Ga naar inhoud

joskehetvoske

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    5

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door joskehetvoske

  1. joskehetvoske
    Het probleem is er nog. Zoek.exe v5.0.0.0 Updated 07-February-2014 Tool run by onzepc on za 08/02/2014 at 23:47:48,83. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\onzepc\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 8/02/2014 23:52:19 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Pando Networks deleted successfully C:\PROGRA~2\Paradox Interactive deleted successfully C:\PROGRA~2\PC Speed Maximizer deleted successfully C:\PROGRA~2\RightSurf deleted successfully C:\PROGRA~2\Runic Games deleted successfully C:\PROGRA~2\SearchNewTab deleted successfully C:\PROGRA~2\Sk-Enhancer deleted successfully C:\PROGRA~2\surf and, keep deleted successfully C:\PROGRA~2\Traffic Travis v4 deleted successfully C:\PROGRA~2\WebSearch deleted successfully C:\PROGRA~2\YoutubeAdblocker deleted successfully C:\PROGRA~2\COMMON~1\Roxio Shared deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Unlocker deleted successfully C:\ProgramData\Alwil Software deleted successfully C:\ProgramData\BlazeVideo deleted successfully C:\ProgramData\iRiver deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\SearchNewTab deleted successfully C:\ProgramData\surf and, keep deleted successfully C:\ProgramData\Tunngle deleted successfully C:\ProgramData\YoutubeAdblocker deleted successfully C:\Users\onzepc\AppData\Roaming\BitTorrent deleted successfully C:\Users\onzepc\AppData\Roaming\FMZilla deleted successfully C:\Users\onzepc\AppData\Roaming\IrfanView deleted successfully C:\Users\onzepc\AppData\Roaming\Media Player Classic deleted successfully C:\Users\onzepc\AppData\Roaming\Octoshape deleted successfully C:\Users\onzepc\AppData\Roaming\Opera deleted successfully C:\Users\onzepc\AppData\Roaming\runic games deleted successfully C:\Users\onzepc\AppData\Roaming\Samsung deleted successfully C:\Users\onzepc\AppData\Roaming\TeamViewer deleted successfully C:\Users\onzepc\AppData\Roaming\VST3 Presets deleted successfully C:\Users\onzepc\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\onzepc\AppData\Local\Lollipop deleted successfully C:\Users\onzepc\AppData\Local\Opera deleted successfully C:\Users\onzepc\AppData\Local\PackageAware deleted successfully C:\Users\onzepc\AppData\Local\PokerStars.BE deleted successfully C:\Users\onzepc\AppData\Local\Stardock_Corporation deleted successfully ==== Creating Sample_20140902_0003.zip ====================== Process firefox.exe killed Copied file C:\Users\onzepc\VS2010_Uninstall-RTM.ENU.exe to sample\VS2010_Uninstall-RTM.ENU.exe sample\VS2010_Uninstall-RTM.ENU.exe renamed to 7A5430251045F1C99659E05628CD2CDC C:\Users\Public\Desktop\sample_20140902_0003.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1038441731-2259536705-833619573-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2DDEC6F4-3FA0-4426-9F3B-04A61B00B244} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915 ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109989"); user_pref("extensions.BabylonToolbar_i.hardId", "e021064400000000000000ffe3187e92"); user_pref("extensions.BabylonToolbar_i.id", "e021064400000000000000ffe3187e92"); user_pref("extensions.BabylonToolbar_i.instlDay", "15403"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:06:36"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109989"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.id", "e021064400000000000000ffe3187e92"); user_pref("extensions.BabylonToolbar_i.hardId", "e021064400000000000000ffe3187e92"); user_pref("extensions.BabylonToolbar_i.instlDay", "15403"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:06:36"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.defaulturl", "http://websearch.searchbomb.info/?pid=625&r=2013/11/30&hid=16683788243875363131&lg=EN&cc=BE&unqvl=42&l=1&q="); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch"); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch"); ---- Lines search.com removed from prefs.js ---- user_pref("noscript.untrusted", "addthis.com adhese.com adroll.com adzerk.net autozone.be bkrtx.com chartbeat.com contextweb.com doubleclick.net doubl ---- Lines Sweet removed from prefs.js ---- user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines extensions.3dAjvho removed from prefs.js ---- user_pref("extensions.3dAjvho.epoch", "1386454247"); user_pref("extensions.3dAjvho.url", "http://getsrv.info/sync2/?q=hfZ9ofDSBShEAen0qTs8tMqLDe49CNU0nUkMCMlNhd9FrHwFrHaFrda9qjUMBzqUojwHrjsEqTsGrdCHpch7h ---- Lines extensions.Sic removed from prefs.js ---- user_pref("extensions.Sic.epoch", "1386454247"); user_pref("extensions.Sic.url", "http://getjpi1.info/sync2/?q=hfZ9ofV9CShEAen0qTs8tMqLDe49CNU0nUkMCMlNhd9FrHwFrHaFrdaHqdCMBzqUojwHrjsEqTsGrdCHpch7hfs0 ---- Lines extensions.Wmbb removed from prefs.js ---- user_pref("extensions.Wmbb.epoch", "1386454246"); user_pref("extensions.Wmbb.url", "http://getjpi1.info/sync2/?q=hfZ9ofqMA6aMCyVUojgGqihTB6lKDzt4oktxtNtVh7n0rjrFrjrErjaErHa6tMFHhd9FrHwGrdgGrTa6rHYMDMl ---- Lines extensions.c0aP removed from prefs.js ---- user_pref("extensions.c0aP.epoch", "1386454247"); user_pref("extensions.c0aP.url", "http://getproxy5.info/sync2/?q=hfZ9oeq8CzsMCyVUojsErTrMg708BNmGWj8cmihGheDUojwHrjwHrdwErdCGqihIC7n0rjrFrTa7rTsEqHr9t ---- FireFox user.js and prefs.js backups ---- user_20140902_0004_.backup prefs_20140902_0004_.backup ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\RightSurf not found C:\Program Files (x86)\PC Speed Maximizer not found C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\extensions\bloodyvikings@ffs.bplaced.net deleted C:\ProgramData\eSellerate deleted C:\Users\onzepc\daemonprocess.txt deleted C:\Users\onzepc\.android deleted C:\PROGRA~2\Mobogenie deleted C:\PROGRA~2\COMMON~1\Spigot deleted C:\Users\onzepc\AppData\Roaming\SkypEmoticons deleted C:\Users\onzepc\AppData\Roaming\DriverCure deleted C:\Users\onzepc\AppData\Roaming\GetRightToGo deleted C:\ProgramData\QuickSet deleted C:\ProgramData\DriverCure deleted C:\ProgramData\boost_interprocess deleted C:\ProgramData\ParetoLogic deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Trymedia deleted C:\Users\onzepc\AppData\Local\Slick Savings deleted C:\Users\onzepc\AppData\Local\Mobogenie deleted C:\Users\onzepc\AppData\Local\cache deleted C:\Users\onzepc\AppData\LocalLow\PriceGong deleted C:\Users\onzepc\AppData\LocalLow\Conduit deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Users\onzepc\Documents\Optimizer Pro deleted C:\Users\onzepc\Documents\Mobogenie deleted C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\searchplugins\conduit-search.xml deleted C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\jetpack deleted C:\Users\onzepc\Desktop\amddriverdownloader.exe deleted C:\Users\onzepc\Desktop\piwik\plugins\Referrers\images\searchEngines\search.softonic.com.png deleted C:\Users\onzepc\VS2010_Uninstall-RTM.ENU.exe deleted "C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\searchplugins\yahoo_ff.xml" deleted "C:\Users\onzepc\AppData\Local\fkn5uy03ds144f6" deleted "C:\ProgramData\fkn5uy03ds144f6" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted "C:\ProgramData\e1b3dcfaf56e7df0\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old" deleted "C:\Users\onzepc\AppData\Roaming\Ketarin\jobs.db" deleted "C:\ProgramData\e1b3dcfaf56e7df0" deleted "C:\Users\onzepc\AppData\Roaming\Ketarin" deleted ==== Folders Found In C:\xampp ====================== 2014-01-30 21:42:58 d-----w- C:\xampp\htdocs 2014-01-30 21:42:58 d-----w- C:\xampp\img 2014-01-30 21:42:59 d-----w- C:\xampp\apache 2014-01-30 21:42:59 d-----w- C:\xampp\mysql 2014-01-30 21:43:00 d-----w- C:\xampp\anonymous 2014-01-30 21:43:00 d-----w- C:\xampp\licenses 2014-01-30 21:43:01 d-----w- C:\xampp\cgi-bin 2014-01-30 21:43:01 d-----w- C:\xampp\contrib 2014-01-30 21:43:01 d-----w- C:\xampp\install 2014-01-30 21:43:01 d-----w- C:\xampp\locale 2014-01-30 21:43:01 d-----w- C:\xampp\mailoutput 2014-01-30 21:43:01 d-----w- C:\xampp\mailtodisk 2014-01-30 21:43:01 d-----w- C:\xampp\SCRATCH 2014-01-30 21:43:01 d-----w- C:\xampp\security 2014-01-30 21:43:01 d-----w- C:\xampp\src 2014-01-30 21:43:01 d-----w- C:\xampp\tmp 2014-01-30 21:43:01 d-----w- C:\xampp\webdav 2014-01-30 21:46:03 d-----w- C:\xampp\FileZillaFTP 2014-01-30 21:46:33 d-----w- C:\xampp\MercuryMail 2014-01-30 21:47:17 d-----w- C:\xampp\tomcat 2014-01-30 21:47:37 d-----w- C:\xampp\php 2014-01-30 21:49:21 d-----w- C:\xampp\perl 2014-01-30 21:51:02 d-----w- C:\xampp\phpMyAdmin 2014-01-30 21:51:29 d-----w- C:\xampp\webalizer 2014-01-30 21:51:30 d-----w- C:\xampp\sendmail ==== Files Found In C:\xampp ====================== 2013-03-30 11:28:59 118784 ----a-w- 09FA9091523283D9E374C1CF2D13984C C:\xampp\xampp_start.exe 2013-03-30 11:28:59 118784 ----a-w- 5DCF1F6A4DED823D97EF3518551E92DF C:\xampp\xampp_stop.exe 2013-03-30 11:28:59 1255 ----a-w- 246FF3B4DA75E6BB34D334D0D584C076 C:\xampp\setup_xampp.bat 2013-03-30 11:28:59 3829 ----a-w- 36D3DA2E99EE82C68D2793348C8FA859 C:\xampp\test_php.bat 2013-03-30 11:28:59 60928 ----a-w- 16A004D355467E44D217DC4DF62EC1E4 C:\xampp\service.exe 2013-03-30 11:28:59 753 ----a-w- D831BDA30AC0982F7BFB4E405B46AC3D C:\xampp\changes.txt 2013-03-30 11:28:59 78 ----a-w- 5229D7CF6D4B2DA36BA02F988F0D548F C:\xampp\filezilla_setup.bat 2013-03-30 11:28:59 822 ----a-w- C7AA90E03C1F451A0F1CA68E009102C1 C:\xampp\passwords.txt 2013-03-30 11:28:59 9439 ----a-w- 4A166FF7058460862923EBB8C0B43E13 C:\xampp\catalina_service.bat 2013-06-07 09:15:44 436 ----a-w- DF8E571DCFF12F980D66C35507DBB000 C:\xampp\apache_start.bat 2013-06-07 09:15:46 140 ----a-w- 1BEE0426A1C1C25AB9538E7FCF0B160D C:\xampp\apache_stop.bat 2013-06-07 09:15:47 149 ----a-w- 3D0CDB24EE811CBEC3361F83E8F3C482 C:\xampp\filezilla_stop.bat 