Ga naar inhoud

Notroch

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    33

  • Registratiedatum

  • Laatst bezocht

Notroch's prestaties

Verkenner

Verkenner (4/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Notroch
    Done! Bedankt voor de hulp!
  2. Notroch
    Dat maakt idd al groot verschil uit!
  3. Notroch
    Zoek.exe v5.0.0.0 Updated 23-March-2015 Tool run by Yasser on wo 25/03/2015 at 9:36:24,06. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Yasser\Desktop\zoek.exe Script used: C:\Users\Yasser\Desktop\zoekscript.txt ==== Older Logs ====================== C:\zoek-results2014-04-10-112126.log 24645 bytes C:\zoek-results2014-11-05-194629.log 30172 bytes C:\zoek-results2014-11-23-184236.log 14297 bytes C:\zoek-results2015-03-19-125248.log 85218 bytes C:\zoek-results2015-03-22-164721.log 1005428 bytes ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\AdAware10\Installer] [-HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\AdAware10] [-HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] "C:\\Program Files\\Common Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus Updater\\11.4.6792.0\\AdAwareWebInstaller.exe"=- ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Lavasoft deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_01be4826 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_01e21f90 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_01e4a997 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_02123d4d deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_02f07889 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_02f0a006 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_033e452a deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0408ffb2 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0418bdc2 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_042e7c02 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0438b06a deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_044894a0 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_045e62f6 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_04fe4440 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_058493c6 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_059288dd deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_06a635a0 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_06c653ca deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_076a4558 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_07d25917 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_07da338d deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0842514a deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_08b25041 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_09123976 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0912c30f deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_093e6d43 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0972449d deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_09863c34 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0a3ea820 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0b829980 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0c6eb376 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0d400b36 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0dd288ed deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0df64c6a deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0e7e3b98 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0eb78870 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_0eee6a85 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_100ac88b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_10931ea6 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_10ce36b8 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11726621 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1176a958 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11924162 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11a27435 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11be95e8 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11c6704f deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11ee75ea deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_11fe54f2 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_120a98e4 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_120e7609 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1216475b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_121e4587 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1222a331 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_122a89d7 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12364a19 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_123e30b0 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_123e40c6 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_124237b2 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12423b2b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12462338 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_124a39a5 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_124a4365 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_125a5bb6 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_125e3468 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_126229fc deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12623c44 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12623d6c deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12667de5 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1272843c deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12765994 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_128a8767 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_128e7a5d deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_129a4317 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12a63d0f deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12b25b87 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12ce5437 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12d23439 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_12ee6528 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_13239108 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1326a4a7 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1326a830 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1382af13 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_13c72403 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_149eb78b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1542d2c8 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_165a6141 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_16c69fb7 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_17c29397 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_185b5ccf deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_18db8564 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_18e2b79b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_18f2a801 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_19026fe1 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_191a7992 deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_194b53aa deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1aa6909b deleted C:\Documents and Settings\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_LavasoftAdAwareS_61ae81185c8886253fb54486533ce77a6f5558_1adc3f8e deleted C:\Documents and Settings\Yasser\AppData\Roaming\LavasoftStatistics deleted C:\Program Files\Common Files\Lavasoft deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=500 folders=252 444462507 bytes) ==== EOF on wo 25/03/2015 at 9:38:01,44 ====================== tis vreemd, heb laptop laatste dagen zo goed als niet gebruikt, maar de pop-ups zijn plots weer stukje erger geworden.
  4. Notroch
    bericht was te lang. heb deze in bijlage gestoken! zoek-results.txt
  5. Notroch
    # AdwCleaner v4.112 - Logbestand aangemaakt 21/03/2015 op 15:17:12 # Laatste update 09/03/2015 door Xplode # Database : 2015-03-15.1 [server] # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64) # Gebruikersnaam : Yasser - YASSER-HP # Gestart vanuit : C:\Users\Yasser\Desktop\adwcleaner_4.112.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Geplande taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\adawarebp Sleutel Verwijderd : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Sleutel Verwijderd : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Webbrowsers ] ***** -\\ Internet Explorer v11.0.9600.17689 -\\ Mozilla Firefox v36.0.1 (x86 nl) -\\ Google Chrome v41.0.2272.101 ************************* AdwCleaner[R0].txt - [1791 bytes] - [12/04/2014 13:58:05] AdwCleaner[R1].txt - [9706 bytes] - [06/11/2014 18:14:19] AdwCleaner[R2].txt - [6728 bytes] - [06/11/2014 18:27:05] AdwCleaner[R3].txt - [1401 bytes] - [11/12/2014 19:42:43] AdwCleaner[R4].txt - [1711 bytes] - [21/03/2015 11:42:53] AdwCleaner[s0].txt - [1635 bytes] - [12/04/2014 13:59:01] AdwCleaner[s1].txt - [4733 bytes] - [11/11/2014 13:14:40] AdwCleaner[s2].txt - [1725 bytes] - [28/11/2014 21:00:40] AdwCleaner[s3].txt - [1473 bytes] - [11/12/2014 19:45:55] AdwCleaner[s4].txt - [1649 bytes] - [21/03/2015 15:17:12] ########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1708 bytes] ##########
  6. Notroch
    in 2 keer gepost, hij gaf foutmelding dat post te lang was. Van Ad-Aware stonden er 2 versies geïnstalleerd. Eén ervan heb ik kunnen verwijderen. De andere versie wil niet.
  7. Notroch
    ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2615218092-1894063395-1112891428-1001\Software\Microsoft\Windows\CurrentVersion\Run] "LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" "Google Update"="C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" "Google Update"="C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdAwareTray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.4.6792.0\\AdAwareTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Yasser\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Yasser\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Users\\Yasser\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SetDefault] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SetDefault" "hkey"="HKLM" "command"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Yasser\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Yasser\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" ==== Startup Folders ====================== 2014-07-24 08:55:58 270336 ----a-w- C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe 2014-11-09 20:20:20 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2014-11-09 20:20:20 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2014-11-09 20:20:19 1999 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job --a------ C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2014 18:36] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job --a------ C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2014 18:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2014 21:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2014 21:55] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52] C:\Windows\tasks\HPCeeScheduleForYasser.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 04:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Yasser-HP-Yasser" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core" [C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA" [C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForYasser" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{58F01F79-5EB5-4F40-8B15-76F83F9FE17E}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F7BE2FF6-EA48-4207-8E52-5C2588BAADA7}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Software\SwitchSevenDays" [C:\Program Files (x86)\NCH Software\Switch\Switch.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default user_pref("browser.startup.homepage", "http://www.google.be/"); user_pref("keyword.URL", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default - Afmelden voor advertentiecookie - %ProfilePath%\extensions\optout@google.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default 2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16 F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Yasser\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 98137411B9C632095F919E2CE70B288A - C:\Users\Yasser\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Yasser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Yasser\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions debkinhcgejcbfgjiaalomcmkedjmiaa - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx[25/08/2011 04:41] Google Docs - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Cast - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Videostream for Google Chromecastâ„¢ - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Google Search - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Website Logon - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa LocalChromecast Player - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp Google Wallet - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {07F202EA-A471-44A9-AC55-B3C726D27203} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: hpqtra08.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Yasser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Yasser\AppData\Local\Mozilla\Firefox\Profiles\1sxd1l5p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Yasser\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=250 folders=35 404380965 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Yasser\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Yasser\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Yasser\AppData\Roaming\Dropbox" not found ==== EOF on do 19/03/2015 at 13:52:48,17 ======================
