free of 191 GB Total RAM: 4094 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:06, on 26-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\trend micro\Elon.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN24F630M605MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2C51G3H905SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET) #2] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2486314K05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET) #2" -AutoStart 1 O4 - HKCU\..\Run: [searchProtection] "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart O4 - HKLM\..\Policies\Explorer\Run: [AdobeFlash] C:\Users\Elon\AppData\Roaming\server.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11013 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1112 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart "C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3420.0.1751871964\147001557" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer " /prefetch:822062411 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.1.16238001\1122382084" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.2.597407603\1715961386" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.3.2109697015\860888437" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4128.4.623612232\756779804" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --lang=en-US --log-severity=disable /prefetch:822062411 C:\Windows\System32\svchost.exe -k secsvcs "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.13.1475746250\1897008987" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.15.1374673507\2061113967" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.32.1511744630\244340277" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.7.2050123969\1824776470" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Users\Elon\Desktop\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-03 11464296] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1825064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "JumiController"= [] "Google Update"=C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 136176] "HP Deskjet 3070 B611 series (NET)"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "Spotify Web Helper"=C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-23 1171968] "HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "HP Deskjet 3070 B611 series (NET) #2"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "SearchProtection"=C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-12-31 837992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] C:\Users\Elon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Elon\AppData\Local\Temp\Terminado.exe"="C:\Users\Elon\AppData\Local\Temp\Terminado.exe:*:Enabled:Windows Messanger" "C:\Users\Elon\AppData\Roaming\server.exe"="C:\Users\Elon\AppData\Roaming\server.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-02-26 16:24:04 ----D---- C:\rsit 2014-02-26 16:21:16 ----D---- C:\Program Files\trend micro 2014-02-26 15:58:08 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers\en-US 2014-02-26 13:03:11 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-02-26 13:02:58 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2014-02-26 13:02:57 ----A---- C:\Windows\system32\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprt.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\TSWbPrxy.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\MsRdpWebAccess.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-02-26 13:02:55 ----A---- C:\Windows\system32\mstscax.dll 2014-02-26 13:02:54 ----A---- C:\Windows\system32\rdvidcrl.dll 2014-02-26 12:58:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvvsvc.exe 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvsvcr.dll 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvshext.dll 2014-02-26 12:56:37 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2014-02-26 12:56:37 ----A---- C:\Windows\system32\OpenCL.dll 2014-02-26 12:54:06 ----D---- C:\Program Files\NVIDIA Corporation 2014-02-26 12:46:10 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-02-26 12:46:10 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-02-26 12:13:44 ----D---- C:\Program Files\PowerISO 2014-02-26 12:13:38 ----D---- C:\Program Files (x86)\SearchProtect 2014-02-26 12:09:12 ----D---- C:\ProgramData\Rosetta Stone 2014-02-26 12:09:12 ----D---- C:\Program Files (x86)\Rosetta Stone 2014-02-20 21:14:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-20 21:14:22 ----A---- C:\Windows\system32\vbscript.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-20 21:13:33 ----A---- C:\Windows\system32\msrating.