Ga naar inhoud

mharinck

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    9

  • Registratiedatum

  • Laatst bezocht

mharinck's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. mharinck
    Wat een prutser is dat dan geweest! Maar heb nu geen problemen meer. Het CPU-gebruik is nu laag en hij reageert weer snel. En het werkgeheugen is nu ongeveer 35%, maar dat komt denk ik ook omdat mijn computer ook best vol staat. Nog even een vraagje: Kan ik de map windows.old, waar al die oude bestanden ook gewoon verwijderen? Of zouden daar nog bestanden op kunnen staan die mijn computer nog steeds gebruikt. Het zou veel ruimte vrijmaken op mijn C: schijf. (ongeveer 76 GB!) De bestanden die daar in die map staan, staan namelijk ook gewoon in mijn normale windows-map.
  2. mharinck
    Nee, één versie. maar ik heb twee jaar terug last gehad van een hardnekkig virus en heb hem toen naar een specialist gebracht. Hij heeft de oude windows bestanden er ook nog in teruggezet omdat hier ook nog bestanden in stonden die ik nodig had.
  3. mharinck
    Kape, bij deze het logje van de ESET scan: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=6c832ce8b5d25d478c220aa7d1778f4d # engine=17123 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-02-19 05:44:58 # local_time=2014-02-19 06:44:58 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 19102704 144461748 0 0 # scanned=392148 # found=33 # cleaned=16 # scan_time=84656 sh=083035A00A55D52B3627BC09DFB89A30CE4E90DC ft=1 fh=5801b81f3965e8f5 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Temp\ietDBF3.tmp.exe" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Temp\setup.exe" sh=16E7A873792F22BD3C69B4F07D72E9B698592BA5 ft=1 fh=ab37624248149b46 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Temp\SIDN.EXE" sh=67D3F045F5AC71AA80F41497097E09DBECDD58E6 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Temp\Untitled.cab" sh=083035A00A55D52B3627BC09DFB89A30CE4E90DC ft=1 fh=5801b81f3965e8f5 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\Local Settings\Temp\ietDBF3.tmp.exe" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\Local Settings\Temp\setup.exe" sh=16E7A873792F22BD3C69B4F07D72E9B698592BA5 ft=1 fh=ab37624248149b46 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\Local Settings\Temp\SIDN.EXE" sh=67D3F045F5AC71AA80F41497097E09DBECDD58E6 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Documents and Settings\Marino\Local Settings\Temp\Untitled.cab" sh=083035A00A55D52B3627BC09DFB89A30CE4E90DC ft=1 fh=5801b81f3965e8f5 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\AppData\Local\Temp\ietDBF3.tmp.exe" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows.old\Users\Marino\AppData\Local\Temp\setup.exe" sh=16E7A873792F22BD3C69B4F07D72E9B698592BA5 ft=1 fh=ab37624248149b46 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\AppData\Local\Temp\SIDN.EXE" sh=67D3F045F5AC71AA80F41497097E09DBECDD58E6 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\AppData\Local\Temp\Untitled.cab" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows.old\Users\Marino\AppData\LocalLow\AskToolbar\setup.exe" sh=083035A00A55D52B3627BC09DFB89A30CE4E90DC ft=1 fh=5801b81f3965e8f5 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\Local Settings\Temp\ietDBF3.tmp.exe" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows.old\Users\Marino\Local Settings\Temp\setup.exe" sh=16E7A873792F22BD3C69B4F07D72E9B698592BA5 ft=1 fh=ab37624248149b46 