  8. Notroch
    @ Asus: moet dit volledig uit oog verloren zijn. Excuses! Zoek.exe v5.0.0.0 Updated 18-March-2015 Tool run by Yasser on do 19/03/2015 at 13:19:38,07. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Yasser\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-04-10-112126.log 24645 bytes C:\zoek-results2014-11-05-194629.log 30172 bytes C:\zoek-results2014-11-23-184236.log 14297 bytes ==== Empty Folders Check ====================== C:\Users\Yasser\AppData\Roaming\Publish Providers deleted successfully C:\Users\Yasser\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Yasser\AppData\Local\CrashDumps deleted successfully C:\Users\Yasser\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2615218092-1894063395-1112891428-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 3100_3200_3300_Help 3100_3200_3300trb 3300 64 Bit HP CIO Components Installer Ad-Aware Antivirus Adobe AIR Adobe Community Help Adobe Flash Player 16 ActiveX Adobe Flash Player 17 NPAPI Adobe Media Player Adobe Photoshop Lightroom 4.4 64-bit Adobe Photoshop Lightroom 5.2 64-bit Adobe Reader X (10.1.0) MUI Adobe Shockwave Player 11.6 Advanced Photo Recovery AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Steady Video Plug-In AMD System Monitor AMD VISION Engine Control Center Antares Autotune VST RTAS TDM v5.08 Antares Avox 1.06 Antares Filter VST DX v1.01 Antares Harmony Engine VST RTAS v1.0 Antares Microphone Modeler DX v1.32 Antares Tube VST v1.02 Apple Application Support Apple Software Update AuthenTec TrueAPI Bejeweled 3 Broadcom 802.11 Wireless LAN Adapter Broadcom Bluetooth Software Broadcom InConcert Maestro BufferChm Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner ChromecastApp Chuzzle Deluxe Compatibility Pack for the 2007 Office system Copy Cradle of Rome 2 D3DX10 DAEMON Tools Lite DebugMode PluginPac (remove only) Destinations DeviceDiscovery DocProc Dropbox Edirol HQ Orchestral v1.01 ESU for Microsoft Windows 7 SP1 Evernote v. 4.2.3 EZdrummer EZXDfh Facebook Video Calling 3.1.0.521 Farm Frenzy Farmscapes FATE Fax FileZilla Client 3.5.3 Final Drive Fury Finale 2014 Fishdom 2 Fotogalerie Free Media Converter Galerie de photos Windows Live Genie Timeline Google Chrome Google Update Helper Google+ Auto Backup GPBaseService2 Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Auto HP Client Services HP CoolSense HP Customer Experience Enhancements HP Customer Participation Program 13.0 HP Documentation HP DVB-T TV Tuner 8.0.64.43 HP Games HP Imaging Device Functions 13.0 HP Launch Box HP On Screen Display HP Photosmart Essential 3.5 HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B HP Power Manager HP Quick Launch HP QuickWeb HP Recovery Manager HP Security Assistant HP Setup HP Setup Manager HP SimplePass 2012 HP Smart Web Printing 4.51 HP Software Framework HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply IDT Audio Insaniquarium Deluxe Java 8 Update 40 Java Auto Updater Jewel Match 3 Jewel Quest II Jewel Quest Solitaire 2 Junk Mail filter update K-Lite Codec Pack 10.6.5 Basic LaCie Desktop Manager 1.5.5 Line 6 Uninstaller Live 8.0.4 M-Audio USB MIDI Series Driver 5.0.1 (x64) Mahjongg Artifacts Malwarebytes Anti-Malware versie 2.0.3.1025 MarketResearch Mass Effect Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft Office XP Professional with FrontPage Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 More Games from HP Games Movie Maker Mozilla Firefox 36.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Mystery of Mortlake Mansion Native Instruments Audio 2 DJ Driver Native Instruments Controller Editor Native Instruments Guitar Rig 5 Native Instruments Guitar Rig Mobile I/O Native Instruments Guitar Rig Session I/O Native Instruments Rig Kontrol 3 Native Instruments Service Center Nero 7 Ultra Edition neroxml Network64 OCR Software by I.R.I.S. 13.0 opensource Panda Devices Agent Panda Free Antivirus PDF Settings CS5 Photo Common Photo Gallery Plants vs. Zombies - Game of the Year Polar Bowler QuickTime 7 Ranch Rush 2 - Premium Edition Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recuva Resolume Avenue 4.1.1 Samsung Kies SAMSUNG USB Driver for Mobile Phones Shop for HP Supplies SkypeT 6.21 SmartWebPrinting SolutionCenter Sonnox Oxford Inflator Native VST v1.5.1 Sonnox Oxford Limiter Native VST v1.1.1 Sonnox Oxford R3 Dynamics Native VST v1.3.1 Sonnox Oxford R3 EQ Native VST v1.6.1 Sonnox Oxford Reverb Native VST v1.0 Sonnox Oxford TransMod Native VST v1.3.1 Sonoris DDP Player Sonoris License Activator Status Subtitle Edit 3.3.9 Switch Sound File Converter swMSM Synaptics TouchPad Driver T-RackS 3 Deluxe Toolbox Torchlight TrayApp UnloadSupport Update Installer for WildTangent Games App Validity WBF DDK VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) Vegas Pro 12.0 (64-bit) Videostream Port Fix Virtual DJ - Atomix Productions Virtual Families Virtual Villagers 4 - The Tree of Life Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.3 Wave Arts Power Suite WavePad Sound Editor Waves GTR 3 Waves Mercury Bundle WebReg Wedding Dash WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (32-bit) Wuala Wuala CBFS Wuala OverlayIcons Zuma's Revenge ==== Running Processes ====================== C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Yasser\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\gimmishop deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\sho3896.tmp deleted "C:\Users\Yasser\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll" deleted "C:\Users\Yasser\AppData\Roaming\Dropbox" not deleted "C:\Users\Yasser\AppData\Roaming\Dropbox\bin" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 7658 MB CPU Info: AMD A8-3530MX APU with Radeon HD Graphics CPU Speed: 1946,2 MHz Sound Card: Luidsprekers en hoofdtelefoons | Communicatie-hoofdtelefoons (ID | Display Adapters: AMD Radeon HD 6620G | AMD Radeon HD 6620G | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Personal Area Network | Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi-adapter CD / DVD Drives: 2x (F: | G: | ) F: hp DVD-RAM UJ8B1 | G: DTSOFT BDROM Ports: COM18 | COM17 | COM16 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 670,0GB | D: 24,4GB | E: 4,0GB | Q: 0,0MB Hard Disks - Free: C: 174,0GB | D: 2,5GB | E: 990,4MB | Q: 0,0MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 12/06/05 | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 180D Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Panda Free Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Panda Free Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Panda Firewall disabled Default Browser: Firefox 36.0.1 Internet Explorer Version: 11.0.9600.17691 Mozilla Firefox version: 36.0.1 (x86 nl) Google Chrome version: 41.0.2272.89 Adobe Reader version: 10.1.0.534 Sun Java version: 1.8.0_40 (32-bit) Sun Java version: 1.8.0_40 (64-bit) Flash Player version: 17.0.0.134 Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Yasser\AppData\Local\Temp ==== 2015-03-19 12:15:33 2E8A5736739C6D23F5CBAE22973A1E3A 6553144 ----a-w- C:\Users\Yasser\AppData\Local\Temp\SpotifyUninstall.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-03-19 11:55:02 A685C8F01D011F40F5751277793816CA 789416 ----a-w- C:\Windows\SysWOW64\deployJava1.dll 2015-03-19 11:55:02 2EE9DCAE1D70ABF4D058688DE35F8221 867240 ----a-w- C:\Windows\SysWOW64\npDeployJava1.dll 2015-03-10 20:31:11 965D6A2B30A95A9F7EF13653988D3D9F 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-03-10 20:31:10 ABB358777FDF4AF51B2FE26137D2B8D4 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2015-03-10 20:31:10 55273844B66D77A2F1A2213C17A9EA4A 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-03-10 20:31:10 274F0540FD4C88FC845C94CA1569688A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2015-03-10 20:31:10 01D9C9A70323BC7E5835B92442DD7EC2 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2015-03-10 20:30:45 B378B6A865C28CE5C1E23C35760A1199 11411968 ----a-w- C:\Windows\SysWOW64\wmp.dll 2015-03-10 20:30:45 5B0C6247027FCF5A2E2F150E298D2FFA 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll 2015-03-10 20:30:42 74264B7F57A16D25CB581C07964D324A 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-03-10 20:30:41 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-10 20:30:40 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-10 20:30:37 96DB6A923DEDB58FC7CBBF5CFF73314D 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll 2015-03-10 20:30:36 DCC148408770F2D55B201F8FC26438A1 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll 2015-03-10 20:30:36 B7D2BB84C590F0AE9DA51DBB065A780E 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll 2015-03-10 20:30:36 98C1191C862B44567FCF3C18BAEE859E 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2015-03-10 20:30:36 003C51B9FE38287BA4E0E58D3AE080BD 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll 2015-03-10 20:30:35 D5EC42139D6A6158CF188975C50B6A60 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-03-10 20:30:35 C5667EE72D7364BE81516C0707FEF724 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2015-03-10 20:30:35 833FCABCB5D95B1911BA6E62FC82AC04 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-10 20:30:35 3BAA4BAE71460C5CEB40D5E9339A61BC 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2015-03-10 20:30:34 BB73C907D1BD437B6C30F2C23BB089FC 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-10 20:30:34 49474B3E37969AF4B5C076F42B623AFF 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-03-10 20:30:34 320A8699369C43CF53B2DB4538D17C52 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll 2015-03-10 20:30:34 2D4814D567E5A85C473228BA772A7AFB 489984 ----a-w- C:\Windows\SysWOW64\evr.dll 2015-03-10 20:30:33 70E96EBE87A38857619671FCB9C8EC7B 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll 2015-03-10 20:30:32 2D21189858856316D55EAD55DF4964C2 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2015-03-10 20:30:31 E0AB9CA912398BE1AAD14FF7AD75C397 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2015-03-10 20:30:31 B54FD1991E659FD61EF1D34EC27AAECD 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll 2015-03-10 20:30:31 AF47EAA4ADDA9AA221FB7647EE22BF53 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2015-03-10 20:30:31 A56F4029FDCF4F817E78953CDA953E28 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-10 20:30:31 A4A2EFB40015B76467F09E6DC388BC26 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-03-10 20:30:31 50B8937A81360D16A5C772302BD32CFE 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2015-03-10 20:30:31 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2015-03-10 20:30:31 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2015-03-10 20:30:29 FCD5137A10C8943B34C9BE891C50159F 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-03-10 20:30:29 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2015-03-10 20:30:29 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2015-03-10 20:30:29 8B07DBA0D77346545C6359AC67DCB980 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2015-03-10 20:30:27 7C1CADCA0E674212412559B0EAD0919A 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2015-03-10 20:30:22 2F3CE58D8C276570EEB69C99CFBAFD58 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2015-03-10 20:29:33 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-10 20:29:27 340EECB781E6C06A6171B3068DA208AD 12875264 ----a-w- C:\Windows\SysWOW64\shell32.dll 2015-03-10 20:29:21 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\SysWOW64\ubpm.dll 2015-03-10 20:29:20 84B460BB65567ED42DD605FA044DB370 828928 ----a-w- C:\Windows\SysWOW64\msctf.dll 2015-03-10 20:28:56 D5063B86DC3F85B93D02AF68099F4C9A 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-03-10 20:28:56 C7D334A01C66BF07B92D04CD7A981B7F 