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieui.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\iernonce.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-20 21:13:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-20 21:13:31 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\system32\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-20 21:13:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-20 21:13:29 ----A---- C:\Windows\system32\mshtml.dll 2014-02-20 21:13:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\iertutil.dll 2014-02-20 21:13:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-20 21:13:26 ----A---- C:\Windows\system32\urlmon.dll 2014-02-20 21:13:25 ----A---- C:\Windows\system32\ieframe.dll 2014-02-20 21:13:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-20 21:13:22 ----A---- C:\Windows\system32\jscript9.dll 2014-02-20 20:52:38 ----A---- C:\Windows\system32\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\msdrm.dll 2014-02-20 20:52:21 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-20 20:52:21 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-20 20:52:20 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-20 20:52:20 ----A---- C:\Windows\system32\d2d1.dll 2014-01-31 20:40:09 ----D---- C:\Windows\Migration 2014-01-31 20:38:16 ----D---- C:\1b5fd34eb4a2f584cfd6e34d 2014-01-31 20:30:14 ----D---- C:\Program Files (x86)\Spotify 2014-01-16 20:08:59 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-16 19:51:14 ----A---- C:\Windows\system32\drivers\aswstm.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 20:09:22 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 20:09:20 ----A---- C:\Windows\system32\drivers\netio.sys 2013-12-20 17:01:36 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmp.dll 2013-12-20 17:01:33 ----A---- C:\Windows\system32\wmp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\SYSWOW64\msieftp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\system32\msieftp.dll 2013-12-20 16:54:03 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2013-12-20 16:54:03 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-20 16:53:59 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-12-20 16:53:59 ----A---- C:\Windows\system32\tzres.dll 2013-12-20 16:53:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2013-12-20 16:53:52 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\cscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\system32\cscript.exe ======List of files/folders modified in the last 3 months====== 2014-02-26 16:24:06 ----D---- C:\Windows\Temp 2014-02-26 16:21:16 ----RD---- C:\Program Files 2014-02-26 16:20:20 ----D---- C:\Users\Elon\AppData\Roaming\Spotify 2014-02-26 16:20:09 ----D---- C:\Users\Elon\AppData\Roaming\TeraCopy 2014-02-26 16:19:17 ----RD---- C:\Program Files (x86) 2014-02-26 16:19:02 ----D---- C:\Windows\system32\Tasks 2014-02-26 16:18:58 ----D---- C:\Windows 2014-02-26 16:18:57 ----A---- C:\Windows\system32\aswBoot.exe 2014-02-26 16:16:11 ----D---- C:\Users\Elon\AppData\Roaming\uTorrent 2014-02-26 16:14:34 ----D---- C:\Windows\system32\config 2014-02-26 16:12:11 ----D---- C:\Windows\Prefetch 2014-02-26 16:00:07 ----D---- C:\Users\Elon\AppData\Roaming\Dropbox 2014-02-26 15:58:08 ----D---- C:\Windows\System32 2014-02-26 15:16:19 ----D---- C:\Windows\inf 2014-02-26 14:23:08 ----D---- C:\Users\Elon\AppData\Roaming\DAEMON Tools Lite 2014-02-26 14:22:33 ----D---- C:\Windows\system32\LogFiles 2014-02-26 14:22:32 ----D---- C:\Windows\debug 2014-02-26 14:17:28 ----D---- C:\ProgramData\NVIDIA 2014-02-26 14:17:17 ----D---- C:\Windows\winsxs 2014-02-26 14:15:11 ----D---- C:\Windows\SysWOW64 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\system32\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\DriverStore 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers 2014-02-26 13:03:20 ----D---- C:\Windows\system32\catroot 2014-02-26 13:03:18 ----D---- C:\Windows\system32\catroot2 2014-02-26 12:58:40 ----RD---- C:\Users 2014-02-26 12:50:01 ----SHD---- C:\Windows\Installer 2014-02-26 12:49:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-26 12:49:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-26 12:36:05 ----D---- C:\ProgramData\DAEMON Tools Lite 2014-02-26 12:09:25 ----D---- C:\Program Files (x86)\Common Files 2014-02-26 12:09:12 ----HD---- C:\ProgramData 2014-02-25 17:12:34 ----D---- C:\Users\Elon\AppData\Roaming\vlc 2014-02-25 14:52:52 ----D---- C:\Windows\rescache 2014-02-25 13:40:48 ----D---- C:\Windows\Microsoft.NET 2014-02-24 20:31:15 ----RSD---- C:\Windows\assembly 2014-02-24 18:00:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-24 17:03:55 ----D---- C:\Program Files\Internet Explorer 