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\Local Settings\Temp\SIDN.EXE" sh=67D3F045F5AC71AA80F41497097E09DBECDD58E6 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Windows.old\Users\Marino\Local Settings\Temp\Untitled.cab" sh=43169E15EC677CA32A2B0466DCAEFA40247A373E ft=1 fh=327b853c99dd239e vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\$RECYCLE.BIN\S-1-5-21-4116131984-1994455510-1138838673-1000\$R9R7PRR\Setup-SopCast-3.8.2-2013-03-01.exe" sh=9357AD524EC7D326F3FAEDB37BC88A2C99383120 ft=0 fh=0000000000000000 vn="VBS/CoinMiner.AD trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Marino\AppData\Roaming\Origin\update.vbe" sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Marino\Downloads\ccsetup410.exe" sh=D738734B8353AB84ACC828F02447BAEE21296CED ft=1 fh=5137fb26c767d52d vn="Win32/Adware.Webhancer.213 application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Public\Documents\Games\Data\ArcadeInstallOPFLASH107g.exe" sh=04BFD2536899D09566918186B1894A92CAC5B204 ft=1 fh=ded6d3f69b79f185 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Public\Videos\Prince Of Persia {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe" sh=083035A00A55D52B3627BC09DFB89A30CE4E90DC ft=1 fh=5801b81f3965e8f5 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Application Data\Temp\ietDBF3.tmp.exe" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Application Data\Temp\setup.exe" sh=16E7A873792F22BD3C69B4F07D72E9B698592BA5 ft=1 fh=ab37624248149b46 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Application Data\Temp\SIDN.EXE" sh=67D3F045F5AC71AA80F41497097E09DBECDD58E6 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Documents and Settings\Marino\AppData\Local\Application Data\Temp\Untitled.cab" sh=AD44A69068930A5A5E100F7E1F14CF189842A670 ft=1 fh=7d75842fbbf8ffab vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows.old\Documents and Settings\Marino\AppData\LocalLow\AskToolbar\setup.exe" sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\Conduit\Community Alerts\Alert.dll" sh=71423ACE3D2D07E425843FA200A58C12AC3CA0AB ft=1 fh=0bb53edc40c9d9d9 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe" sh=9C6ACFDE3711FB78004DD409BD3F8D4EA8DEB5D2 ft=1 fh=14e63b42c40538cc vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" sh=71423ACE3D2D07E425843FA200A58C12AC3CA0AB ft=1 fh=0bb53edc40c9d9d9 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe" sh=ED028AC8AB3EBD413EBD6BA15AE4A67CB3E4073A ft=1 fh=6f069dcf6de98198 vn="a variant of Win32/Toolbar.Visicom.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\wbtooltb\wbtoolDx.dll" sh=38EF70BD7A0FD96D5105B5519C81B98F48ABD154 ft=1 fh=ddc59e174ff8fe53 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Program Files (x86)\wbtooltb\wbtooltb.dll"
  4. mharinck
    Oke in ieder geval bedankt voor je bijdrage nog porrelaar!
  5. mharinck
    Porrelaar, Dank je voor de correctie! Ik bedoelde inderdaad mijn fysiek geheugen wat hoog was. IK heb nu een volledige scan gedaan met Malwarebytes én Spyhunter 4, waarbij geen enkele serieuze malware of virus werd gevonden. Enkel wat cookies en Snap.do wat werd geblokkeerd. Dus van dat Trojan.Bitcoinminer ben ik in ieder geval al af. Bedankt hiervoor! Ik was alleen bang dat die svchost processen nog steeds wat te maken hadden met die Trojan, want dit was eerst wel het geval volgens de Malwarebytes scan namelijk. Nu weet ik echter niet of het normaal is dat die svchost processen zoveel werkgeheugen eisen?
  6. mharinck
    Nog steeds hoog!