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-03-10 20:28:56 B06A4105DD22E91A1D922D7310803140 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-03-10 20:28:56 7A71DA6D6F75AB73475128F787DD8EAD 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-03-10 20:28:56 69925A266D265DAD96C6FCBB861FA5CD 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-03-10 20:28:56 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-03-10 20:28:56 4E15E2D20AE755FDEACD96F359F732DB 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-03-10 20:28:55 ACD0CA819E279E1C17BE5C8A077EF448 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-03-10 20:28:55 84974782ED5D108DA2EFAF3C6534A760 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-03-10 20:28:55 7407DDA27838C393DE67A0BDCDD044D0 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-03-10 20:28:55 30F5B3E28636009A0B194057AAE4392A 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-03-10 20:28:55 04934912B1317F2F8816208067A32B96 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-03-10 20:28:55 0485899A035E02C53014C0545D912405 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-03-10 20:28:22 FDF0B4DC83627A859D18EE439B8E5A26 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-10 20:28:22 B8445B89D0EA5C2575C98EA7BD180C5C 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-03-10 20:28:21 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-10 20:28:21 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-03-10 20:28:20 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-03-10 20:28:20 8FDE1162C9DCF7B180AA702DD9EB6071 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-10 20:28:20 29EDBC5C381F1406A5262351E69BC87A 342696 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-03-10 20:28:19 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-03-10 20:28:19 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-03-10 20:28:19 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-03-10 20:28:18 08B30EB9751858C1C369E8775492D732 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-03-10 20:28:17 BD838E2129623E8311720AA86C5DFBBF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-03-10 20:28:17 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-03-10 20:28:17 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-03-10 20:28:16 F5F730ED126DCFBEBDB9BB629BD482C4 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-03-10 20:28:16 756B4F77945C61ADBE68150D7D2EC7A6 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-03-10 20:28:16 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-03-10 20:28:14 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-03-10 20:28:11 BA10D970EB39913357B224F4473D535B 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-03-10 20:28:10 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-03-10 20:28:10 AC35DA94A14679E8E515A44A8CF90804 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-03-10 20:28:06 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-03-10 20:28:06 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-03-10 20:28:06 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-03-10 20:28:06 02C0770DA3BE9231EFAF7185EE51020C 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-10 20:28:05 B0B83B31853E15C619FDB91B64F8349A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-03-10 20:27:26 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-10 20:31:11 F351B0E520502552734BE70AA5940784 41984 ----a-w- C:\Windows\Sysnative\lpk.dll 2015-03-10 20:31:11 1307814243F21EB129852D59B5AB37FB 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-03-10 20:31:10 DB0BD8B8D68D8211CA23FBE52DACE549 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2015-03-10 20:31:10 85D3E918658C2766780F7DEE5F8FBE57 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-03-10 20:31:10 39A108604F51821F6F4E2001E9A1CB60 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2015-03-10 20:30:45 FDA5F186596288F0B9ECE9DC7A5AA868 5554104 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-03-10 20:30:43 3FECBED0EACABD22E024EF4E50CF987B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-03-10 20:30:40 6AEEC5677AD522786CED371A7BEE620C 616360 ----a-w- C:\Windows\Sysnative\winresume.efi 2015-03-10 20:30:39 29143C7827F9F2AC543E792A8C63FBB0 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2015-03-10 20:30:38 BD311BB00DD0D656C091AC8888C2369D 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll 2015-03-10 20:30:37 DF6104DCED89E13A78BA5539CEF5100A 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll 2015-03-10 20:30:37 8DFDB70E3E56C2F1AE09CB3C03E266E5 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll 2015-03-10 20:30:36 F88B4A9EA1A956F09D5001D08B546228 641024 ----a-w- C:\Windows\Sysnative\msscp.dll 2015-03-10 20:30:36 B7E752FFD95DC61FCB7A6E70E37175E5 693176 ----a-w- C:\Windows\Sysnative\winload.efi 2015-03-10 20:30:36 7F4D59E70DD6E757E96B40570B498D5C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll 2015-03-10 20:30:36 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\Sysnative\winload.exe 2015-03-10 20:30:36 410F6B1BE785F3630B4782F8E3D85A24 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll 2015-03-10 20:30:36 1BE9877B199184D7657BC4CFCB7B4A99 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2015-03-10 20:30:35 DB2D62AA2DF6B1F3D690A9EC9701AA2C 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll 2015-03-10 20:30:35 B2F02AB28864B6D5B5B9BEDA565D41BB 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll 2015-03-10 20:30:35 A53A63831185FF5339E76221BE45E6B9 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll 2015-03-10 20:30:35 93C7D1C3941086162B433107D9E8BCE3 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-03-10 20:30:35 7BC64DEEFD0E6812E21DE89F0CF50A49 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2015-03-10 20:30:35 6968D02DC38757C3FBE7ED7C2F9670AA 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2015-03-10 20:30:35 577D0B947B49DB83E2054FA169B2ECBF 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-03-10 20:30:35 483221CC1AAC288368292899E32B6B9B 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-03-10 20:30:35 0BC72EA80234382701EAFC1BE0ECD7E4 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll 2015-03-10 20:30:34 C0AE7ABD87254B2789C8CB34AF274A65 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2015-03-10 20:30:34 AE66D26930CA536706078537CB5AC840 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll 2015-03-10 20:30:34 6E974F1C384615DEB0710E44F4847351 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe 2015-03-10 20:30:34 5FFEE6CA63E27CBA1F32002743E58F3C 631808 ----a-w- C:\Windows\Sysnative\evr.dll 2015-03-10 20:30:34 3029D8E78E4BF18A0551E22CD4CB892C 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll 2015-03-10 20:30:34 1CD76A83B9E8E9A5A3519B39E28354D9 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-03-10 20:30:33 27793FE3FF2D0123896D1A01A2D222C7 37376 ----a-w- C:\Windows\Sysnative\pcadm.dll 2015-03-10 20:30:32 CBE684883A45E5B047DA6B4AC46C2112 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2015-03-10 20:30:32 3A7BC2DC99D3C5B172465E890B3C3B14 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2015-03-10 20:30:31 ED6BF1E1C4F40F600DFEC0CB101A1789 9728 ----a-w- C:\Windows\Sysnative\pcalua.exe 2015-03-10 20:30:31 EA285B947EE48103697CDA53D76C9EEC 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2015-03-10 20:30:31 C4937B9D6EF4D309A60054D4D00EE9DB 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2015-03-10 20:30:31 BE7DA70C9F4A97CCA9ED78B70BCFC9AC 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-03-10 20:30:31 A84C94CF795E08BBB99E4E145F9E81A3 11264 ----a-w- C:\Windows\Sysnative\pcawrk.exe 2015-03-10 20:30:31 94BC902494AFC9F5EBC5FBB61445D73F 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll 2015-03-10 20:30:31 947938F265D7CB99653CDFF2B3C0468D 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2015-03-10 20:30:31 84DB8EB3C184BB549ED90A842020F278 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll 2015-03-10 20:30:31 72D4757510FDA69D729169C00AFC211E 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2015-03-10 20:30:31 63D3C30B497347495B8EA78A38188969 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-03-10 20:30:31 589852B65C91F574E980ABDB8205080A 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2015-03-10 20:30:31 56FD1BC602EE0E7949F92EE2EE327B72 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2015-03-10 20:30:31 29088A5723C81BF75AD909AAB6A91610 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-03-10 20:30:31 0F79883E27BB1AFE2D9BB4656A1CEFCD 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll 2015-03-10 20:30:31 00EE5D3E16D42F25F7813ACFA10EC803 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2015-03-10 20:30:30 F43B09E257121ADC501ABE9367FAA850 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll 2015-03-10 20:30:29 FE03B35A22C3D2714B494FC2AB32AC5B 8704 ----a-w- C:\Windows\Sysnative\pcaevts.dll 2015-03-10 20:30:29 DBCD54B841F2B216B2F0F86E18205C22 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-03-10 20:30:29 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2015-03-10 20:30:29 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2015-03-10 20:30:27 77D49942BD5DC97723ABC8A6D2757B6E 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2015-03-10 20:30:22 8364A0F7633414DC5C50A37295B1FAFF 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2015-03-10 20:29:33 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-03-10 20:29:27 01F9FEB7F0C84EA1AC6A9B4D7C6B0435 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll 2015-03-10 20:29:21 1FB81632476857E8451DDA8A456EF3CE 215552 ----a-w- C:\Windows\Sysnative\ubpm.dll 2015-03-10 20:29:20 E88A78273D429554B6B2D2BDA945ED9B 1067520 ----a-w- C:\Windows\Sysnative\msctf.dll 2015-03-10 20:28:57 3807605BDA83C0DA729A5219CEBB9041 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-03-10 20:28:56 FB95F6E11AAD62F24C2DB01E6E9D7BE7 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-03-10 20:28:56 E1404987DCD392AF9D67F6A26CE21175 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-03-10 20:28:56 DB2904A4CEBC39DF8892A613BEC71512 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-03-10 20:28:56 B6C7729936AAF8E0697F0A7DCA82CED8 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-03-10 20:28:56 9B644AC070576AAE701910874C241DBD 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-03-10 20:28:56 92F920EE9EAF7306B4AB8124D474AB52 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-03-10 20:28:56 7BC39275661EA7DEE54135AA26DF733E 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-03-10 20:28:56 6536829F6EA1149527728A210F493B79 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-03-10 20:28:56 54CD467B3A6DA02E9449DB7FB1830612 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-03-10 20:28:56 28CC69865D5DC458EDDCEA35F01D71DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-03-10 20:28:56 1DB278E5834B08F9A184F953F2D31FF7 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-03-10 20:28:55 65CF54B1D8CB1B085B6D8BC210E2C45F 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-03-10 20:28:55 543553AD3E30CB261C8B436DF644F23E 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-03-10 20:28:55 473BCBFFC55C9FE33D502035322E759D 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-03-10 20:28:55 378B175D0F0A1C38026F280BF6C8D0C6 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-03-10 20:28:38 A0DEE06D68F210CA090FD4D9A33CDC12 3204096 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-03-10 20:28:22 2CA6A98547E799812489E5ADF2774D97 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-03-10 20:28:22 289581F0FDA6B93A0FAFE979486AD6FA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-03-10 20:28:21 08892A4ED848386E6B901723C1EF611B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-03-10 20:28:20 D2BF72C0A9E26BE91C1DEEACF7C430E0 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-03-10 20:28:20 7FA2B43D940DF41E46B8049B59AB6639 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-03-10 20:28:19 D3EA5B5E606EF17804B5BF565BEAD937 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-03-10 20:28:17 585B29EFB4954902FD53C4F8F9A0D39F 389800 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-03-10 20:28:16 F5E5E96E188934BAB22C0916C91F46B3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-03-10 20:28:16 501A38B72FA264605123B4FACF53F057 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-03-10 20:28:11 132862B0FC4A1B7CB45C274DE169DBB2 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-03-10 20:28:10 80B3AD73027A2CCD42C47EBF5C89124F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-03-10 20:28:10 5443F21A33DB376734DBE47F7635542C 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-03-10 20:28:09 D0767EA3A59FA70C7ACF59EE0C8CD42A 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-03-10 20:28:08 