2014-02-24 17:03:55 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-20 21:28:18 ----D---- C:\Windows\system32\MRT 2014-02-20 21:25:39 ----A---- C:\Windows\system32\MRT.exe 2014-01-31 20:40:23 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-31 20:40:23 ----D---- C:\Windows\system32\en-US 2014-01-31 20:40:09 ----SD---- C:\ProgramData\Microsoft 2014-01-18 17:08:07 ----D---- C:\Program Files\WinRAR 2014-01-16 20:25:33 ----D---- C:\ProgramData\Oracle 2014-01-16 18:54:17 ----D---- C:\ProgramData\Microsoft Help 2013-12-20 17:03:05 ----D---- C:\Program Files\Windows Media Player 2013-12-20 17:03:05 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe 2013-12-08 21:03:40 ----D---- C:\Windows\Panther 2013-12-08 21:03:39 ----D---- C:\Windows\Logs 2013-12-08 19:20:09 ----D---- C:\Windows\SYSWOW64\migration 2013-12-08 19:20:05 ----D---- C:\Windows\PolicyDefinitions 2013-12-08 19:20:04 ----D---- C:\Windows\system32\migration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-19 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-16 207904] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-26 381440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-19 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-26 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-26 421704] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-26 78648] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-08-08 60928] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-26 80184] R3 netw5v64;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 nuvotoncir;Nuvoton IR Transceiver; C:\Windows\system32\DRIVERS\nuvotoncir.sys [2009-08-31 48128] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-28 292400] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-03 2480104] S3 jumi;%Jumi%; C:\Windows\system32\DRIVERS\jumi.sys [2010-06-03 15160] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-16 50344] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-26 655624] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF---------------- -
Laptop traag + eventueel virus
hidde565 plaatste een topic in Archief Bestrijding malware & virussen
Hallo, Sinds ik vanochtend via Windows Update mijn laptop heb 'upgedate', flikkert het scherm soms. Daarnaast download ik wel eens films via uTorrent, maar Avast geeft iets aan over het zelfde virus bij alle films! Ik hoop dat jullie mij kunnen helpen, groeten. Log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Elon at 2014-02-26 16:24:04 Microsoft Windows 7 Enterprise Service Pack 1 System drive C: has 146 GB (77%) free of 191 GB Total RAM: 4094 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:06, on 26-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\trend micro\Elon.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN24F630M605MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2C51G3H905SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET) #2] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2486314K05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET) #2" -AutoStart 1 O4 - HKCU\..\Run: [searchProtection] "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart O4 - HKLM\..\Policies\Explorer\Run: [AdobeFlash] C:\Users\Elon\AppData\Roaming\server.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11013 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1112 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart "C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3420.0.1751871964\147001557" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer " /prefetch:822062411 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.1.16238001\1122382084" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.2.597407603\1715961386" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.3.2109697015\860888437" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4128.4.623612232\756779804" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --lang=en-US --log-severity=disable /prefetch:822062411 C:\Windows\System32\svchost.exe -k secsvcs "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.13.1475746250\1897008987" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.15.1374673507\2061113967" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.32.1511744630\244340277" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.7.2050123969\1824776470" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Users\Elon\Desktop\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-03 11464296] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1825064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "JumiController"= [] "Google Update"=C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 