DragonOfBruges

@Kape: een dikke merci voor de hulp!!! @kweezie wabbit: is inderdaad zo.... ik probeer je suggestie. thx!!! - - - Updated - - - Traycleaner heeft de laatste sporen weggewist!!! Bedankt voor de inspanning!!!

Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by Claude on zo 01/09/2013 at 22:19:53,44. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Claude\Downloads\zoek\zoek.exe [script inserted] ==== Folders Found ====================== ==== Files Found ====================== ==== EOF on zo 01/09/2013 at 22:22:12,70 ======================

Niet echt, ze staan enkel nog bij mijn systeempictogrammen. Kan ze precies niet verwijderen. Als ik de bestanden opzoek vind de pc niets terug.

Nee voor de rest lijkt alles prima!!! - - - Updated - - - Ik zie net wel dat dit nog bij mijn systeempictogrammen staat lollipop.exe lollipop_08261306.exe is dit normaal?

Zoek.exe Version 4.0.0.4 Updated 26-08-2013 Tool run by Claude on wo 28/08/2013 at 20:54:58,08. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Claude\Downloads\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 28/08/2013 20:56:50 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4226825908-4199608794-2923880341-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-4226825908-4199608794-2923880341-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npggsvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\npggsvc deleted successfully ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Users\Claude\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\Users\Claude\AppData\Local\CRE" deleted "C:\Users\Claude\AppData\Local\Bundled software uninstaller" deleted "C:\Users\Claude\AppData\Local\Conduit" deleted "C:\Users\Claude\AppData\LocalLow\PriceGong" deleted "C:\Users\Claude\AppData\LocalLow\Conduit" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Claude\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-08-25 23:18:36 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-08-25 23:18:35 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-08-25 23:18:34 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-08-25 23:18:34 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-25 23:18:34 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-08-25 23:18:34 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-08-25 23:18:34 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-08-25 23:18:33 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-08-25 23:18:32 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-08-25 23:18:31 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-08-25 23:18:31 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-08-25 23:18:30 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-08-25 23:18:30 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-08-25 23:18:29 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-08-25 23:18:25 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-08-25 09:34:36 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-08-25 09:34:36 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-25 09:34:36 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-08-25 09:34:36 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-08-25 09:34:29 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-08-25 09:34:22 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-25 09:34:19 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-25 23:18:36 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-08-25 23:18:35 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-08-25 23:18:34 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-08-25 23:18:34 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-08-25 23:18:34 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-08-25 23:18:34 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-08-25 23:18:34 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-08-25 23:18:33 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-08-25 23:18:32 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-08-25 23:18:32 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-08-25 23:18:32 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-08-25 23:18:31 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-08-25 23:18:30 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-08-25 23:18:30 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-08-25 23:18:28 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-08-25 23:18:27 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-08-25 09:34:37 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-08-25 09:34:36 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-08-25 09:34:36 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-08-25 09:34:36 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-08-25 09:34:29 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-08-25 09:34:22 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2013-08-25 09:34:20 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll ====== C:\Windows\Sysnative\drivers ===== 2013-08-25 09:35:25 6A0E850DDCB136AA3D2FB7234382DF12 283064 ----a-w- C:\Windows\Sysnative\drivers\dtsoftbus01.sys 2013-08-25 09:34:19 