9E9B757A677927110393A505822D9174 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-03-10 20:28:08 22C4867C690C38B18B2C1A0B072CD0C4 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-03-10 20:28:07 62269DEFF17AB006217330A24EA8577B 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-03-10 20:28:06 A1264D16AF506125C974775C833A063C 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-03-10 20:28:06 1EC0BF321D3B14D02B9A8BAC134570F4 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-03-10 20:27:57 FB8C4EE9889790466A0174923410649E 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-03-10 20:27:57 76B53D2150284E138B46410EA54967FA 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-03-10 20:27:57 2335F6BF8A127E31EB0E2D9A82F188A0 14398976 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-03-10 20:27:56 D373113A84C12BA7F07CE1E9CAF4747F 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-03-10 20:27:56 4870B24EA7D4EEF5E1C4675AC47796B8 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-03-10 20:27:55 A9190899A35431CF8ABBEF5E1BB0C8F9 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-03-10 20:27:55 687E11F36832BFF65EF0CD2FA3DB1966 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-03-10 20:27:55 40DF85D8B2B0171EF5F23AA1B5CD9A62 6035456 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-03-10 20:27:55 36F99BD8A0F09BDBB7850A138845A014 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-03-10 20:27:54 667229C8F194D619D12F05943D7F61F0 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-03-10 20:27:54 1C393E42928BF55B3796E732B678CD5B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-03-10 20:27:53 1193400D8E29A5A010135FB09A4EB1E8 25021440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-03-10 20:27:26 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll ====== C:\Windows\Sysnative\drivers ===== 2015-03-13 21:26:58 F29E7E36F8A8A7BAC112327E842FF0B5 61712 ----a-w- C:\Windows\Sysnative\drivers\PSKMAD.sys 2015-03-10 20:30:39 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-03-10 20:30:31 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-03-10 20:30:30 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-03-10 20:28:56 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-03-10 20:28:56 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-03-10 20:28:56 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-25 19:03:25 8654C41241D78E82A7ED06CB93979578 107792 ----a-w- C:\Windows\Sysnative\drivers\PSINReg.sys 2015-02-25 19:03:24 DC0689626D73EDDBF2C5C9EE3FD5F43D 133904 ----a-w- C:\Windows\Sysnative\drivers\PSINProt.sys 2015-02-25 19:03:24 DB31C96C3A95E42366F9C4552F262A9C 197392 ----a-w- C:\Windows\Sysnative\drivers\PSINKNC.sys 2015-02-25 19:03:24 4A8D1170BB6ED097CAC6802CF6D8BB96 124176 ----a-w- C:\Windows\Sysnative\drivers\PSINProc.sys 2015-02-25 19:03:23 7D2D3E766EEB6F234931D46B99BDBF75 121616 ----a-w- C:\Windows\Sysnative\drivers\PSINFile.sys 2015-02-25 19:03:23 7634AD77547B9B3E6C772956CBCF15CF 163088 ----a-w- C:\Windows\Sysnative\drivers\PSINAflt.sys ====== C:\Windows\Tasks ====== 2015-03-19 12:15:09 F58F9E2151BE1C14D3E9C5B5FB780CA7 3104 ----a-w- C:\Windows\Sysnative\Tasks\{F5D719B3-39ED-448E-9BB1-029DCA22BA77} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-03-19 12:18:05 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2015-03-19 11:54:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-03-09 18:32:22 -------- d-----w- C:\PROGRA~2\Sonoris ======= C: ===== ====== C:\Users\Yasser\AppData\Roaming ====== 2015-03-18 07:53:27 -------- d-----w- C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten 2015-03-09 18:32:54 -------- d-----w- C:\Users\Yasser\AppData\Roaming\License_Activator 2015-03-09 18:32:28 -------- d-----w- C:\Users\Yasser\AppData\Roaming\DDP_Player 2015-03-09 18:32:23 -------- d-----w- C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sonoris ====== C:\Users\Yasser ====== 2015-03-19 12:17:12 993CD4272B70D53FA21FE6829EEF92F2 243416 ----a-w- C:\Users\Yasser\Downloads\Firefox Setup Stub 36.0.1.exe 2015-03-19 12:01:38 -------- d-----w- C:\ProgramData\Lavasoft 2015-03-19 11:57:20 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\Users\Yasser\Downloads\jxpiinstall(1).exe 2015-03-19 11:53:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-19 11:53:35 -------- d-----w- C:\ProgramData\Oracle 2015-03-19 11:52:09 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\Users\Yasser\Downloads\jxpiinstall.exe 2015-03-18 08:14:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Yasser\Downloads\RSITx64.exe 2015-03-13 21:25:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus 2015-03-13 21:24:24 467908252DBC23E1539A382C532675C3 59793408 ----a-w- C:\Users\Yasser\Downloads\FREEAV.exe 2015-03-13 21:21:51 C8A6B75E72DF96DEC9B71498849B7590 532480 ----a-w- C:\Users\Yasser\Downloads\cwshredder.exe 2015-03-12 19:14:01 1B9F05E1C6FD84C13F703DA569136418 2057008 ----a-w- C:\Users\Yasser\Downloads\Adaware_Installer(1).exe 2015-03-12 18:18:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2015-03-12 18:18:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs ====== C: exe-files == 2015-03-19 12:18:08 799AA84868568B45F6D16B51E9F69F51 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2015-03-19 12:18:05 81E8AF6407EC3F41908FE37F054353EA 148080 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2015-03-19 12:17:12 993CD4272B70D53FA21FE6829EEF92F2 243416 ----a-w- C:\Documents and Settings\Yasser\Downloads\Firefox Setup Stub 36.0.1.exe 2015-03-19 12:15:33 2E8A5736739C6D23F5CBAE22973A1E3A 6553144 ----a-w- C:\Documents and Settings\Yasser\AppData\Local\Temp\SpotifyUninstall.exe 2015-03-19 11:57:20 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\Documents and Settings\Yasser\Downloads\jxpiinstall(1).exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:49 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe 2015-03-19 11:53:42 F95C5163F6D8955BEF59A896C7F7112D 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe 2015-03-19 11:53:42 DFB1F31DD4A08FA5892886DC7117064A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe 2015-03-19 11:53:42 A29B7A1BAD1A1EB608ACF7684F1F1E37 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe 2015-03-19 11:53:42 7833052815087E5BF9346AC78FDCED68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe 2015-03-19 11:53:42 751E8649890CC42727D80F8D6DE1F1CB 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe 2015-03-19 11:53:42 689916BDF4F58C7F7AD25F8B3ABB783A 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe 2015-03-19 11:53:41 AF28DAA2B4EB3AD87203202264A2491C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe 2015-03-19 11:53:41 A07427A93E1133A7F0F4691CC54B9294 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe 2015-03-19 11:53:41 946FD6292EAE3FBB93CC3BB01BA8763D 76712 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe 2015-03-19 11:53:41 94017ABBDE345580542D8301793EFF7A 191400 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe 2015-03-19 11:53:41 79B6403F5BD398BB9880F00FAF7C69DA 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe 2015-03-19 11:53:41 7162180C98D1BE5D1315FC05B3C91E9D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe 2015-03-19 11:53:41 6031BACB59D93E5ECB4ACDE6E12565EA 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe 2015-03-19 11:53:41 3DB4CD42B36FD2C98E9B51E3CBC1670E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe 2015-03-19 11:53:41 32700B34EE49959FAF64EC46D96B3630 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe 2015-03-19 11:53:41 30E9397C2F0C8FF128219D6A25E172BB 190888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe 2015-03-19 11:53:41 2794D464D89260B0316C16A9FE24C660 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe 2015-03-19 11:53:41 1FA2D0F07730F502A857BFC63DA6C193 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe 2015-03-19 11:53:41 0A9C7408BADBA5D2C841817C22ACBF07 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe 2015-03-19 11:53:41 08363434BEC1B0AE6420C77820BC12E9 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe 2015-03-19 11:53:41 042B789E469D238D5FA9DEC4241CE3FD 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe 2015-03-19 11:52:09 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\Documents and Settings\Yasser\Downloads\jxpiinstall.exe 2015-03-18 08:14:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Documents and Settings\Yasser\Downloads\RSITx64.exe 2015-03-13 21:24:24 467908252DBC23E1539A382C532675C3 59793408 ----a-w- C:\Documents and Settings\Yasser\Downloads\FREEAV.exe 2015-03-13 21:21:51 C8A6B75E72DF96DEC9B71498849B7590 532480 ----a-w- C:\Documents and Settings\Yasser\Downloads\cwshredder.exe 2015-03-12 21:10:30 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B9C0E166-9EED-448A-88F5-616BD65F77DF}\41.0.2272.89_40.0.2214.115_chrome_updater.exe 2015-03-12 21:10:30 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe 2015-03-12 19:14:01 1B9F05E1C6FD84C13F703DA569136418 2057008 ----a-w- C:\Documents and Settings\Yasser\Downloads\Adaware_Installer(1).exe 2015-03-12 18:18:00 F5E7368C1E11579CEF3244370AF7D670 671808 ----a-w- C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.76.exe 2015-03-12 18:17:58 6336F7C1EA8A1FD24521B11429B9ECDA 1596480 ----a-w- C:\Program Files (x86)\NCH Software\Switch\switch.exe 2015-03-12 18:17:58 403DA8628C89287DE1EEE4BF5CD2C582 122880 ----a-w- C:\Program Files (x86)\NCH Software\Switch\mp3el.exe 2015-03-12 17:18:21 F5E7368C1E11579CEF3244370AF7D670 671808 ----a-w- C:\Documents and Settings\Yasser\Downloads\Programma's\switchsetup(4).exe === C: other files == 2015-03-19 11:53:42 9DCBFF045A2A43212A4763C3461A50B9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
  9. Notroch
    Hallo, Laptop doet laatste vreemd. Vooral problemen met muis, indien ik één maal klik doet hij 2 maal open, of wil tekst niet selecteren etc. Denk niet dat het hardware-matig is. Soms ook pop-ups. Alvast bedankt voor de hulp! Mvg, Peter Logfile of random's system information tool 1.10 (written by random/random) Run by Yasser at 2015-03-18 09:14:19 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 178 GB (26%) free of 686 GB Total RAM: 7658 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:14:22, on 18/03/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files\trend micro\Yasser.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: hpqtra08.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18240 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" C:\Windows\system32\Hpservice.exe atieclxx "C:\Windows\system32\Dwm.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e81d8a4a-8c97-4524-8932-89e7f94e83b4 -SystemEventPortName:HostProcess-6362f030-d613-4c10-baa1-cc5c673c3805 -IoCancelEventPortName:HostProcess-51701b4c-c189-4574-8489-71b860f9b58f -NonStateChangingEventPortName:HostProcess-e1254ba9-1235-40e2-afa1-df3204d8eb3f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:be8a82c4-83d8-4d5f-90a2-a819b9944d7e -DeviceGroupId: C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 2586752 \??\C:\Windows\system32\conhost.exe "-1878981411-77439889318673016581467256439860910191887281232-647005612-901630091 "taskhost.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe" -PermissionManagerRun "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe" "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" "C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe" "C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe" C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3640 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe" "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray "C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe" -e5 "C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook "C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k HPService "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3300 series#1381079781" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe" "C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe" -Embedding "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8252.22bda8a0.1011274203 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 8252 "\\.