136176] "HP Deskjet 3070 B611 series (NET)"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "Spotify Web Helper"=C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-23 1171968] "HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "HP Deskjet 3070 B611 series (NET) #2"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "SearchProtection"=C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-12-31 837992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] C:\Users\Elon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Elon\AppData\Local\Temp\Terminado.exe"="C:\Users\Elon\AppData\Local\Temp\Terminado.exe:*:Enabled:Windows Messanger" "C:\Users\Elon\AppData\Roaming\server.exe"="C:\Users\Elon\AppData\Roaming\server.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-02-26 16:24:04 ----D---- C:\rsit 2014-02-26 16:21:16 ----D---- C:\Program Files\trend micro 2014-02-26 15:58:08 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers\en-US 2014-02-26 13:03:11 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-02-26 13:02:58 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2014-02-26 13:02:57 ----A---- C:\Windows\system32\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprt.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\TSWbPrxy.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\MsRdpWebAccess.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-02-26 13:02:55 ----A---- C:\Windows\system32\mstscax.dll 2014-02-26 13:02:54 ----A---- C:\Windows\system32\rdvidcrl.dll 2014-02-26 12:58:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvvsvc.exe 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvsvcr.dll 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvshext.dll 2014-02-26 12:56:37 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2014-02-26 12:56:37 ----A---- C:\Windows\system32\OpenCL.dll 2014-02-26 12:54:06 ----D---- C:\Program Files\NVIDIA Corporation 2014-02-26 12:46:10 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-02-26 12:46:10 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-02-26 12:13:44 ----D---- C:\Program Files\PowerISO 2014-02-26 12:13:38 ----D---- C:\Program Files (x86)\SearchProtect 2014-02-26 12:09:12 ----D---- C:\ProgramData\Rosetta Stone 2014-02-26 12:09:12 ----D---- C:\Program Files (x86)\Rosetta Stone 2014-02-20 21:14:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-20 21:14:22 ----A---- C:\Windows\system32\vbscript.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-20 21:13:33 ----A---- C:\Windows\system32\msrating.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieui.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\iernonce.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-20 21:13:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-20 21:13:31 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\system32\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-20 21:13:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-20 21:13:29 ----A---- C:\Windows\system32\mshtml.dll 2014-02-20 21:13:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\iertutil.dll 2014-02-20 21:13:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-20 21:13:26 ----A---- C:\Windows\system32\urlmon.dll 2014-02-20 21:13:25 ----A---- C:\Windows\system32\ieframe.dll 2014-02-20 21:13:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-20 21:13:22 ----A---- C:\Windows\system32\jscript9.dll 2014-02-20 20:52:38 ----A---- C:\Windows\system32\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\msdrm.dll 2014-02-20 20:52:21 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-20 20:52:21 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-20 20:52:20 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-20 20:52:20 ----A---- C:\Windows\system32\d2d1.dll 2014-01-31 20:40:09 ----D---- C:\Windows\Migration 2014-01-31 20:38:16 ----D---- C:\1b5fd34eb4a2f584cfd6e34d 2014-01-31 20:30:14 ----D---- C:\Program Files (x86)\Spotify 2014-01-16 20:08:59 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-16 19:51:14 ----A---- C:\Windows\system32\drivers\aswstm.