  7. mharinck
    Bedankt voor de snelle reactie! Bij deze de Log resultaten van zoek.exe. Zoek.exe v5.0.0.0 Updated 17-February-2014 Tool run by Marino on di 18-02-2014 at 5:34:42,72. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marino\Downloads\zoek (1).exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 18-2-2014 5:36:19 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~3\eMule deleted successfully C:\PROGRA~3\NokiaAccount deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Roxio deleted successfully C:\PROGRA~3\THQ deleted successfully C:\Users\Marino\AppData\Roaming\GetRightToGo deleted successfully C:\Users\Marino\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Marino\AppData\Local\DataSafeOnline deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\SopCast deleted C:\extensions deleted C:\found.000 deleted C:\found.001 deleted C:\PROGRA~3\Package Cache deleted C:\Users\Marino\AppData\LocalLow\uTorrentBar_NL deleted C:\user.js deleted "C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll" deleted "C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-02-17 19:15:17 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2014-02-17 19:15:17 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2014-02-17 19:15:16 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2014-02-17 19:15:16 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2014-02-17 19:15:16 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe ====== C:\Users\Marino\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-02-16 16:58:12 574B81F1A6626075C987BAEE2AF90F3E 669340 ----a-w- C:\Windows\SysWOW64\scrypt130511Cedarglg2tc4032w64l4.bin 2014-02-16 10:13:34 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-16 10:12:44 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-16 10:12:44 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-16 10:12:43 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-02-16 10:12:41 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-16 10:12:41 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-16 10:12:40 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-16 10:12:40 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-16 10:12:40 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-16 10:12:40 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-16 10:12:39 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-02-16 10:12:38 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-02-16 10:12:38 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-16 10:12:37 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-16 10:12:37 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-16 10:12:36 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-02-16 10:12:34 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-16 10:12:33 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-16 10:12:33 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-15 14:02:06 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-15 14:02:06 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-02-15 14:01:35 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-15 14:01:35 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-16 10:13:34 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-16 10:12:45 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-16 10:12:44 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-16 10:12:43 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-02-16 10:12:42 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-16 10:12:42 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-02-16 10:12:42 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-16 10:12:41 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-16 10:12:41 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-16 10:12:40 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-02-16 10:12:40 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-02-16 10:12:40 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-16 10:12:40 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-02-16 10:12:39 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-16 10:12:39 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-02-16 10:12:38 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-02-16 10:12:37 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-16 10:12:37 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-16 10:12:37 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-16 10:12:36 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-02-16 10:12:35 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-16 10:12:32 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-15 14:02:07 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-15 14:02:06 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-02-15 14:01:35 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-15 14:01:35 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll ====== C:\Windows\Sysnative\drivers ===== 2014-02-17 11:28:21 