\pipe\gecko-crash-server-pipe.8252" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash9132.60690BB8.25427 --host-broker-channel=Flash9132.60690BB8.29511 --host-pid=9132 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=4176.0044F724.1658560481 --proxy-stub-channel=Flash9132.60690BB8.25427 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=28 --type=renderer "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /SHOWPROCMON "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\Yasser\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForYasser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForYasser (null) =========Mozilla firefox========= ProfilePath - C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.google.be/" prefs.js - "keyword.URL" - "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.305 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.305 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ websitelogon@truesuite.com ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}] Virtual Storage Mount Notification - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07 81024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26 1763656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}] Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll [2011-12-02 158224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07 69760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-17 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26 1613640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-17 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-29 1425408] ""= [] "AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LaCie Desktop Manager Startup"=C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe [2012-10-10 3460608] "AdobeBridge"= [] "Spotify Web Helper"=C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-26 1514040] "Google Update"=C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-11 138096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup] C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2015-02-13 3754312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-09-30 43320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] C:\Users\Yasser\AppData\Roaming\Spotify\Spotify.exe [2014-11-26 6553144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-26 1514040] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-28 343168] "HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-10-08 169528] "HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960] "HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888] "PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave8"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave9"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "wave4"=wdmaud.drv "aux5"=wdmaud.drv "wave5"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv "wave6"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux3"=wdmaud.drv "aux6"=wdmaud.drv "wave7"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux4"=wdmaud.drv "aux7"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-03-14 01:54:32 ----A---- C:\Windows\SYSWOW64\sho3896.tmp 2015-03-13 22:26:58 ----A---- C:\Windows\system32\drivers\PSKMAD.sys 2015-03-13 22:26:22 ----D---- C:\Users\Yasser\AppData\Roaming\Panda Security 2015-03-13 22:25:44 ----D---- C:\Program Files (x86)\Panda Security 2015-03-13 22:25:12 ----D---- C:\ProgramData\Panda Security 2015-03-10 21:31:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2015-03-10 21:31:11 ----A---- C:\Windows\system32\lpk.dll 2015-03-10 21:31:11 ----A---- C:\Windows\system32\atmfd.dll 2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\lpk.dll 2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2015-03-10 21:31:10 ----A---- C:\Windows\system32\fontsub.dll 2015-03-10 21:31:10 ----A---- C:\Windows\system32\dciman32.dll 2015-03-10 21:31:10 ----A---- C:\Windows\system32\atmlib.dll 2015-03-10 21:30:45 ----A---- C:\Windows\SYSWOW64\wmp.dll 2015-03-10 21:30:45 ----A---- C:\Windows\SYSWOW64\mf.dll 2015-03-10 21:30:45 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-03-10 21:30:43 ----A---- C:\Windows\system32\crypt32.dll 2015-03-10 21:30:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-03-10 21:30:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-03-10 21:30:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-03-10 21:30:39 ----A---- C:\Windows\system32\mf.dll 2015-03-10 21:30:39 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2015-03-10 21:30:38 ----A---- C:\Windows\system32\wmp.dll 2015-03-10 21:30:37 ----A---- C:\Windows\SYSWOW64\quartz.dll 2015-03-10 21:30:37 ----A---- C:\Windows\system32\quartz.dll 2015-03-10 21:30:37 ----A---- C:\Windows\system32\drmv2clt.dll 2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\cryptui.dll 2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2015-03-10 21:30:36 ----A---- C:\Windows\system32\wmdrmsdk.dll 2015-03-10 21:30:36 ----A---- C:\Windows\system32\winload.exe 2015-03-10 21:30:36 ----A---- C:\Windows\system32\msscp.dll 2015-03-10 21:30:36 ----A---- C:\Windows\system32\cryptui.dll 2015-03-10 21:30:36 ----A---- C:\Windows\system32\cryptnet.dll 2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\wintrust.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\srcore.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\rstrui.exe 2015-03-10 21:30:35 ----A---- C:\Windows\system32\pcasvc.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\mfplat.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\drmmgrtn.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\blackbox.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\audiosrv.dll 2015-03-10 21:30:35 ----A---- C:\Windows\system32\AUDIOKSE.dll 2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\msscp.dll 2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\evr.dll 2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\qdvd.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\msnetobj.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\evr.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\cryptsvc.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\AudioSes.dll 2015-03-10 21:30:34 ----A---- C:\Windows\system32\audiodg.exe 2015-03-10 21:30:33 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2015-03-10 21:30:33 ----A---- C:\Windows\system32\pcadm.dll 2015-03-10 21:30:32 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2015-03-10 21:30:32 ----A---- C:\Windows\system32\rrinstaller.exe 2015-03-10 21:30:32 ----A---- C:\Windows\system32\AudioEng.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\mfps.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\cryptsp.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\srclient.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\smss.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\setbcdlocale.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\pcawrk.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\pcalua.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\msmmsp.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\mfps.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\mfpmp.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\EncDump.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\drivers\PEAuth.sys 2015-03-10 21:30:31 ----A---- C:\Windows\system32\csrsrv.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\cryptsp.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidsvc.dll 2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidapi.dll 2015-03-10 21:30:30 ----A---- C:\Windows\system32\spwmp.dll 2015-03-10 21:30:30 ----A---- C:\Windows\system32\drivers\appid.sys 2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2015-03-10 21:30:29 ----A---- C:\Windows\system32\pcaevts.dll 2015-03-10 21:30:29 ----A---- C:\Windows\system32\dxmasf.dll 2015-03-10 21:30:29 ----A---- C:\Windows\system32\apisetschema.dll 2015-03-10 21:30:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2015-03-10 21:30:27 ----A---- C:\Windows\system32\wmploc.DLL 2015-03-10 21:30:22 ----A---- C:\Windows\SYSWOW64\mferror.dll 2015-03-10 21:30:22 ----A---- C:\Windows\system32\mferror.dll 2015-03-10 21:29:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-03-10 21:29:33 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-03-10 21:29:27 ----A---- C:\Windows\SYSWOW64\shell32.dll 2015-03-10 21:29:27 ----A---- C:\Windows\system32\shell32.dll 2015-03-10 21:29:21 ----A---- C:\Windows\SYSWOW64\ubpm.dll 2015-03-10 21:29:21 ----A---- C:\Windows\system32\ubpm.dll 2015-03-10 21:29:20 ----A---- C:\Windows\SYSWOW64\msctf.dll 2015-03-10 21:29:20 ----A---- C:\Windows\system32\msctf.dll 2015-03-10 21:28:57 ----A---- C:\Windows\system32\schannel.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-03-10 21:28:56 ----A---- C:\Windows\system32\wdigest.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\TSpkg.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\sspisrv.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\sspicli.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\ncrypt.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\msv1_0.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\lsass.exe 2015-03-10 21:28:56 ----A---- C:\Windows\system32\lsasrv.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\kerberos.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\cng.sys 2015-03-10 21:28:56 ----A---- C:\Windows\system32\credssp.dll 2015-03-10 21:28:56 ----A---- C:\Windows\system32\auditpol.exe 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-03-10 21:28:55 ----A---- C:\Windows\system32\secur32.dll 2015-03-10 21:28:55 ----A---- C:\Windows\system32\msobjs.dll 2015-03-10 21:28:55 ----A---- C:\Windows\system32\msaudite.dll 2015-03-10 21:28:55 ----A---- C:\Windows\system32\adtschema.dll 2015-03-10 21:28:38 ----A---- C:\Windows\system32\win32k.sys 2015-03-10 21:28:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-03-10 21:28:22 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-03-10 21:28:22 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-03-10 21:28:22 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-03-10 21:28:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-03-10 21:28:21 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-03-10 21:28:20 ----A---- C:\Windows\system32\iernonce.dll 2015-03-10 21:28:20 ----A---- C:\Windows\system32\ie4uinit.exe 2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-03-10 21:28:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-10 21:28:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-03-10 21:28:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-03-10 21:28:17 ----A---- C:\Windows\system32\iedkcs32.dll 2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-03-10 21:28:16 ----A---- C:\Windows\system32\urlmon.dll 2015-03-10 21:28:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-03-10 21:28:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-03-10 21:28:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-03-10 21:28:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-10 21:28:10 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-03-10 21:28:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-03-10 21:28:10 ----A---- C:\Windows\system32\msfeeds.dll 2015-03-10 21:28:10 ----A---- C:\Windows\system32\dxtrans.dll 2015-03-10 21:28:09 ----A---- C:\Windows\system32\iesetup.dll 2015-03-10 21:28:08 ----A---- C:\Windows\system32\ieapfltr.dll 2015-03-10 21:28:07 ----A---- C:\Windows\system32\iertutil.dll 2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-03-10 21:28:06 ----A---- C:\Windows\system32\jsproxy.dll 2015-03-10 21:28:06 ----A---- C:\Windows\system32\ieUnatt.exe 2015-03-10 21:28:05 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-03-10 21:27:57 ----A---- C:\Windows\system32\ieui.dll 2015-03-10 21:27:57 ----A---- C:\Windows\system32\ieframe.dll 2015-03-10 21:27:57 ----A---- C:\Windows\system32\dxtmsft.dll 2015-03-10 21:27:56 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-03-10 21:27:56 ----A---- C:\Windows\system32\mshtmled.dll 2015-03-10 21:27:55 ----A---- C:\Windows\system32\wininet.dll 2015-03-10 21:27:55 ----A---- C:\Windows\system32\vbscript.dll 2015-03-10 21:27:55 ----A---- C:\Windows\system32\jscript9diag.dll 2015-03-10 21:27:55 ----A---- C:\Windows\system32\jscript9.dll 2015-03-10 21:27:54 ----A---- C:\Windows\system32\msrating.dll 2015-03-10 21:27:54 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-03-10 21:27:53 ----A---- C:\Windows\system32\mshtml.dll 2015-03-10 21:27:26 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2015-03-10 21:27:26 ----A---- C:\Windows\system32\WMPhoto.dll 2015-03-09 19:32:54 ----D---- C:\Users\Yasser\AppData\Roaming\License_Activator 2015-03-09 19:32:28 ----D---- C:\Users\Yasser\AppData\Roaming\DDP_Player 2015-03-09 19:32:22 ----D---- C:\Program Files (x86)\Sonoris 2015-03-06 14:42:17 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-03-03 20:46:46 ----A---- C:\Windows\SYSWOW64\wdi.dll 2015-03-03 20:46:46 ----A---- C:\Windows\system32\wdi.dll 2015-03-03 20:46:46 ----A---- C:\Windows\system32\powertracker.dll 2015-03-03 20:46:46 ----A---- C:\Windows\system32\perftrack.dll 2015-02-25 20:03:25 ----A---- C:\Windows\system32\drivers\PSINReg.sys 2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINProt.sys 2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINProc.sys 2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINKNC.sys 2015-02-25 20:03:23 ----A---- C:\Windows\system32\drivers\PSINFile.sys 