2013-06-07 09:15:47 150 ----a-w- D8A2FF8F0464248829FFDDFAF25BFDC2 C:\xampp\filezilla_start.bat 2013-06-07 09:15:47 2727 ----a-w- 0A978393E9D6FBF59B37FC912CCD8EC5 C:\xampp\catalina_start.bat 2013-06-07 09:15:48 136 ----a-w- 27C0CF2E074546031B56A436A843C694 C:\xampp\mercury_start.bat 2013-06-07 09:15:48 60 ----a-w- 7759C44270CC5D890418440C09D0AA3D C:\xampp\mercury_stop.bat 2013-06-07 09:15:49 481 ----a-w- 0C69B28E83B410A7210C47B3C0730909 C:\xampp\mysql_start.bat 2013-06-07 09:15:51 220 ----a-w- EA5C497113B9ED05A5D6B08AF6E5AC3D C:\xampp\mysql_stop.bat 2013-06-17 09:42:31 2569216 ----a-w- 91F4FC7B269DA502520F74E7FA47735C C:\xampp\xampp-control.exe 2013-06-25 11:36:28 2492 ----a-w- AA175839A214A219137258C6821FEFB3 C:\xampp\catalina_stop.bat 2013-12-04 12:06:28 7929 ----a-w- 934FDDA8BFFF0ED4FADD45DB2C15E3B9 C:\xampp\readme_en.txt 2013-12-04 12:06:28 8119 ----a-w- 716A812505F2A5494BF835465CCB2FDA C:\xampp\readme_de.txt 2014-01-30 21:42:58 2918 ----a-w- 7D6D4391A6329A9E9E1E7A0A02C97EC9 C:\xampp\ctlscript.bat 2014-01-30 21:43:14 1083 ----a-w- AF2B39CDAAD4C87614CD2A69D112FDD3 C:\xampp\xampp_shell.bat 2014-01-30 21:51:34 704 ----a-w- 5EE6FC7EE67F5C65DEF3D3A2903AA764 C:\xampp\properties.ini 2014-01-30 21:53:01 181789 ----a-w- 3FA838B1652D292FDF0312138F1B603C C:\xampp\uninstall.dat 2014-01-30 21:53:13 6754937 ----a-w- 18FDEF73C52F949FB741E6D2D8D72E61 C:\xampp\uninstall.exe 2014-02-01 19:22:11 1198 ----a-w- 59357B95FF8739CF1402AB2958896F9C C:\xampp\xampp-control.ini 2014-02-01 19:22:11 6441 ----a-w- 1323EB2504E546EC8D306C732854D9ED C:\xampp\xampp-control.log ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\onzepc\AppData\Local\Temp ==== ====== Java Cache ===== 2014-01-31 09:17:08 2DBF303EA98BF75326ABF45913E2CB67 2706 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\7d57e80-6c3f2dc9 2014-01-31 09:17:16 73C2C659E0303C9FAAC1E3C1773A11A6 1163 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3a24a08b-2d940cdf 2014-02-08 18:21:23 C61586655591BEA510C4AEEB76C5EF67 155 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\744ce34f-151c8043 2014-01-31 09:17:13 63A8F165DDA59797FD25666C7657FC6C 1615 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\75d26b8f-763bf8e9 2014-01-31 09:17:12 03863815210FBE0D1AF626451B087502 1853 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\2db61850-62889bc8 2014-01-30 23:28:52 7BD6D7B43EA6EA352F122D88AC976C06 79 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\302490d1-6.0.lap 2014-01-31 09:17:14 D1C32F6CED7171484208EAF839BBEBFC 1562 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\211fc195-6acc1ca2 2014-01-31 09:17:05 E3C19C10DF9965C8DB4FDCE43824DCDC 2357 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\52bd2f95-22973cbd 2014-01-31 09:17:19 92A6CD19604CF35EDCBE2F54EE3AA9FB 567 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\44eaa1d6-4ae7c731 2014-01-31 09:17:11 DD0A3BDA1BF8DBB306F7A9ED47FE2B6E 2317 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\4a7990d7-63a32b8d 2014-01-31 09:17:13 CE2CEB009EAA8C1CFCC404091927F18F 1535 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\37f8d358-2161d5d1 2014-01-31 09:17:09 6A7D28192BFB2DFC0174E2AF3E719032 1921 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\5298e1dd-3f52aa99 2014-01-31 09:18:24 446A8B441AB11C3B21C38F5FFC99F420 1446 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\5b68fa0-75ec0b75 2014-01-31 09:17:15 46C78197863A4AE17D07FD60D9AFA069 967 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\1e8f11e2-5d29e9d2 2014-01-31 09:18:25 40FEEE8A3BA580ABA90DB6D52FC5D260 1792 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\543606e2-7a904718 2014-01-31 09:17:14 3366D25BA74A4AE8216C5EC1298AC46C 2011 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\6b9e8da2-58df0e50 2014-01-31 09:18:24 1F9AB6C1FF423D316C6FB41D4AB54F75 1772 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\25f0d2a5-1a7a0777 2014-01-31 09:17:06 619CAB3CFB65D0888BB17607A3262AD2 455 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\32df70e5-35be19f6 2014-01-31 09:17:21 D5F8B56F6D7E223C7E837CD5E5591C38 826 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\6b30e584-3fc29382 2014-01-31 09:17:10 D81F451DA9061D2A91FBA47A8EF1E00A 1217 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1568d02a-719b31e6 2014-01-31 09:18:26 1937790D4A0D9387FA988FE0576FB21E 1998 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\349fc82a-53a13047 2014-01-31 09:17:09 5D3E7B4298EA44C3F00E1609976684A0 2009 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\2325a12b-7680f24c 2014-01-31 09:17:07 3C1BB59DFA2195CB2C104C9543B5EE0C 895 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\7ebf4bae-7096c382 2014-01-31 09:17:11 F5A0106E28517049D4A285B5D4C3F69F 1646 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\41c7126f-4890407b 2014-01-31 09:17:10 F9DD7B602D44FC4A39D681E3A6C421DC 1401 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\676e1eaf-5b92b2f8 