CD51E1D0D638F1E07A6EDC98CD7F5DDA 91352 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-02-16 18:19:23 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-02-17 11:31:07 C5E3AF362BFFCE3A48681636B945EA76 3156 ----a-w- C:\Windows\Sysnative\Tasks\{9238A748-04F3-4A2F-90EF-5D0E5392C482} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-17 20:16:20 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-01-20 17:12:01 -------- d-----w- C:\PROGRA~2\TI Education 2014-01-20 17:12:01 -------- d-----w- C:\PROGRA~2\COMMON~1\TI Shared ======= C: ===== ====== C:\Users\Marino\AppData\Roaming ====== 2014-02-17 19:28:27 -------- d-----w- C:\Users\Public\AppData\Local\temp 2014-02-17 19:28:27 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-02-17 19:28:27 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2014-02-16 17:57:30 644F0FBD33FF2BD18321108D99679C59 7606 ----a-w- C:\Users\Marino\AppData\Local\Resmon.ResmonCfg 2014-02-15 17:32:16 -------- d--h--w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Origin ====== C:\Users\Marino ====== 2014-02-17 20:11:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Marino\Desktop\RSITx64.exe 2014-02-17 19:51:37 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Marino\Downloads\ccsetup410.exe 2014-02-17 19:28:27 -------- d-----w- C:\Users\Public\AppData 2014-02-17 16:07:54 9E2C88B8CF7E372951C83514F2D0DDDC 1241888 ----a-w- C:\Users\Marino\Downloads\AdwCleaner.exe 2014-02-17 16:06:27 444D1016CF8768D83B05DCFB9974D001 3813376 ----a-w- C:\Users\Marino\Downloads\RogueKiller.exe 2014-02-17 11:30:34 008DE55BAED62FBE32A983A54E6F1233 204496 ----a-w- C:\Users\Marino\Downloads\startuplite-setup-1.07.exe 2014-02-17 11:27:26 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Users\Marino\Downloads\mbar-1.07.0.1009.exe 2014-02-17 11:19:10 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Marino\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-20 17:12:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI-83 Plus Flash Debugger 2014-01-19 21:41:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-02-17 20:41:29 36D77E582C5265F521A8A3EC9CC4F64A 2924736 ----a-w- C:\Users\Marino\Downloads\ProcessExplorer\procexp.exe 2014-02-17 20:16:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marino.exe 2014-02-17 20:11:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Marino\Desktop\RSITx64.exe 2014-02-17 19:51:37 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Marino\Downloads\ccsetup410.exe 2014-02-17 19:15:17 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2014-02-17 19:15:17 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2014-02-17 19:15:16 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2014-02-17 19:15:16 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2014-02-17 19:15:16 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2014-02-17 16:07:54 9E2C88B8CF7E372951C83514F2D0DDDC 1241888 ----a-w- C:\Users\Marino\Downloads\AdwCleaner.exe 2014-02-17 16:06:27 444D1016CF8768D83B05DCFB9974D001 3813376 ----a-w- C:\Users\Marino\Downloads\RogueKiller.exe 2014-02-17 11:30:34 008DE55BAED62FBE32A983A54E6F1233 204496 ----a-w- C:\Users\Marino\Downloads\startuplite-setup-1.07.exe 2014-02-17 11:28:19 7C3400A4EAE86C697F74756F783B9DA3 1180472 ----a-w- C:\Users\Marino\Desktop\mbar\mbar.exe 2014-02-17 11:28:16 BA63FE28CD27A9B3501883689EBE4D5C 821560 ----a-w- C:\Users\Marino\Desktop\mbar\Plugins\fixdamage.exe 2014-02-17 11:27:26 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Users\Marino\Downloads\mbar-1.07.0.1009.exe 2014-02-17 11:19:10 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Marino\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-16 22:22:28 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-16 22:22:28 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 22:22:28 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-16 22:21:59 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-16 22:21:59 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-16 22:21:57 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-16 22:21:50 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 10:12:42 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-16 10:12:41 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-16 10:12:41 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-16 10:12:40 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-16 10:12:40 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-16 10:12:40 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-16 10:12:37 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-16 10:12:36 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe === C: other files == 2014-02-17 20:41:17 548C439ECE40F3D3D3776124ED3E937A 1243588 ----a-w- C:\Users\Marino\Downloads\ProcessExplorer.zip 2014-02-17 11:28:21 CD51E1D0D638F1E07A6EDC98CD7F5DDA 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-02-16 18:19:23 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-15 17:32:16 1FBE6DD7B17E6EC533D4C9F26E9EB1E0 114749 