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-08-25 09:34:19 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-28 13:55:17 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-25 09:35:19 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite ======= C: ===== ====== C:\Users\Claude\AppData\Roaming ====== 2013-07-31 17:39:29 -------- d-----w- C:\users\Claude\AppData\Roaming\mm 2013-07-30 21:14:32 -------- d-----w- C:\users\Claude\AppData\Roaming\OpenOffice ====== C:\Users\Claude ====== 2013-08-25 09:35:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite ====== C: exe-files == 2013-08-28 13:55:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Claude.exe 2013-08-28 13:55:07 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99JCAQP5\RSITx64.exe 2013-08-27 09:17:01 363B9045436094FC57B081E68D0419F8 17395008 ----a-w- C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe 2013-08-27 08:28:32 5849526A5EE3077818E46DAAA34DE6DC 111970304 ----a-w- C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSMQRA2U\ffxivsetup.exe 2013-08-26 13:34:56 D6E84508BBE50BBEEFAF02C865A96836 1070672 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_714BFB3B4B0991F6.exe 2013-08-26 13:34:23 42D0D34CAA293C83B4433A537DF13895 530912 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4413.1752\GoogleToolbarInstaller_updater_signed.exe 2013-08-26 13:16:45 585A2788EE40FE25E1E8F23E6595E005 837952 ----a-w- C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivupdater.exe 2013-08-26 13:16:43 B0FCDCA3E92A748EAEF929897118E853 3766080 ----a-w- C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe 2013-08-26 13:16:43 7985AE8598565507F7F77CE4813DBC06 809280 ----a-w- C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe 2013-08-26 13:16:43 2F27300A3E4674F7AF81EE37519971FD 252736 ----a-w- C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivsysinfo.exe 2013-08-26 13:16:42 BC49243557991AC42FCC01B8E3BB05D2 393216 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}\setup.exe 2013-08-25 23:18:34 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-25 23:18:34 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-08-25 23:18:34 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-25 23:18:33 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-08-25 23:18:33 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-25 12:18:13 48E9E8B20726D853A28126DCF4778D9E 212808 ----a-w- C:\Program Files (x86)\Dragon's Prophet\wbp.exe 2013-08-25 12:18:09 EBDD008A48E49C36935ECA389C43715D 39704 ----a-w- C:\Program Files (x86)\Dragon's Prophet\awesomium_process.exe 2013-08-25 09:36:21 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99JCAQP5\LollipopInstaller_somoto_14693[1].exe 2013-08-25 09:35:25 BD217B63289396563D8E1CE82E20C405 52032 ----a-w- C:\Program Files (x86)\DAEMON Tools Lite\dtsoftbusinst64.exe 2013-08-25 09:32:49 9B62C7540BFC4A4A68B2D7A20EE13AF5 141216 ----a-w- C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1249DQ8V\bi_downloader[1].exe === C: other files == 2013-08-25 09:35:25 6A0E850DDCB136AA3D2FB7234382DF12 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2013-08-25 09:35:25 6A0E850DDCB136AA3D2FB7234382DF12 283064 ----a-w- C:\Program Files (x86)\DAEMON Tools Lite\dtsoftbus01.sys 2013-08-25 09:34:19 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-08-25 09:34:19 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4226825908-4199608794-2923880341-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify Web Helper"="C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AgentMonitor"="C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "NCUpdateHelper"="C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="rundll32.exe C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll,ProcessCleanupScript" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify Web Helper"="C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Folders ====================== 2012-05-04 15:20:29 1051 ----a-w- C:\users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25/08/2013 12:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/10/2011 14:38] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/10/2011 14:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4226825908-4199608794-2923880341-1000Core.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4226825908-4199608794-2923880341-1000UA.job --a------ C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe [20/10/2011 19:48] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Claude\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Claude\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] uTorrentBar_NL - Claude - Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb ==== Chrome Fix ====================== C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage-journal deleted successfully C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {24CE1459-6942-4CBB-832E-1ECF5A9D82A0} Google Url="{searchTerms} - Google zoeken?}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\users\Claude\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Claude\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [Google Update] "C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Claude\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Claude\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Claude\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Claude\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 28/08/2013 at 21:04:57,59 ======================