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 20:09:22 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 20:09:20 ----A---- C:\Windows\system32\drivers\netio.sys 2013-12-20 17:01:36 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmp.dll 2013-12-20 17:01:33 ----A---- C:\Windows\system32\wmp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\SYSWOW64\msieftp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\system32\msieftp.dll 2013-12-20 16:54:03 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2013-12-20 16:54:03 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-20 16:53:59 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-12-20 16:53:59 ----A---- C:\Windows\system32\tzres.dll 2013-12-20 16:53:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2013-12-20 16:53:52 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\cscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\system32\cscript.exe ======List of files/folders modified in the last 3 months====== 2014-02-26 16:24:06 ----D---- C:\Windows\Temp 2014-02-26 16:21:16 ----RD---- C:\Program Files 2014-02-26 16:20:20 ----D---- C:\Users\Elon\AppData\Roaming\Spotify 2014-02-26 16:20:09 ----D---- C:\Users\Elon\AppData\Roaming\TeraCopy 2014-02-26 16:19:17 ----RD---- C:\Program Files (x86) 2014-02-26 16:19:02 ----D---- C:\Windows\system32\Tasks 2014-02-26 16:18:58 ----D---- C:\Windows 2014-02-26 16:18:57 ----A---- C:\Windows\system32\aswBoot.exe 2014-02-26 16:16:11 ----D---- C:\Users\Elon\AppData\Roaming\uTorrent 2014-02-26 16:14:34 ----D---- C:\Windows\system32\config 2014-02-26 16:12:11 ----D---- C:\Windows\Prefetch 2014-02-26 16:00:07 ----D---- C:\Users\Elon\AppData\Roaming\Dropbox 2014-02-26 15:58:08 ----D---- C:\Windows\System32 2014-02-26 15:16:19 ----D---- C:\Windows\inf 2014-02-26 14:23:08 ----D---- C:\Users\Elon\AppData\Roaming\DAEMON Tools Lite 2014-02-26 14:22:33 ----D---- C:\Windows\system32\LogFiles 2014-02-26 14:22:32 ----D---- C:\Windows\debug 2014-02-26 14:17:28 ----D---- C:\ProgramData\NVIDIA 2014-02-26 14:17:17 ----D---- C:\Windows\winsxs 2014-02-26 14:15:11 ----D---- C:\Windows\SysWOW64 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\system32\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\DriverStore 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers 2014-02-26 13:03:20 ----D---- C:\Windows\system32\catroot 2014-02-26 13:03:18 ----D---- C:\Windows\system32\catroot2 2014-02-26 12:58:40 ----RD---- C:\Users 2014-02-26 12:50:01 ----SHD---- C:\Windows\Installer 2014-02-26 12:49:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-26 12:49:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-26 12:36:05 ----D---- C:\ProgramData\DAEMON Tools Lite 2014-02-26 12:09:25 ----D---- C:\Program Files (x86)\Common Files 2014-02-26 12:09:12 ----HD---- C:\ProgramData 2014-02-25 17:12:34 ----D---- C:\Users\Elon\AppData\Roaming\vlc 2014-02-25 14:52:52 ----D---- C:\Windows\rescache 2014-02-25 13:40:48 ----D---- C:\Windows\Microsoft.NET 2014-02-24 20:31:15 ----RSD---- C:\Windows\assembly 2014-02-24 18:00:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-24 17:03:55 ----D---- C:\Program Files\Internet Explorer 2014-02-24 17:03:55 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-20 21:28:18 ----D---- C:\Windows\system32\MRT 2014-02-20 21:25:39 ----A---- C:\Windows\system32\MRT.exe 2014-01-31 20:40:23 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-31 20:40:23 ----D---- C:\Windows\system32\en-US 2014-01-31 20:40:09 ----SD---- C:\ProgramData\Microsoft 2014-01-18 17:08:07 ----D---- C:\Program Files\WinRAR 2014-01-16 20:25:33 ----D---- C:\ProgramData\Oracle 2014-01-16 18:54:17 ----D---- C:\ProgramData\Microsoft Help 2013-12-20 17:03:05 ----D---- C:\Program Files\Windows Media Player 2013-12-20 17:03:05 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe 2013-12-08 21:03:40 ----D---- C:\Windows\Panther 2013-12-08 21:03:39 ----D---- C:\Windows\Logs 2013-12-08 19:20:09 ----D---- C:\Windows\SYSWOW64\migration 2013-12-08 19:20:05 ----D---- C:\Windows\PolicyDefinitions 2013-12-08 19:20:04 ----D---- C:\Windows\system32\migration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-19 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-16 207904] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-26 381440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-19 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-26 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-26 421704] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-26 78648] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-08-08 60928] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-26 80184] R3 netw5v64;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 nuvotoncir;Nuvoton IR Transceiver; C:\Windows\system32\DRIVERS\nuvotoncir.sys [2009-08-31 48128] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-28 292400] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-03 2480104] S3 jumi;%Jumi%; C:\Windows\system32\DRIVERS\jumi.sys [2010-06-03 15160] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-16 50344] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-26 655624] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------Logfile of random's system information tool 1.09 (written by random/random) Run by Elon at 2014-02-26 16:24:04 Microsoft Windows 7 Enterprise Service Pack 1 System drive C: has 146 GB (77%) free of 191 GB Total RAM: 4094 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:06, on 26-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\trend micro\Elon.