2014-01-31 09:17:20 B5F3040DBA6AFBECA299F0BE2655755F 405 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\1ff89134-7b252181 2014-01-31 09:17:16 ED9AAB437BF310B0B04C57C260446236 2360 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\3bfb5234-5de7270b 2014-01-31 09:17:05 B23A9051A30F062CBDCA494E9EFFFEF5 3011 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\542cfd75-2fa0ba40 2014-01-31 09:17:18 1084B7DE244ABFAE21BAED55A6D3174C 479 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2adeb6b6-595903ca 2014-02-08 18:21:22 B7233D98E954C38DE61A6F7D7099F953 155 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\7edba536-30ccea70 2014-02-07 01:03:07 9B955A0090D8E385DE5AF0319FE2D098 130544 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\29793afc-4c1bd052 2014-01-31 09:17:12 3DFE469DB19EE3C72D73DB1596B381BA 2026 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\62077fe-65f3b988 2014-01-31 07:43:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\onzepc\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-1a7a1529 ====== C:\Windows\SysWOW64 ===== 2014-01-30 23:57:25 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-01-30 23:57:11 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-01-30 23:57:11 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-30 23:57:11 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-08 10:00:50 70EC56032572A36DA7F61572ACF162A3 5021624 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2014-01-30 19:12:52 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2014-01-30 19:12:59 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-01-30 19:12:59 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-01-30 19:12:58 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-01-30 19:12:58 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-01-30 19:12:58 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-01-30 19:12:58 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-01-30 19:12:58 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-01-30 19:12:15 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-08 16:22:16 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-07 23:34:58 -------- d-----w- C:\PROGRA~2\ownCloud 2014-02-07 20:57:16 -------- d-----w- C:\PROGRA~2\BlueSprig 2014-02-06 16:07:33 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird 2014-01-30 23:57:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-01-30 19:30:21 -------- d-----w- C:\PROGRA~2\AMD AVT ======= C: ===== ====== C:\Users\onzepc\AppData\Roaming ====== 2014-02-08 10:34:45 -------- d-----w- C:\Users\onzepc\AppData\Local\ElevatedDiagnostics 2014-02-08 10:02:22 D71C7FC2057AF2D1A8D63F79746AC9E3 121504 ----a-w- C:\Users\onzepc\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-08 00:18:43 F13B2333DF3F82B325444C9BDE19854F 277824 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-02-07 23:35:27 -------- d-----w- C:\Users\onzepc\AppData\Local\ownCloud 2014-02-07 20:57:24 -------- d-----w- C:\Users\onzepc\AppData\Roaming\BlueSprig ====== C:\Users\onzepc ====== 2014-02-08 17:39:47 7A0DFC5353FF6DE7DE0208A29FA2FFC9 495616 ----a-w- C:\Users\onzepc\Desktop\putty.exe 2014-02-08 16:21:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\onzepc\Desktop\RSITx64.exe 2014-02-07 23:38:05 -------- d-----w- C:\Users\onzepc\ownCloud 2014-02-07 23:33:55 8C3EEF590B5648655A70F02B71019261 19302560 ----a-w- C:\Users\onzepc\Desktop\ownCloud-1.5.0.1913-setup.exe 2014-02-07 20:56:27 B787B916CB498375501D8CA9657FDD3C 4422112 ----a-w- C:\Users\onzepc\Desktop\jetclean-setup.exe 2014-02-06 20:13:46 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\onzepc\Desktop\MicrosoftFixit.ProgramInstallUninstall.RNP.34315144376178056.4.1.Run.exe 2014-02-06 20:13:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\onzepc\Desktop\MicrosoftFixit.ProgramInstallUninstall.FISC.34315144376178056.3.1.Run.exe 2014-02-06 20:08:32 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\onzepc\Desktop\MicrosoftFixit.WinFileFolder.FISC.34315144376178056.1.1.Run.exe 2014-02-06 19:39:51 4EF3D067591AAD9E273C333517FB0DC5 81488 ----a-w- C:\Users\onzepc\Desktop\WebInstaller.exe 2014-02-01 19:15:15 2E6E31D26020BA7E31FF327F0E008B58 40603386 ----a-w- C:\Users\onzepc\Desktop\Wampserver2.4-x64.exe 2014-01-30 23:25:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-30 23:22:44 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\onzepc\Desktop\jxpiinstall.exe 2014-01-30 22:09:43 59387D465FDDBBBA358F9DF036A04855 4812567 ----a-w- C:\Users\onzepc\Desktop\FileZilla_3.7.3_win32-setup.exe 2014-01-30 21:52:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-01-30 21:35:38 374C1952B8C51E0D273B6190BF856EF1 123794144 ----a-w- C:\Users\onzepc\Desktop\xampp-win32-1.8.3-2-VC11-installer.exe 2014-01-30 19:30:28 -------- d-----w- C:\ProgramData\ATI 2014-01-30 19:29:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center ====== C: exe-files == 2014-02-08 