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-4116131984-1994455510-1138838673-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify Web Helper"="C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify Web Helper"="C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Broadcom Wireless Manager UI"="C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] ==== Startup Folders ====================== 2011-03-22 17:56:27 1984 ----a-w- C:\Users\Marino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk 2011-03-21 15:24:35 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2013-11-30 13:10:35 1933 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07-02-2014 17:38] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{DC4FD3FD-094F-40AA-88BD-C7952BF0F60A}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] Google Drive - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Until AM for Chrome - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl Google Wallet - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Last updated at time on date - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch Gmail - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Marino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=169 folders=97 107334699 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Marino\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Marino\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 18-02-2014 at 6:08:07,38 ======================
  8. mharinck
    Hallo, Ik heb een forum gevonden met hetzelfde probleem, (ook een trage computer), en daar werd aanbevolen een logbestand te posten, wat gemaakt is via het programma RSIT. Ik heb het besturingssysteem opgezocht, 64 bit, en heb de stappen gevolgd hoe ik het logbestand moet aanmaken en posten. Dus bij deze. Ik hoop dat dit jullie ook op weg helpt en dat ik hiermee wat tijd voor jullie en mijzelf bespaar Groet, Marino Logfile of random's system information tool 1.09 (written by random/random) Run by Marino at 2014-02-17 21:16:19 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 156 GB (34%) free of 462 GB Total RAM: 3957 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:16:27, on 17-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Marino.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing) O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10475 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\Dell\DellDock\DockLogin.exe" atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe" C:\Windows\system32\WLANExt.exe 32385808 \??\C:\Windows\system32\conhost.exe "-297924225840800066-1733601462-595225488-10682928081387870339475133041-1981701722 C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "taskhost.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\Explorer.EXE WLIDSvcM.exe 2264 "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" "C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe" "C:\Program Files\Dell\DellDock\DellDock.exe" "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[s0].txt "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3944.0.225504008\102933007" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.104.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.1.1128156339\716365248" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.2.964460842\1234227449" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.4.1970060052\1206414724" /prefetch:673131151 "C:\Users\Marino\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288] "Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2009-12-16 5470208] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-07 2122536] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-01-07 1815464] "Spotify Web Helper"=C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-02-15 1171968] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-05-23 128296] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe C:\Users\Marino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-02-17 21:16:20 ----D---- C:\Program Files\trend micro 2014-02-17 21:16:19 ----D---- C:\rsit 2014-02-17 20:28:31 ----SHD---- C:\$RECYCLE.BIN 2014-02-17 20:28:27 ----D---- C:\Windows\temp 2014-02-17 20:28:25 ----A---- C:\ComboFix.txt 2014-02-17 20:15:17 ----A---- C:\Windows\SWREG.exe 2014-02-17 20:15:17 ----A---- C:\Windows\PEV.exe 2014-02-17 20:15:17 ----A---- C:\Windows\NIRCMD.exe 2014-02-17 20:15:17 ----A---- C:\Windows\MBR.exe 2014-02-17 20:15:16 ----A---- C:\Windows\zip.exe 2014-02-17 20:15:16 ----A---- C:\Windows\SWSC.exe 2014-02-17 20:15:16 ----A---- C:\Windows\sed.exe 2014-02-17 20:15:16 ----A---- C:\Windows\grep.exe 2014-02-17 17:08:39 ----D---- C:\Qoobox 2014-02-17 17:08:32 ----D---- C:\AdwCleaner 2014-02-17 17:07:50 ----D---- C:\Windows\erdnt 2014-02-17 12:28:21 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-02-16 19:19:51 ----D---- C:\Users\Marino\AppData\Roaming\Malwarebytes 2014-02-16 19:19:32 ----D---- C:\ProgramData\Malwarebytes 2014-02-16 19:19:23 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-02-16 