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN24F630M605MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2C51G3H905SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET) #2] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2486314K05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET) #2" -AutoStart 1 O4 - HKCU\..\Run: [searchProtection] "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart O4 - HKLM\..\Policies\Explorer\Run: [AdobeFlash] C:\Users\Elon\AppData\Roaming\server.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1227978982-2757754115-940779378-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11013 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1112 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart "C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Users\Elon\AppData\Roaming\Spotify\spotify.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3420.0.1751871964\147001557" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer " /prefetch:822062411 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.1.16238001\1122382084" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.2.597407603\1715961386" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.3.2109697015\860888437" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4128.4.623612232\756779804" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0407 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --lang=en-US --log-severity=disable /prefetch:822062411 C:\Windows\System32\svchost.exe -k secsvcs "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.13.1475746250\1897008987" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.15.1374673507\2061113967" /prefetch:673131151 "C:\Users\Elon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group4 pct:10d stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StableReorderHoldbackR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3420.32.1511744630\244340277" /prefetch:673131151 "C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4128.7.2050123969\1824776470" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Users\Elon\Desktop\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1227978982-2757754115-940779378-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-26 1390368] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-03 11464296] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1825064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "JumiController"= [] "Google Update"=C:\Users\Elon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 136176] "HP Deskjet 3070 B611 series (NET)"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "Spotify Web Helper"=C:\Users\Elon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-23 1171968] "HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "HP Deskjet 3070 B611 series (NET) #2"=C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584] "SearchProtection"=C:\Users\Elon\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-12-31 837992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "AdobeFlash"=C:\Users\Elon\AppData\Roaming\server.exe [] C:\Users\Elon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Elon\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Elon\AppData\Local\Temp\Terminado.exe"="C:\Users\Elon\AppData\Local\Temp\Terminado.exe:*:Enabled:Windows Messanger" "C:\Users\Elon\AppData\Roaming\server.exe"="C:\Users\Elon\AppData\Roaming\server.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-02-26 16:24:04 ----D---- C:\rsit 2014-02-26 16:21:16 ----D---- C:\Program Files\trend micro 2014-02-26 15:58:08 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers\en-US 2014-02-26 13:03:11 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-02-26 13:02:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-02-26 13:02:58 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2014-02-26 13:02:57 ----A---- C:\Windows\system32\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprtPS.dll 2014-02-26 13:02:56 ----A---- C:\Windows\system32\wksprt.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\TSWbPrxy.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\mstsc.exe 2014-02-26 13:02:56 ----A---- C:\Windows\system32\MsRdpWebAccess.