16:22:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\onzepc.exe 2014-02-07 23:35:09 DB33A2C168A83EA34A84B3587A626E21 133063 ----a-w- C:\Program Files (x86)\ownCloud\uninstall.exe 2014-02-06 16:07:36 E33674FF9748F1736F3CBB6C6929B5AB 901232 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2014-02-06 16:07:36 D3730E6B1E52E5612ADFBF3FA1752A37 22640 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2014-02-06 16:07:36 A49E66E6FED2CD4CD1CBA0A12353BA62 274032 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2014-02-06 16:07:36 259FC81909D6FEEB1BEDB2595100513D 390256 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2014-02-06 16:07:35 EB44B6531B8924DD048ACD1F5382C15E 18544 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2014-02-06 16:07:34 C956DFD0C0BC91625EC4193579488054 119408 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2014-02-06 16:07:34 3CD5FB772155C0A8A255706E6450CFE0 194176 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2014-02-06 16:07:33 8E843181A30DD65E96C418268663C5E6 117360 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2014-02-02 12:01:33 994EDCAFAA2BD979E9B420B7D61B5773 9119232 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe 2014-02-02 12:01:32 9B093D85C1742C2B30D4B5A0658144EB 132608 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\Filters\Haali\mkv2vfr.exe 2014-02-02 12:01:32 7EC9CB7352D8291D1C97085727A7C63A 107008 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\Filters\Haali\dsmux.exe 2014-02-02 12:01:32 17B90B130716D867FE1892232CB7764F 353280 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\Filters\Haali\gdsmux.exe 2014-02-02 12:01:28 9DBCCBD6261117BE3155468090AD6FE9 1196144 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\CCCP-Settings.exe 2014-02-02 12:01:28 537B04429ADCF43E6DD903899379737E 1196144 ----a-w- C:\Program Files (x86)\Combined Community Codec Pack\CCCP-SystemSettings.exe === C: other files == 2014-02-08 23:03:15 E8E667F82D9D7378B7D1C2F06FEA7C8D 636365 ----a-w- C:\Users\Public\Desktop\sample_20140902_0003.zip 2014-02-06 16:07:35 3C225CCC43A03BB1E9DCC53DAFA94A2F 224295 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugins\WCChromeExtn\WCChromeExtn.crx 2014-02-06 15:58:21 A20B944156BB919699A6FF7D2CD6B55D 348260 ----a-w- C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\extensions\personas@christopher.beard.xpi 2014-02-06 15:58:19 DF7EEA2F647E5814563A0B5E289641C4 291136 ----a-w- C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1038441731-2259536705-833619573-1001\Software\Microsoft\Windows\CurrentVersion\Run] "ownCloud"="C:\Program Files (x86)\ownCloud\owncloud.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ownCloud"="C:\Program Files (x86)\ownCloud\owncloud.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 11.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LiveSupport] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LiveSupport" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\LiveSupport\\LiveSupport.exe\" /noshow /log" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn Hamachi Ui" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVG Security Toolbar Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avg9wd] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avgfws9] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVGIDSAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CLPSLS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cmdAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CrdphService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative Audio Engine Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CTAudSvcService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EasyVpnAdpt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EzVpnSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ForceWare Intelligent Application Manager (IAM)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\msav] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nSvcIp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SBSDWSCService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\srsfah1] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SwitchBoard] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TunngleService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wampapache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wampmysqld] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001Core.job --a------ C:\Users\onzepc\AppData\Local\Google\Update\GoogleUpdate.exe [18/07/2012 16:48] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001UA.job --a------ C:\Users\onzepc\AppData\Local\Google\Update\GoogleUpdate.exe [18/07/2012 16:48] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Ad-Aware Update (Weekly)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001Core" [C:\Users\onzepc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001UA" [C:\Users\onzepc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [14/12/2013 