2015-02-25 20:03:23 ----A---- C:\Windows\system32\drivers\PSINAflt.sys ======List of files/folders modified in the last 1 month====== 2015-03-18 09:14:22 ----D---- C:\Windows\Prefetch 2015-03-18 09:14:21 ----D---- C:\Program Files\trend micro 2015-03-17 20:54:57 ----D---- C:\Windows\Temp 2015-03-17 19:12:45 ----D---- C:\Windows\inf 2015-03-17 19:09:38 ----D---- C:\Windows\system32\config 2015-03-17 18:53:55 ----D---- C:\Windows\system32\drivers 2015-03-17 18:53:26 ----A---- C:\Windows\system32\deviceAppeared.txt 2015-03-17 18:53:14 ----D---- C:\Windows 2015-03-14 11:54:07 ----D---- C:\Windows\System32 2015-03-14 11:54:07 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-03-14 11:52:43 ----A---- C:\Windows\system32\devicelist.txt 2015-03-14 11:52:43 ----A---- C:\Windows\system32\devicealertlist.txt 2015-03-14 10:00:48 ----D---- C:\Users\Yasser\AppData\Roaming\Dropbox 2015-03-14 10:00:46 ----A---- C:\Windows\wininit.ini 2015-03-14 01:54:33 ----D---- C:\Windows\SysWOW64 2015-03-13 23:50:29 ----HD---- C:\ProgramData 2015-03-13 22:27:57 ----SHD---- C:\Windows\Installer 2015-03-13 22:27:56 ----HD---- C:\Config.Msi 2015-03-13 22:27:40 ----D---- C:\Windows\system32\DriverStore 2015-03-13 22:25:49 ----RSD---- C:\Windows\Fonts 2015-03-13 22:25:44 ----RD---- C:\Program Files (x86) 2015-03-12 20:14:35 ----SHD---- C:\System Volume Information 2015-03-12 19:17:58 ----D---- C:\Program Files (x86)\NCH Software 2015-03-12 19:17:56 ----D---- C:\Users\Yasser\AppData\Roaming\NCH Software 2015-03-11 22:55:26 ----D---- C:\Users\Yasser\AppData\Roaming\vlc 2015-03-11 13:13:38 ----D---- C:\Users\Yasser\AppData\Roaming\uTorrent 2015-03-11 13:13:33 ----D---- C:\Windows\debug 2015-03-11 09:54:06 ----D---- C:\Windows\rescache 2015-03-11 08:50:58 ----D---- C:\Windows\winsxs 2015-03-11 08:45:52 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-03-11 08:45:52 ----D---- C:\Program Files\Windows Media Player 2015-03-11 08:45:52 ----D---- C:\Program Files (x86)\Windows Media Player 2015-03-11 08:45:51 ----D---- C:\Windows\SYSWOW64\Dism 2015-03-11 08:45:48 ----D---- C:\Windows\system32\nl-NL 2015-03-11 08:45:48 ----D---- C:\Windows\system32\Dism 2015-03-11 08:45:41 ----D---- C:\Windows\system32\Boot 2015-03-11 08:45:27 ----D---- C:\Program Files\Internet Explorer 2015-03-11 08:45:24 ----D---- C:\Windows\SYSWOW64\en-US 2015-03-11 08:45:22 ----D---- C:\Windows\system32\en-US 2015-03-11 08:45:20 ----D---- C:\Program Files (x86)\Internet Explorer 2015-03-11 08:25:06 ----D---- C:\Windows\system32\MRT 2015-03-11 08:16:06 ----A---- C:\Windows\system32\MRT.exe 2015-03-10 21:26:42 ----D---- C:\Windows\system32\catroot2 2015-03-04 20:11:22 ----D---- C:\Windows\tracing 2015-02-26 21:59:49 ----D---- C:\Windows\Minidump 2015-02-24 03:17:24 ----N---- C:\Windows\system32\MpSigStub.exe 2015-02-23 18:50:54 ----D---- C:\Windows\Microsoft.NET 2015-02-21 13:05:28 ----D---- C:\Windows\Tasks 2015-02-21 13:05:28 ----D---- C:\Windows\system32\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064] R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-09-22 14456] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2014-07-10 93160] R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2014-07-10 102992] R1 cbfs3;cbfs3; \??\C:\Windows\system32\drivers\cbfs3.sys [2011-12-02 348560] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-22 283064] R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968] R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000] R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864] R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496] R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400] R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600] R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904] R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176] R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792] R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160] R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424] R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296] R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256] R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392] R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088] R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616] R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176] R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904] R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320] R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-07-16 96896] R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-29 10210304] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-29 317952] R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-07-16 214144] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216] R3 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2014-08-21 727592] R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2014-08-21 261056] R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2014-08-21 601360] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-09-21 133672] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-05-29 4747840] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-11 80384] R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2011-09-21 620584] R3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2011-09-21 167976] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-09-21 178728] R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-09-21 89640] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-21 39976] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-21 21544] R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [2015-01-22 155912] R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-31 338536] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-05-29 535552] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056] S3 4598AC4582F0E60C;4598AC4582F0E60C; \??\C:\Users\Yasser\AppData\Local\Temp\7DDBCE06F.sys [] S3 a2djavs;Audio 2 DJ WDM Audio; C:\Windows\System32\Drivers\a2djavs.sys [2012-12-18 359784] S3 a2djusb_svc;Audio 2 DJ; C:\Windows\System32\Drivers\a2djusb.sys [2012-12-18 98664] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [] S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280] S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-10-30 32512] S3 L6PODHD5SE;Service - Line 6 POD HD500X; C:\Windows\System32\Drivers\L6PODHD5SE64.sys [2013-07-11 772864] S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2013-07-11 772864] S3 L6TPortA;Service - Line 6 TonePort UX1; C:\Windows\System32\Drivers\L6TPortA64.sys [2013-07-11 772864] S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080] S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-01-22 452040] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-29 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-29 204288] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-09-20 1085216] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-08-26 260424] R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-09-16 662104] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056] R2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-10-10 1379840] R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760] R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584] R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024] R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-30 75136] R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-29 311808] R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-07-28 1511872] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288] S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] -----------------EOF-----------------
  10. Notroch
    # AdwCleaner v4.102 - Rapport aangemaakt 28/11/2014 op 21:00:40 # Laatste Update 23/11/2014 door Xplode # Database : 2014-11-27.1 [Live] # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Yasser - YASSER-HP # Gestart vanuit : C:\Users\Yasser\Desktop\adwcleaner_4.102.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\NCH Software Map Verwijderd : C:\Program Files (x86)\NCH Software Map Verwijderd : C:\Users\Yasser\AppData\Roaming\NCH Software ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKCU\Software\SupHpUISoft Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\adawarebp Sleutel Verwijderd : HKLM\SOFTWARE\SupTab Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsMangerProtect Sleutel Verwijderd : HKLM\SOFTWARE\supWPM Sleutel Verwijderd : HKLM\SOFTWARE\mystartsearchSoftware Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17420 -\\ Mozilla Firefox v33.1 (x86 nl) -\\ Google Chrome v39.0.2171.71 ************************* AdwCleaner[R0].txt - [1791 octets] - [12/04/2014 13:58:05] AdwCleaner[R1].txt - [9706 octets] - [06/11/2014 18:14:19] AdwCleaner[R2].txt - [6728 octets] - [06/11/2014 18:27:05] AdwCleaner[s0].txt - [1635 octets] - [12/04/2014 13:59:01] AdwCleaner[s1].txt - [4733 octets] - [11/11/2014 13:14:40] AdwCleaner[s2].txt - [1585 octets] - [28/11/2014 21:00:40] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1645 octets] ##########
  11. Notroch
    popcorn gebruik ik niet, dus gewist intussen. Torrent wel, zal idd wat voorzichtiger moeten zijn. Zoek.exe v5.0.0.0 Updated 23-11-2014 Tool run by Yasser on zo 23/11/2014 at 19:12:02,15. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Yasser\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-04-10-112126.log 24645 bytes C:\zoek-results2014-11-05-194629.log 30172 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\VideoCnv deleted successfully C:\Users\Yasser\AppData\Roaming\Publish Providers deleted successfully C:\Users\Administrator\AppData\Local\Comodo deleted successfully C:\Users\Administrator\AppData\Local\Google deleted successfully C:\Users\Gast\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Google deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully C:\Users\Yasser\AppData\Local\Comodo deleted successfully C:\Users\Yasser\AppData\Local\CrashDumps deleted successfully C:\Users\Yasser\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default user.js not found ---- Lines BrowseFox removed from prefs.js ---- user_pref("extensions.BrowseFox.aul", 1687764190); user_pref("extensions.BrowseFox.irl", true); user_pref("extensions.BrowseFox.is", "grbbfbe"); user_pref("extensions.BrowseFox.ug", "19F5BEE4-8A07-48CC-ADB3-36EEA93C50BF"); ---- Lines PacFunction removed from prefs.js ---- user_pref("extensions.PacFunction.asul", "1397111692664"); user_pref("extensions.PacFunction.aul", "1397111680765"); user_pref("extensions.PacFunction.irl", true); user_pref("extensions.PacFunction.is", "fmxqtbe"); user_pref("extensions.PacFunction.ug", "A95D8C99-EE52-4FC6-8C0F-DA483F61058E"); ---- Lines quick_start removed from prefs.js ---- user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines mysearch removed from prefs.js ---- user_pref("avg.wtu.ext.extHomepage", "https://mysearch.avg.com?pid=wtu&sg=&cid=%7B1b32e2e4-098e-4167-a6df-77ee9794d68b%7D&mid=1d8ba2e51a9d47d3b3f1ada0 ---- FireFox user.js and prefs.js backups ---- prefs_20142311_1929_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "daemontoolslite"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\WindowsMangerProtect deleted C:\ProgramData\IePluginServices deleted C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com deleted C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\2020Player_IKEA@2020Technologies.com deleted C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\wUM2@U1ElYj.edu deleted C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} deleted C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D} deleted C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} deleted C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325} deleted C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} deleted C:\ProgramData\Avg_Update_0414b deleted C:\Users\Yasser\AppData\Local\AVG Web TuneUp deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\PROGRA~2\AVG Web TuneUp deleted C:\Users\Yasser\AppData\Roaming\mcp.ico deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\Users\Yasser\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\shoB84B.tmp deleted "C:\Windows\Installer\c2b5ff.msi" deleted "C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}\Guitar Rig 5 Setup PC.exe" deleted "C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}\Guitar Rig 5 Setup PC.msi" deleted "C:\Program Files (x86)\SupTab\Loader32.exe" deleted "C:\Program Files (x86)\SupTab\Loader64.exe" deleted "C:\Program Files (x86)\SupTab\msvcp110.dll" deleted "C:\Program Files (x86)\SupTab\msvcr110.dll" not deleted "C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll" deleted "C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not deleted "C:\PROGRA~2\SupTab\Loader32.exe" deleted "C:\PROGRA~2\SupTab\Loader64.exe" deleted "C:\PROGRA~2\SupTab\msvcp110.dll" deleted "C:\PROGRA~2\SupTab\msvcr110.dll" not deleted "C:\PROGRA~2\SupTab\WindowsSupportDll32.dll" deleted "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not deleted "C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}" deleted "C:\Program Files (x86)\SupTab" not deleted "C:\zoek_backup" deleted "C:\PROGRA~2\SupTab" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default - Undetermined - 2020Player_IKEA@2020Technologies.com - Undetermined - optout@google.com - Afmelden voor advertentiecookie - %ProfilePath%\extensions\optout@google.