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll 2014-02-26 13:02:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-02-26 13:02:55 ----A---- C:\Windows\system32\mstscax.dll 2014-02-26 13:02:54 ----A---- C:\Windows\system32\rdvidcrl.dll 2014-02-26 12:58:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvvsvc.exe 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvsvcr.dll 2014-02-26 12:57:32 ----A---- C:\Windows\system32\nvshext.dll 2014-02-26 12:56:37 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2014-02-26 12:56:37 ----A---- C:\Windows\system32\OpenCL.dll 2014-02-26 12:54:06 ----D---- C:\Program Files\NVIDIA Corporation 2014-02-26 12:46:10 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-02-26 12:46:10 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-02-26 12:13:44 ----D---- C:\Program Files\PowerISO 2014-02-26 12:13:38 ----D---- C:\Program Files (x86)\SearchProtect 2014-02-26 12:09:12 ----D---- C:\ProgramData\Rosetta Stone 2014-02-26 12:09:12 ----D---- C:\Program Files (x86)\Rosetta Stone 2014-02-20 21:14:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-20 21:14:22 ----A---- C:\Windows\system32\vbscript.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-20 21:13:33 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-20 21:13:33 ----A---- C:\Windows\system32\msrating.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieui.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\iernonce.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-20 21:13:32 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-20 21:13:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-20 21:13:31 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-20 21:13:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-20 21:13:30 ----A---- C:\Windows\system32\iesetup.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-20 21:13:30 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-20 21:13:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-20 21:13:29 ----A---- C:\Windows\system32\mshtml.dll 2014-02-20 21:13:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-20 21:13:28 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\wininet.dll 2014-02-20 21:13:27 ----A---- C:\Windows\system32\iertutil.dll 2014-02-20 21:13:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-20 21:13:26 ----A---- C:\Windows\system32\urlmon.dll 2014-02-20 21:13:25 ----A---- C:\Windows\system32\ieframe.dll 2014-02-20 21:13:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-20 21:13:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-20 21:13:22 ----A---- C:\Windows\system32\jscript9.dll 2014-02-20 20:52:38 ----A---- C:\Windows\system32\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-20 20:52:36 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-20 20:52:36 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-20 20:52:26 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-20 20:52:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\secproc.dll 2014-02-20 20:52:24 ----A---- C:\Windows\system32\msdrm.dll 2014-02-20 20:52:21 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-20 20:52:21 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-20 20:52:20 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-20 20:52:20 ----A---- C:\Windows\system32\d2d1.dll 2014-01-31 20:40:09 ----D---- C:\Windows\Migration 2014-01-31 20:38:16 ----D---- C:\1b5fd34eb4a2f584cfd6e34d 2014-01-31 20:30:14 ----D---- C:\Program Files (x86)\Spotify 2014-01-16 20:08:59 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-16 20:08:48 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-16 19:51:14 ----A---- C:\Windows\system32\drivers\aswstm.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 20:09:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 20:09:22 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 20:09:20 ----A---- C:\Windows\system32\drivers\netio.sys 2013-12-20 17:01:36 ----A---- C:\Windows\system32\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2013-12-20 17:01:35 ----A---- C:\Windows\SYSWOW64\wmp.dll 2013-12-20 17:01:33 ----A---- C:\Windows\system32\wmp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\SYSWOW64\msieftp.dll 2013-12-20 16:54:05 ----A---- C:\Windows\system32\msieftp.dll 2013-12-20 16:54:03 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2013-12-20 16:54:03 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-20 16:54:02 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-20 16:53:59 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-12-20 16:53:59 ----A---- C:\Windows\system32\tzres.dll 2013-12-20 16:53:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2013-12-20 16:53:52 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\SYSWOW64\cscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\wscript.exe 2013-12-20 