22:19] ==== Firefox Extensions ====================== ProfilePath: C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915 - Enhanced Middle Click - %ProfilePath%\extensions\enhancedmiddleclick@senicar.net.xpi - google-no-tracking-url - %ProfilePath%\extensions\jid1-zUrvDCat3xoDSQ@jetpack.xpi - Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi - RequestPolicy - %ProfilePath%\extensions\requestpolicy@requestpolicy.com.xpi - FastestFox - %ProfilePath%\extensions\smarterwiki@wikiatic.com.xpi - Thumbnail Zoom Plus - %ProfilePath%\extensions\thumbnailZoom@dadler.github.com.xpi - Screengrab fix version - %ProfilePath%\extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi - Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915 2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash 8F628060DAECF76C537BD89A53228D3B - C:\Users\onzepc\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll - Google Update ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - No path found[] hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\onzepc\AppData\Local\Slick Savings\coupons.crx[] pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[] IE Tab - onzepc\AppData\Local\Chromium\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{2E5673B8-E2FB-4D48-8DD2-D79282FC0B36}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {2E5673B8-E2FB-4D48-8DD2-D79282FC0B36} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1038441731-2259536705-833619573-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveSupport deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\onzepc\AppData\Roaming\Mozenda\InternetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7UWMG5NV will be deleted at reboot C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MDCMQ355 will be deleted at reboot C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\personas\cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\onzepc\AppData\Local\Chromium\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=361 folders=92 53823780 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\AppData\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\onzepc\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\onzepc\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7UWMG5NV" not found "C:\Users\onzepc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MDCMQ355" not found ==== EOF on zo 09/02/2014 at 0:21:16,54 ======================
  2. joskehetvoske
    Logfile of random's system information tool 1.09 (written by random/random) Run by onzepc at 2014-02-08 17:24:29 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 102 GB (43%) free of 238 GB Total RAM: 3071 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:24:32, on 8/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16526) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe C:\Program Files\trend micro\onzepc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [ownCloud] C:\Program Files (x86)\ownCloud\owncloud.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2CEEAA74-E07A-4103-ADD9-D8DB9C16DCE1}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{34307B7C-9057-4791-A7E7-09F52032385D}: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2CEEAA74-E07A-4103-ADD9-D8DB9C16DCE1}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS3\Services\Tcpip\..\{2CEEAA74-E07A-4103-ADD9-D8DB9C16DCE1}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9426 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k SDRSVC "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4696.26875a00.1756045177 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4696 "\\.\pipe\gecko-crash-server-pipe.4696" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --proxy-stub-channel=Flash4268.65E6C7B8.480 --host-broker-channel=Flash4268.65E6C7B8.21749 --host-pid=4268 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --channel=3796.0033F1E8.1323481313 --proxy-stub-channel=Flash4268.65E6C7B8.480 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --host-npapi-version=27 --type=renderer "C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe" "C:\Users\onzepc\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe93_ Global\UsGthrCtrlFltPipeMssGthrPipe93 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038441731-2259536705-833619573-1001UA.job =========Mozilla firefox========= ProfilePath - C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915 prefs.js - "browser.search.suggest.enabled" - false prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.9lives.be/forum/forum.php" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.13.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll npMeetingJoinPluginOC.dll NPOFF12.DLL nppdf32.dll nppdf32.NLD WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\extensions\ bloodyvikings@ffs.bplaced.net C:\Users\onzepc\AppData\Roaming\Mozilla\Firefox\Profiles\nm9bljj7.default-1350156586915\searchplugins\ conduit-search.xml yahoo_ff.