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default 67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash 40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Users\Yasser\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Yasser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions debkinhcgejcbfgjiaalomcmkedjmiaa - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx[25/08/2011 04:41] Google Cast - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Videostream for Google Chromecastâ„¢ - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Website Logon - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa LocalChromecast Player - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}" "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}" "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}" {07F202EA-A471-44A9-AC55-B3C726D27203} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Yasser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Yasser\AppData\Local\Mozilla\Firefox\Profiles\1sxd1l5p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Yasser\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Yasser\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Yasser\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\SupTab\msvcr110.dll" not found "C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not found "C:\PROGRA~2\SupTab\msvcr110.dll" not found "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Program Files (x86)\SupTab" not found "C:\PROGRA~2\SupTab" not found ==== EOF on zo 23/11/2014 at 19:42:36,83 ======================
  12. Notroch
    Logfile of random's system information tool 1.10 (written by random/random) Run by Yasser at 2014-11-23 15:59:41 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 197 GB (29%) free of 686 GB Total RAM: 7658 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:59:44, on 23/11/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Yasser\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe C:\Program Files\trend micro\Yasser.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1416664815&from=smt&uid=HitachiXHTS547575A9E384_J2140054EAGSJAEAGSJAX&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: hpqtra08.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18968 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe winlogon.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" atieclxx C:\Windows\system32\Hpservice.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7142ccdc-ba9e-45e4-8cd8-41be84de44dd -SystemEventPortName:HostProcess-182b3bbd-0e80-47af-9c3c-49a12381959e -IoCancelEventPortName:HostProcess-31d84cc0-fbe9-4fa3-bd58-56db9dd3ee2f -NonStateChangingEventPortName:HostProcess-2219909b-31d7-4773-befa-eb02dcb77901 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:38ae411b-736a-43fb-bcf1-baf237515069 -DeviceGroupId: "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 14324528 \??\C:\Windows\system32\conhost.exe "100221743793832289151065741715533022521051256584179538402918022137021396618730 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe" -PermissionManagerRun "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe" "C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe" C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Popcorn Time\Updater.exe" "C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3148 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe" -e5 C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe" "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding "C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3300 series#1381079781" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Users\Yasser\AppData\Roaming\Dropbox\bin\Dropbox.exe" /home C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service C:\ProgramData\IePluginServices\PluginService.exe -service "C:\Program Files (x86)\SupTab\HpUI.exe" -run "C:\Program Files (x86)\SupTab\Loader64.exe" "C:\Program Files (x86)\SupTab\Loader32.exe" taskeng.exe {B6D73140-E59D-4B69-96B1-144AD382D1AE} "C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe" taskeng.exe {9F58A89F-07B9-43B6-9759-601F5B128E94} "C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe" -Embedding "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c "C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe" "C:\Program Files\Sony\Vegas Pro 12.0\ErrorReportLauncher.exe" "C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe" 1033 "C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe" -Event SonyVstServerEvent_11148 -Vendor "Sony Creative Software" -Product "Vegas Pro 12.0" "C:\Users\Yasser\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForYasser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForYasser (null) =========Mozilla firefox========= ProfilePath - C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.google.be/" prefs.js - "keyword.URL" - "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ websitelogon@truesuite.com C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default\extensions\ 2020Player_IKEA@2020Technologies.com wUM2@U1ElYj.edu ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}] Virtual Storage Mount Notification - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07 81024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26 1763656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}] Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll [2011-12-02 158224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07 69760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-17 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}] TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26 1613640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-17 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-29 1425408] "SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-09-30 43320] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] ""= [] "AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [2014-10-15 8925504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LaCie Desktop Manager Startup"=C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe [2012-10-10 3460608] "AdobeBridge"= [] "Google Update"=C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264] "Google+ Auto Backup"=C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120] "Facebook Update"=C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-11 138096] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-28 343168] "HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-10-08 169528] "HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960] "HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "daemontoolslite"= [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave7"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux4"=wdmaud.drv "wave8"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave9"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "wave4"=wdmaud.drv "aux5"=wdmaud.drv "wave5"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv "wave6"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-22 15:01:04 ----D---- C:\ProgramData\IePluginServices 2014-11-22 15:00:59 ----D---- C:\Program Files (x86)\SupTab 2014-11-22 15:00:53 ----D---- C:\ProgramData\WindowsMangerProtect 2014-11-22 14:59:24 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys 2014-11-22 14:59:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite 2014-11-20 20:07:11 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-11-20 20:06:50 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-11-20 20:06:50 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-11-19 06:26:53 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2014-11-19 06:26:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-19 06:26:53 ----A---- C:\Windows\system32\pku2u.dll 2014-11-19 06:26:53 ----A---- C:\Windows\system32\kerberos.dll 2014-11-17 22:56:37 ----D---- C:\Users\Yasser\AppData\Roaming\NCH Software 2014-11-16 22:30:41 ----D---- C:\Users\Yasser\AppData\Roaming\Lavasoft 2014-11-16 21:53:43 ----D---- C:\ProgramData\BitDefender 2014-11-16 21:47:36 ----A---- C:\Windows\system32\bdnc.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\OEMbdpredir.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\httproxy.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdsmtpp.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdpredir.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdpop3p.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\bdfwcore.dll 2014-11-16 21:47:34 ----A---- C:\Windows\system32\BdFirewallSDK.dll 2014-11-16 21:46:04 ----D---- C:\Program Files\Lavasoft 2014-11-16 21:45:21 ----D---- C:\Program Files\Common Files\Lavasoft 2014-11-16 21:44:44 ----D---- C:\ProgramData\Lavasoft 2014-11-16 21:05:08 ----D---- C:\Users\Yasser\AppData\Roaming\Antares 2014-11-16 20:47:04 ----D---- C:\Users\Yasser\AppData\Roaming\Publish Providers 2014-11-13 08:34:38 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-13 08:34:37 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2014-11-13 08:34:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-11-13 08:34:30 ----A---- C:\Windows\system32\termsrv.dll 2014-11-13 08:34:30 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-13 08:34:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-11-13 08:34:30 ----A---- C:\Windows\system32\adtschema.dll 2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-11-13 08:34:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-11-13 08:34:29 ----A---- C:\Windows\system32\msaudite.dll 2014-11-13 08:34:25 ----A---- C:\Windows\system32\msxml3.dll 2014-11-13 08:34:24 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-11-13 08:34:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-11-13 08:34:24 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-13 08:34:23 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL 2014-11-13 08:34:23 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-13 08:34:21 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-11-13 08:34:21 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-13 08:34:21 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-13 08:34:20 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-11-13 08:34:20 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-11-13 08:34:20 ----A---- C:\Windows\system32\EncDump.dll 2014-11-13 08:34:20 ----A---- C:\Windows\system32\AudioSes.dll 2014-11-13 08:34:20 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-13 08:34:17 ----A---- C:\Windows\system32\schannel.dll 2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-11-13 08:34:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-11-13 08:34:16 ----A---- C:\Windows\system32\wdigest.dll 2014-11-13 08:34:16 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-13 08:34:16 ----A---- C:\Windows\system32\ncrypt.dll 2014-11-13 08:34:16 ----A---- C:\Windows\system32\msv1_0.dll 2014-11-13 08:34:15 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-11-13 08:34:15 ----A---- C:\Windows\system32\credssp.dll 2014-11-13 08:34:07 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-13 08:34:07 ----A---- C:\Windows\system32\packager.dll 2014-11-13 08:34:06 ----A---- C:\Windows\system32\win32k.sys 2014-11-13 08:34:05 ----A---- C:\Windows\system32\generaltel.dll 2014-11-13 08:34:05 ----A---- C:\Windows\system32\aepdu.dll 2014-11-13 08:34:04 ----A---- C:\Windows\system32\aeinv.dll 2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-11-13 08:34:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-11-13 08:34:01 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-13 08:34:01 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-11-13 08:34:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-11-13 08:34:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-13 08:34:00 ----A---- C:\Windows\system32\iernonce.dll 2014-11-13 08:34:00 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-13 08:33:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-11-13 08:33:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-11-13 08:33:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-11-13 