16:53:51 ----A---- C:\Windows\system32\scrrun.dll 2013-12-20 16:53:51 ----A---- C:\Windows\system32\cscript.exe ======List of files/folders modified in the last 3 months====== 2014-02-26 16:24:06 ----D---- C:\Windows\Temp 2014-02-26 16:21:16 ----RD---- C:\Program Files 2014-02-26 16:20:20 ----D---- C:\Users\Elon\AppData\Roaming\Spotify 2014-02-26 16:20:09 ----D---- C:\Users\Elon\AppData\Roaming\TeraCopy 2014-02-26 16:19:17 ----RD---- C:\Program Files (x86) 2014-02-26 16:19:02 ----D---- C:\Windows\system32\Tasks 2014-02-26 16:18:58 ----D---- C:\Windows 2014-02-26 16:18:57 ----A---- C:\Windows\system32\aswBoot.exe 2014-02-26 16:16:11 ----D---- C:\Users\Elon\AppData\Roaming\uTorrent 2014-02-26 16:14:34 ----D---- C:\Windows\system32\config 2014-02-26 16:12:11 ----D---- C:\Windows\Prefetch 2014-02-26 16:00:07 ----D---- C:\Users\Elon\AppData\Roaming\Dropbox 2014-02-26 15:58:08 ----D---- C:\Windows\System32 2014-02-26 15:16:19 ----D---- C:\Windows\inf 2014-02-26 14:23:08 ----D---- C:\Users\Elon\AppData\Roaming\DAEMON Tools Lite 2014-02-26 14:22:33 ----D---- C:\Windows\system32\LogFiles 2014-02-26 14:22:32 ----D---- C:\Windows\debug 2014-02-26 14:17:28 ----D---- C:\ProgramData\NVIDIA 2014-02-26 14:17:17 ----D---- C:\Windows\winsxs 2014-02-26 14:15:11 ----D---- C:\Windows\SysWOW64 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\wbem 2014-02-26 14:14:10 ----D---- C:\Windows\system32\nl-NL 2014-02-26 14:14:10 ----D---- C:\Windows\system32\DriverStore 2014-02-26 14:14:10 ----D---- C:\Windows\system32\drivers 2014-02-26 13:03:20 ----D---- C:\Windows\system32\catroot 2014-02-26 13:03:18 ----D---- C:\Windows\system32\catroot2 2014-02-26 12:58:40 ----RD---- C:\Users 2014-02-26 12:50:01 ----SHD---- C:\Windows\Installer 2014-02-26 12:49:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-26 12:49:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-26 12:36:05 ----D---- C:\ProgramData\DAEMON Tools Lite 2014-02-26 12:09:25 ----D---- C:\Program Files (x86)\Common Files 2014-02-26 12:09:12 ----HD---- C:\ProgramData 2014-02-25 17:12:34 ----D---- C:\Users\Elon\AppData\Roaming\vlc 2014-02-25 14:52:52 ----D---- C:\Windows\rescache 2014-02-25 13:40:48 ----D---- C:\Windows\Microsoft.NET 2014-02-24 20:31:15 ----RSD---- C:\Windows\assembly 2014-02-24 18:00:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-24 17:03:55 ----D---- C:\Program Files\Internet Explorer 2014-02-24 17:03:55 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-20 21:28:18 ----D---- C:\Windows\system32\MRT 2014-02-20 21:25:39 ----A---- C:\Windows\system32\MRT.exe 2014-01-31 20:40:23 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-31 20:40:23 ----D---- C:\Windows\system32\en-US 2014-01-31 20:40:09 ----SD---- C:\ProgramData\Microsoft 2014-01-18 17:08:07 ----D---- C:\Program Files\WinRAR 2014-01-16 20:25:33 ----D---- C:\ProgramData\Oracle 2014-01-16 18:54:17 ----D---- C:\ProgramData\Microsoft Help 2013-12-20 17:03:05 ----D---- C:\Program Files\Windows Media Player 2013-12-20 17:03:05 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe 2013-12-08 21:03:40 ----D---- C:\Windows\Panther 2013-12-08 21:03:39 ----D---- C:\Windows\Logs 2013-12-08 19:20:09 ----D---- C:\Windows\SYSWOW64\migration 2013-12-08 19:20:05 ----D---- C:\Windows\PolicyDefinitions 2013-12-08 19:20:04 ----D---- C:\Windows\system32\migration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-19 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-16 207904] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-26 381440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-19 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-26 1038072] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-26 421704] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-26 78648] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-08-08 60928] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-26 80184] R3 netw5v64;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 nuvotoncir;Nuvoton IR Transceiver; C:\Windows\system32\DRIVERS\nuvotoncir.sys [2009-08-31 48128] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-28 292400] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-03 2480104] S3 jumi;%Jumi%; C:\Windows\system32\DRIVERS\jumi.sys [2010-06-03 15160] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-16 50344] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-26 655624] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- -
PC loopt vast en werkt traag
hidde565 reageerde op hidde565's topic in Archief Bestrijding malware & virussen
Ha, Heb Delfix en CCleaner uitgevoerd, defragmenteren ga ik binnenkort doen Bedankt voor de hulp!
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!