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15 218784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2013-09-13 878296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2013-11-02 2331336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-10-17 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-31 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 705240] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 1727176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-31 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ownCloud"=C:\Program Files (x86)\ownCloud\owncloud.exe [2013-12-12 15942413] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-04 3813712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304] "AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml [] "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-04 3813712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-16 249344] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "AllowLegacyWebView"=1 "AllowUnhashedWebView"=1 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-02-08 17:22:16 ----D---- C:\Program Files\trend micro 2014-02-08 17:22:15 ----D---- C:\rsit 2014-02-08 11:00:50 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-02-08 00:34:58 ----D---- C:\Program Files (x86)\ownCloud 2014-02-07 21:57:24 ----D---- C:\Users\onzepc\AppData\Roaming\BlueSprig 2014-02-07 21:57:16 ----D---- C:\Program Files (x86)\BlueSprig 2014-02-06 22:05:46 ----SHD---- C:\$RECYCLE.BIN 2014-02-06 20:41:05 ----D---- C:\Program Files (x86)\RightSurf 2014-02-06 20:40:40 ----D---- C:\Program Files (x86)\PC Speed Maximizer 2014-02-06 17:07:33 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2014-02-01 20:18:01 ----D---- C:\wamp 2014-01-31 00:57:25 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-31 00:57:11 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-31 00:57:11 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-31 00:57:11 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-31 00:26:38 ----D---- C:\ProgramData\Oracle 2014-01-30 22:42:58 ----D---- C:\xampp 2014-01-30 20:57:13 ----D---- C:\Windows\PCHEALTH 2014-01-30 20:30:28 ----D---- C:\ProgramData\ATI 2014-01-30 20:30:21 ----D---- C:\Program Files (x86)\AMD AVT 2014-01-30 20:12:59 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-30 20:12:59 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-30 20:12:58 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-30 20:12:58 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-30 20:12:58 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-30 20:12:58 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-30 20:12:58 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-30 20:12:52 ----A---- C:\Windows\system32\win32k.sys 2014-01-30 20:12:15 ----A---- C:\Windows\system32\drivers\netio.sys ======List of files/folders modified in the last 1 month====== 2014-02-08 17:22:16 ----RD---- C:\Program Files 2014-02-08 16:59:24 ----D---- C:\Users\onzepc\AppData\Roaming\FileZilla 2014-02-08 16:46:02 ----D---- C:\Users\onzepc\AppData\Roaming\Skype 2014-02-08 16:09:07 ----D---- C:\Windows\temp 2014-02-08 16:09:05 ----D---- C:\Windows\Prefetch 2014-02-08 15:04:33 ----D---- C:\Windows\tracing 2014-02-08 14:38:49 ----D---- C:\Windows\system32\config 2014-02-08 11:02:29 ----D---- C:\Windows 2014-02-08 11:02:10 ----D---- C:\Windows\system32\LogFiles 2014-02-08 11:01:04 ----D---- C:\Windows\debug 2014-02-08 11:00:50 ----D---- C:\Windows\System32 2014-02-08 11:00:37 ----D---- C:\Config.Msi 2014-02-08 01:17:14 ----D---- C:\Windows\Logs 2014-02-08 01:16:36 ----SHD---- C:\System Volume Information 2014-02-08 00:34:58 ----RD---- C:\Program Files (x86) 2014-02-07 22:07:25 ----SHD---- C:\Windows\Installer 2014-02-07 22:07:25 ----D---- C:\Program Files (x86)\LogMeIn Hamachi 2014-02-07 22:06:39 ----D---- C:\Windows\inf 2014-02-07 22:06:16 ----D---- C:\Windows\system32\catroot2 2014-02-07 22:05:33 ----D---- C:\Windows\system32\Tasks 2014-02-07 21:57:45 ----D---- C:\Program Files (x86)\Common Files 2014-02-07 02:24:08 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-02-07 02:12:07 ----D---- C:\steam 2014-02-06 21:06:53 ----D---- C:\Windows\SysWOW64 2014-02-06 21:02:11 ----D---- C:\Users\onzepc\AppData\Roaming\Media Player Classic 2014-02-02 13:01:39 ----D---- C:\Program Files (x86)\Combined Community Codec Pack 2014-02-02 12:28:31 ----D---- C:\Windows\system32\drivers 2014-02-02 00:44:24 ----D---- C:\Users\onzepc\AppData\Roaming\BitTorrent 2014-01-31 08:37:42 ----D---- C:\Windows\winsxs 2014-01-31 01:12:19 ----D---- C:\Windows\system32\catroot 2014-01-31 01:11:56 ----D---- C:\Windows\system32\DriverStore 2014-01-31 00:56:57 ----D---- C:\Program Files (x86)\Java 2014-01-31 00:45:33 ----D---- C:\Program Files (x86)\CCleaner 2014-01-31 00:38:42 ----D---- C:\Program Files (x86)\Adobe 2014-01-31 00:32:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-31 00:26:38 ----D---- C:\ProgramData 2014-01-30 23:10:51 ----D---- C:\Program Files (x86)\FileZilla FTP Client 2014-01-30 20:58:40 ----D---- C:\ProgramData\Microsoft Help 2014-01-30 20:58:39 ----A---- C:\Windows\win.ini 2014-01-30 20:55:07 ----RSD---- C:\Windows\assembly 2014-01-30 20:53:42 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-01-30 20:53:41 ----D---- C:\Windows\system32\nl-NL 2014-01-30 20:52:55 ----D---- C:\Windows\system32\MRT 2014-01-30 20:49:42 ----A---- C:\Windows\system32\MRT.exe 2014-01-30 20:30:23 ----D---- C:\ProgramData\AMD 2014-01-30 20:29:26 ----D---- C:\Program Files\ATI Technologies 2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240] R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-12-07 381440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-03 230352] R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392] R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-06-16 314016] R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816] R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-06-16 43680] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576] R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176] R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 27648] R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-11-11 348264] R3 vpcbus;Hostbusservice voor Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944] R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232] S3 AF15BDA;WinFast DTV Dongle Gold BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2009-06-02 507392] S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series; C:\Windows\system32\DRIVERS\athrxu6.sys [2007-07-05 1041920] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944] S3 ATP;Comodo Unite Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys [] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\lol\catchme.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576] S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [] S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744] S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2012-08-21 33240] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856] S3 hitmanpro35;Hitman Pro 3.5 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro35.sys [2010-09-26 19528] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 P17;SB Audigy LS; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 127488] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 18944] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 161280] S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 128000] S3 StkTMini;Syntek AVStream USB2.0 ATV; C:\Windows\System32\Drivers\StkTMini.sys [2007-11-15 528256] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392] S3 TIEHDUSB;TI Core USB Driver; C:\Windows\system32\DRIVERS\tiehdusb.sys [2009-09-03 128512] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-11-10 139408] S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\Windows\system32\DRIVERS\whfltr2k.sys [2009-09-16 10368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-04 2222416] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-01 75136] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136] R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-07 79360] S4 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-12 655624] S4 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 136176] S4 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-02 136176] S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S4 msav;Moon Secure Antivirus Core; C:\Program Files (x86)\Moon Secure Antivirus\msavcore.exe [] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 206880] S4 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-07-31 407336] -----------------EOF-----------------
  3. joskehetvoske
    Nja inderdaad, maar ik kan alles openen. Als ik dubbelklik op een .jpg bestand opent dat gewoon perfect in windows photo viewer zoals is ingesteld. Als ik rechts klik op een bestand dan ga naar "openen met". Een lijst opent zich en vervolgens klik op "standaardprogramma selecteren" klik krijg ik pas de foutmelding.
  4. joskehetvoske
    Bedankt Ik gebruik windows 7. Ik was het vergeten melden. Dit omzeilt enkel het probleem dit lost de foutmelding niet op. Ik heb die foutmelding bij elk bestand waarbij ik dit probeer.
  5. joskehetvoske
    Als ik rechts klik op een bestand en ga naar "openen met" en vervolgens kies voor "standaard programma selecteren" dan krijg ik de volgende foutmelding: ''Er is voor deze bewerking geen programma aan het opgegeven bestand gekoppeld...'' Wat ik al heb geprobeerd is de standaard waarden terug zetten waarmee bestanden geopend worden. Dat verhielp het probleem niet.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.