Hoi, onlangs heb ik ontdekt dat een programma lollipop op mijn pc ongewenste reclame leverde. Heb die proberen te verwijderen via een antimalware programma maar ik ben er toch niet gerust op. Vooral omdat ik las dat dit programma nog veel meer schade kan doen. Ik heb hieronder dan ook een logje gepost in de hoop dat iemand dit eens deftig wilde bekijken voor me. Alvast bedankt voor de moeite. Logfile of random's system information tool 1.09 (written by random/random) Run by Claude at 2013-08-28 15:55:17 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 372 GB (41%) free of 910 GB Total RAM: 8175 MB (74% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:55:23, on 28/08/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Claude.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Claude\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10426 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2116 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-84503443-6815-4b94-b920-2299f9435692 -SystemEventPortName:HostProcess-8af67097-0be5-43f8-a984-f1bf28f911eb -IoCancelEventPortName:HostProcess-7ba00492-fdf2-4ea2-b33f-758eca09f6a5 -NonStateChangingEventPortName:HostProcess-da145aae-7f4d-4be0-8583-c79f7b165a15 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:10a348f4-a5b0-42d2-a1a2-cbdc347e18e5 -DeviceGroupId:WpdFsGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "taskhost.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files\Microsoft Security Client\MsMpEng.exe" "C:\Program Files\Microsoft Security Client\NisSrv.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" /hide "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" http://www.pc-helpforum.be/register.php?a=act&u=44984&i=e23d3c3b7a7c23f7483da6e5290e4aaf35588e45 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3140 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe -Embedding "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4226825908-4199608794-2923880341-100012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4226825908-4199608794-2923880341-100012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3140 CREDAT:3937621 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3140 CREDAT:398614 /prefetch:2 "C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99JCAQP5\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4226825908-4199608794-2923880341-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4226825908-4199608794-2923880341-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-26 254032] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-26 192592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-26 254032] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-26 192592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Claude\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-20 136176] "Spotify Web Helper"=C:\Users\Claude\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-06-19 1104384] "Spotify"=C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe [2013-06-19 4643328] "PlayNC Launcher"= [] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-07-02 248208] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AgentMonitor"=C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [2011-11-30 393640] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "NCUpdateHelper"=C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [2013-07-16 528360] C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2013-08-28 15:55:17 ----D---- C:\rsit 2013-08-28 15:55:17 ----D---- C:\Program Files\trend micro 2013-08-26 01:18:35 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-26 01:18:35 ----A---- C:\Windows\system32\ieui.dll 2013-08-26 01:18:34 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-26 01:18:34 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-26 01:18:34 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-26 01:18:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-26 01:18:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-26 01:18:34 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-26 01:18:34 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-26 01:18:34 ----A---- C:\Windows\system32\iesetup.dll 2013-08-26 01:18:34 ----A---- C:\Windows\system32\iernonce.dll 2013-08-26 01:18:34 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-26 01:18:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-26 01:18:33 ----A---- C:\Windows\system32\iertutil.dll 2013-08-26 01:18:32 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-26 01:18:32 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-26 01:18:32 ----A---- C:\Windows\system32\jscript9.dll 2013-08-26 01:18:32 ----A---- C:\Windows\system32\jscript.dll 2013-08-26 01:18:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-26 01:18:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-26 01:18:31 ----A---- C:\Windows\system32\urlmon.dll 