08:33:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-11-13 08:33:58 ----A---- C:\Windows\system32\urlmon.dll 2014-11-13 08:33:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-13 08:33:58 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-11-13 08:33:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-11-13 08:33:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-13 08:33:57 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-13 08:33:57 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-13 08:33:56 ----A---- C:\Windows\system32\iesetup.dll 2014-11-13 08:33:56 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-13 08:33:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-11-13 08:33:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-11-13 08:33:55 ----A---- C:\Windows\system32\iertutil.dll 2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-11-13 08:33:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-11-13 08:33:54 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-13 08:33:54 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-13 08:33:54 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-13 08:33:53 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-13 08:33:53 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-13 08:33:53 ----A---- C:\Windows\system32\ieui.dll 2014-11-13 08:33:53 ----A---- C:\Windows\system32\ieframe.dll 2014-11-13 08:33:52 ----A---- C:\Windows\system32\wininet.dll 2014-11-13 08:33:52 ----A---- C:\Windows\system32\vbscript.dll 2014-11-13 08:33:52 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-13 08:33:52 ----A---- C:\Windows\system32\jscript9.dll 2014-11-13 08:33:51 ----A---- C:\Windows\system32\msrating.dll 2014-11-13 08:33:51 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-13 08:33:50 ----A---- C:\Windows\system32\mshtml.dll 2014-11-13 08:32:18 ----A---- C:\Windows\system32\msi.dll 2014-11-13 08:32:17 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-11-11 22:26:59 ----D---- C:\ProgramData\NCH Software 2014-11-11 22:26:56 ----D---- C:\Program Files (x86)\NCH Software 2014-11-11 22:20:59 ----D---- C:\Windows\system32\ȰI 2014-11-11 22:20:59 ----D---- C:\Windows\system32\3쀀 2014-11-11 22:11:37 ----A---- C:\Windows\SYSWOW64\shoB84B.tmp 2014-11-11 18:59:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-11 11:49:34 ----D---- C:\Program Files (x86)\ESET 2014-11-11 00:01:12 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-11-09 09:42:10 ----A---- C:\Windows\system32\eamclean.exe 2014-11-09 09:42:10 ----A---- C:\Windows\system32\eamclean.dat 2014-11-09 09:31:26 ----D---- C:\ProgramData\gimmishop 2014-11-09 09:31:10 ----D---- C:\ProgramData\takegif 2014-11-08 22:43:27 ----D---- C:\ProgramData\Emsisoft 2014-11-08 08:36:47 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware 2014-11-05 20:19:23 ----D---- C:\Windows\Temp 2014-10-30 11:02:25 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys 2014-10-27 15:06:07 ----D---- C:\Program Files (x86)\VideoCnv ======List of files/folders modified in the last 1 month====== 2014-11-23 15:59:44 ----D---- C:\Windows\Prefetch 2014-11-23 15:59:43 ----D---- C:\Program Files\trend micro 2014-11-23 15:46:55 ----D---- C:\Windows\system32\config 2014-11-22 17:21:04 ----D---- C:\Windows\System32 2014-11-22 17:21:04 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-22 17:19:31 ----A---- C:\Windows\system32\deviceAppeared.txt 2014-11-22 15:01:04 ----HD---- C:\ProgramData 2014-11-22 15:00:59 ----RD---- C:\Program Files (x86) 2014-11-22 15:00:05 ----D---- C:\Users\Yasser\AppData\Roaming\DAEMON Tools Lite 2014-11-22 14:59:40 ----D---- C:\Windows\system32\drivers 2014-11-22 14:59:40 ----D---- C:\Windows\inf 2014-11-22 14:59:39 ----D---- C:\Windows\system32\DriverStore 2014-11-22 14:59:31 ----SHD---- C:\System Volume Information 2014-11-22 14:58:54 ----D---- C:\Windows\system32\catroot 2014-11-22 09:58:01 ----D---- C:\Users\Yasser\AppData\Roaming\Dropbox 2014-11-21 21:59:00 ----D---- C:\Windows 2014-11-21 21:58:46 ----D---- C:\Windows\Cursors 2014-11-21 21:57:51 ----D---- C:\Users\Yasser\AppData\Roaming\uTorrent 2014-11-21 21:57:45 ----D---- C:\Windows\Tasks 2014-11-21 21:57:45 ----D---- C:\Windows\system32\Tasks 2014-11-20 09:43:17 ----D---- C:\Windows\winsxs 2014-11-20 09:40:16 ----D---- C:\Windows\SysWOW64 2014-11-19 21:55:36 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-11-16 21:47:36 ----HD---- C:\Config.Msi 2014-11-16 21:47:35 ----SHD---- C:\Windows\Installer 2014-11-16 21:46:04 ----RD---- C:\Program Files 2014-11-16 21:45:21 ----D---- C:\Program Files\Common Files 2014-11-15 20:34:30 ----D---- C:\Windows\rescache 2014-11-15 15:33:38 ----D---- C:\Windows\Minidump 2014-11-15 15:33:38 ----D---- C:\Windows\debug 2014-11-15 03:30:07 ----D---- C:\Windows\Microsoft.NET 2014-11-15 03:29:11 ----RSD---- C:\Windows\assembly 2014-11-15 03:15:43 ----SD---- C:\Windows\system32\CompatTel 2014-11-15 03:15:40 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-11-15 03:15:39 ----D---- C:\Windows\system32\nl-NL 2014-11-15 03:15:37 ----D---- C:\Program Files\Internet Explorer 2014-11-15 03:15:36 ----D---- C:\Windows\SYSWOW64\en-US 2014-11-15 03:15:34 ----D---- C:\Windows\system32\en-US 2014-11-15 03:15:29 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-14 23:55:34 ----A---- C:\Windows\wininit.ini 2014-11-14 18:09:56 ----D---- C:\Windows\system32\MRT 2014-11-14 17:56:36 ----A---- C:\Windows\system32\MRT.exe 2014-11-13 19:12:56 ----A---- C:\Windows\system32\devicelist.txt 2014-11-13 19:12:56 ----A---- C:\Windows\system32\devicealertlist.txt 2014-11-13 08:31:06 ----D---- C:\Windows\system32\catroot2 2014-11-12 17:17:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-11-11 22:20:58 ----RD---- C:\Users 2014-11-11 21:29:00 ----D---- C:\Users\Yasser\AppData\Roaming\vlc 2014-11-11 18:06:22 ----D---- C:\zoek_backup 2014-11-11 13:14:43 ----D---- C:\AdwCleaner 2014-11-11 13:05:34 ----D---- C:\ProgramData\AVG2014 2014-11-11 13:05:27 ----D---- C:\ProgramData\MFAData 2014-11-11 13:00:11 ----D---- C:\Games 2014-11-09 21:31:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-11-09 21:20:20 ----D---- C:\Windows\pss 2014-11-09 20:41:24 ----D---- C:\Windows\Logs 2014-11-09 15:27:31 ----D---- C:\Windows\system32\drivers\etc 2014-11-09 10:12:31 ----D---- C:\Windows\system32\wbem 2014-11-09 10:12:30 ----D---- C:\Windows\system32\CodeIntegrity 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418} 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D} 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325} 2014-11-09 10:12:19 ----HD---- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} 2014-11-09 10:12:19 ----D---- C:\ProgramData\Avg_Update_0414b 2014-11-09 10:12:15 ----D---- C:\Program Files (x86)\MyFree Codec 2014-11-09 10:12:10 ----D---- C:\Program Files (x86)\AVG Web TuneUp 2014-11-09 10:12:08 ----SHD---- C:\$RECYCLE.BIN 2014-11-09 10:06:50 ----D---- C:\Windows\registration 2014-11-09 10:06:05 ----D---- C:\ProgramData\AVG Web TuneUp 2014-11-09 10:05:51 ----D---- C:\Program Files (x86)\Common Files 2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe 2014-11-01 04:01:51 ----D---- C:\Windows\system32\LogFiles 2014-10-29 12:50:55 ----D---- C:\ProgramData\Malwarebytes 2014-10-27 20:11:59 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064] R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-09-22 14456] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2014-07-10 93160] R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2014-07-10 102992] R1 cbfs3;cbfs3; \??\C:\Windows\system32\drivers\cbfs3.sys [2011-12-02 348560] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-22 283064] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320] R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-07-16 96896] R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-29 10210304] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-29 317952] R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-07-16 214144] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216] R3 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2014-08-21 727592] R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2014-08-21 261056] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-09-21 133672] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-05-29 4747840] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-11 80384] R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2011-09-21 620584] R3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2011-09-21 167976] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-09-21 178728] R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-09-21 89640] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-21 39976] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-21 21544] R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [2014-07-10 150256] R3 L6TPortA;Service - Line 6 TonePort UX1; C:\Windows\System32\Drivers\L6TPortA64.sys [2013-07-11 772864] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-31 338536] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-05-29 535552] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 4598AC4582F0E60C;4598AC4582F0E60C; \??\C:\Users\Yasser\AppData\Local\Temp\7DDBCE06F.sys [] S3 a2djavs;Audio 2 DJ WDM Audio; C:\Windows\System32\Drivers\a2djavs.sys [2012-12-18 359784] S3 a2djusb_svc;Audio 2 DJ; C:\Windows\System32\Drivers\a2djusb.sys [2012-12-18 98664] S3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2014-08-21 601360] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [] S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280] S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-10-30 32512] S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2013-06-26 772864] S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080] S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2014-07-10 389240] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-29 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-29 204288] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-09-20 1085216] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-08-26 260424] R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-09-16 662104] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-22 714208] R2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-10-10 1379840] R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-30 75136] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-29 311808] R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200] R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648] S2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [2014-10-15 707888] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-07-28 1511872] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288] S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  13. Notroch
    bij nader inzien zijn de 'linken' nog niet verdwenen...
  14. Notroch
    de linken zijn intussen al verdwenen. wel nog pop-ups, reclame op pagina's en pagina's die ongevraagd openen. Wanneer ik firefox open staat er oa te lezen 'www.superfish.com gelezen', weet niet of dat daar hoort. Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Scandatum: 20/11/2014 Scantijd: 20:10:13 Logbestand: Beheerder: Ja Versie: 2.00.3.1025 Malwaredatabase: v2014.11.20.06 Rootkitdatabase: v2014.11.18.01 Licentie: Gratis Malwarebescherming: Uitgeschakeld Kwaadaardige Website Bescherming: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x64 Bestandssysteem: NTFS Gebruiker: Yasser Scantype: Aangepaste Scan Resultaat: Voltooid Objecten Gescand: 660017 Verstreken Tijd: 25 u, 39 m, 9 s Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Ingeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 0 (Geen kwaadaardige items gedetecteerd) Registerwaardes: 0 (Geen kwaadaardige items gedetecteerd) Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 0 (Geen kwaadaardige items gedetecteerd) Bestanden: 5 PUP.Optional.MyPCBackup.A, C:\zoek_backup\C_Program Files (x86)_MyPC Backup\MyPC Backup.exe, In Quarantaine, [b58a44f9adcf90a681b33ba46c957987], PUP.Optional.MyPCBackup.A, C:\zoek_backup\C_Program Files (x86)_MyPC Backup\Service Start.exe, In Quarantaine, [3e0127163e3e44f20e2678670af7e818], PUP.Optional.MyPCBackup.A, C:\zoek_backup\C_PROGRA~2_MyPC Backup\MyPC Backup.exe, In Quarantaine, [c37c56e7c2ba93a3072dc01f46bbb54b], PUP.Optional.MyPCBackup.A, C:\zoek_backup\C_PROGRA~2_MyPC Backup\Service Start.exe, In Quarantaine, [59e63a0326561d193afa28b708f9e020], Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2280770166.job, In Quarantaine, [5be499a44933bd790d3f87f164a0e61a], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)
  15. Notroch
    da's een voorbeeld van de links die vanzelf gemaakt worden in een tekst online.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.