2013-08-26 01:18:30 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-26 01:18:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-26 01:18:30 ----A---- C:\Windows\system32\wininet.dll 2013-08-26 01:18:30 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-26 01:18:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-26 01:18:28 ----A---- C:\Windows\system32\ieframe.dll 2013-08-26 01:18:27 ----A---- C:\Windows\system32\mshtml.dll 2013-08-26 01:18:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-26 01:13:47 ----D---- C:\Windows\system32\MRT 2013-08-25 11:35:25 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys 2013-08-25 11:35:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite 2013-08-25 11:34:37 ----A---- C:\Windows\system32\crypt32.dll 2013-08-25 11:34:36 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-25 11:34:36 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-25 11:34:36 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-25 11:34:36 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-25 11:34:36 ----A---- C:\Windows\system32\wintrust.dll 2013-08-25 11:34:36 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-25 11:34:36 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-25 11:34:29 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-25 11:34:29 ----A---- C:\Windows\system32\tzres.dll 2013-08-25 11:34:22 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-25 11:34:22 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-25 11:34:20 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-25 11:34:19 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-25 11:34:19 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-25 11:34:19 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-07-31 19:39:29 ----D---- C:\Users\Claude\AppData\Roaming\mm 2013-07-30 23:14:32 ----D---- C:\Users\Claude\AppData\Roaming\OpenOffice 2013-07-29 17:20:29 ----D---- C:\Program Files (x86)\OpenOffice 4 ======List of files/folders modified in the last 1 month====== 2013-08-28 15:55:23 ----D---- C:\Windows\Prefetch 2013-08-28 15:55:17 ----RD---- C:\Program Files 2013-08-28 15:55:12 ----D---- C:\Windows\Temp 2013-08-28 15:49:17 ----D---- C:\Windows\system32\config 2013-08-28 15:37:16 ----SHD---- C:\Windows\Installer 2013-08-28 15:37:16 ----SHD---- C:\Config.Msi 2013-08-28 15:37:16 ----D---- C:\Program Files\Microsoft Security Client 2013-08-28 15:37:08 ----D---- C:\Windows\system32\drivers 2013-08-28 15:37:08 ----D---- C:\Windows\system32\catroot 2013-08-28 15:37:08 ----D---- C:\Windows 2013-08-28 15:37:07 ----D---- C:\Program Files (x86)\Microsoft Security Client 2013-08-28 15:36:08 ----SD---- C:\Users\Claude\AppData\Roaming\Microsoft 2013-08-28 15:29:01 ----D---- C:\Windows\system32\catroot2 2013-08-28 15:28:59 ----SHD---- C:\System Volume Information 2013-08-28 15:28:12 ----D---- C:\Users\Claude\AppData\Roaming\Dropbox 2013-08-28 15:28:03 ----D---- C:\Users\Claude\AppData\Roaming\Spotify 2013-08-28 15:16:54 ----A---- C:\Windows\SYSWOW64\log.txt 2013-08-28 15:14:36 ----D---- C:\ProgramData\NVIDIA 2013-08-27 23:40:38 ----D---- C:\Users\Claude\AppData\Roaming\SoftGrid Client 2013-08-26 18:21:43 ----D---- C:\Windows\rescache 2013-08-26 17:57:48 ----RSD---- C:\Windows\assembly 2013-08-26 17:57:48 ----D---- C:\Windows\Microsoft.NET 2013-08-26 15:16:43 ----D---- C:\Program Files (x86)\SquareEnix 2013-08-26 15:16:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2013-08-26 15:03:50 ----D---- C:\Windows\winsxs 2013-08-26 15:01:30 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-26 15:01:30 ----D---- C:\Windows\SysWOW64 2013-08-26 15:01:29 ----D---- C:\Windows\system32\nl-NL 2013-08-26 15:01:29 ----D---- C:\Windows\System32 2013-08-26 15:01:29 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-26 15:01:28 ----D---- C:\Program Files\Internet Explorer 2013-08-26 01:16:38 ----D---- C:\Windows\inf 2013-08-26 01:16:38 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-26 01:13:37 ----A---- C:\Windows\system32\MRT.exe 2013-08-25 14:20:10 ----D---- C:\Program Files (x86)\Dragon's Prophet 2013-08-25 12:23:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-08-25 11:35:28 ----D---- C:\Windows\system32\DriverStore 2013-08-25 11:35:19 ----D---- C:\Program Files (x86) 2013-08-01 21:07:10 ----D---- C:\Program Files (x86)\Steam 2013-07-29 23:05:42 ----D---- C:\Program Files (x86)\World of Warcraft 2013-07-29 17:21:06 ----RSD---- C:\Windows\Fonts ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-23 564824] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-25 283064] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 a7iygilm;a7iygilm; C:\Windows\system32\drivers\a7iygilm.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys [] S3 FXDrv32;FXDrv32; \??\E:\FXDrv64.sys [] S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-10-05 325656] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-08 136176] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-25 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-08 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032] S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-27 563624] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------