19:19:22 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-16 19:16:40 ----D---- C:\Program Files\CCleaner 2014-02-16 11:13:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-16 11:13:34 ----A---- C:\Windows\system32\vbscript.dll 2014-02-16 11:12:44 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-16 11:12:44 ----A---- C:\Windows\system32\msrating.dll 2014-02-16 11:12:43 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-16 11:12:43 ----A---- C:\Windows\system32\ieui.dll 2014-02-16 11:12:42 ----A---- C:\Windows\system32\iernonce.dll 2014-02-16 11:12:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-16 11:12:42 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-16 11:12:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-16 11:12:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-16 11:12:41 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-16 11:12:41 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-16 11:12:40 ----A---- C:\Windows\system32\iesetup.dll 2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-16 11:12:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-16 11:12:39 ----A---- C:\Windows\system32\mshtml.dll 2014-02-16 11:12:39 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-16 11:12:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-16 11:12:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-16 11:12:38 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-16 11:12:37 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-16 11:12:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-16 11:12:37 ----A---- C:\Windows\system32\wininet.dll 2014-02-16 11:12:37 ----A---- C:\Windows\system32\urlmon.dll 2014-02-16 11:12:37 ----A---- C:\Windows\system32\iertutil.dll 2014-02-16 11:12:35 ----A---- C:\Windows\system32\ieframe.dll 2014-02-16 11:12:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-16 11:12:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-16 11:12:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-16 11:12:32 ----A---- C:\Windows\system32\jscript9.dll 2014-02-15 15:02:07 ----A---- C:\Windows\system32\msxml3.dll 2014-02-15 15:02:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-15 15:02:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-15 15:02:06 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-15 15:01:35 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-15 15:01:35 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-15 15:01:35 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-15 15:01:35 ----A---- C:\Windows\system32\d2d1.dll 2014-02-15 14:44:02 ----D---- C:\Program Files\McAfee Security Scan 2014-02-08 05:59:24 ----D---- C:\Games 2014-01-20 18:12:01 ----D---- C:\Program Files (x86)\TI Education 2014-01-19 22:41:36 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-19 22:41:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-19 22:41:29 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-19 22:41:29 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-18 13:32:41 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-18 13:32:39 ----A---- C:\Windows\system32\win32k.sys ======List of files/folders modified in the last 1 month====== 2014-02-17 21:16:20 ----RD---- C:\Program Files 2014-02-17 21:05:49 ----D---- C:\Windows\system32\config 2014-02-17 20:53:22 ----D---- C:\Program Files (x86)\Steam 2014-02-17 20:53:14 ----D---- C:\Windows\inf 2014-02-17 20:53:03 ----D---- C:\Windows\debug 2014-02-17 20:53:03 ----D---- C:\Windows 2014-02-17 20:46:14 ----D---- C:\Windows\System32 2014-02-17 20:46:14 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-17 20:30:41 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-02-17 20:30:40 ----D---- C:\Windows\SysWOW64 2014-02-17 20:24:55 ----A---- C:\Windows\system.ini 2014-02-17 20:24:48 ----D---- C:\Windows\system32\drivers\etc 2014-02-17 20:21:36 ----D---- C:\Windows\SYSWOW64\drivers 2014-02-17 20:21:36 ----D---- C:\Windows\AppPatch 2014-02-17 20:21:35 ----D---- C:\Program Files (x86)\Common Files 2014-02-17 20:15:22 ----D---- C:\Windows\Prefetch 2014-02-17 20:13:26 ----D---- C:\Windows\system32\drivers 2014-02-17 20:12:07 ----D---- C:\Windows\system32\Tasks 2014-02-17 16:57:49 ----D---- C:\ProgramData 2014-02-17 13:14:38 ----RSD---- C:\Windows\assembly 2014-02-17 13:14:38 ----D---- C:\Windows\Microsoft.NET 2014-02-17 13:03:06 ----D---- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP 2014-02-17 13:01:42 ----SHD---- C:\System Volume Information 2014-02-17 12:05:06 ----SHD---- C:\Windows\Installer 2014-02-16 23:55:25 ----D---- C:\Program Files (x86) 2014-02-16 23:23:03 ----D---- C:\Windows\system32\MRT 2014-02-16 20:12:08 ----A---- C:\Windows\system32\MRT.exe 2014-02-16 19:21:37 ----D---- C:\Users\Marino\AppData\Roaming\DAEMON Tools Pro 2014-02-16 19:21:37 ----D---- C:\Users\Marino\AppData\Roaming\DAEMON Tools Lite 2014-02-16 19:21:29 ----D---- C:\Users\Marino\AppData\Roaming\uTorrent 2014-02-16 19:20:41 ----D---- C:\Windows\Panther 2014-02-16 19:20:41 ----D---- C:\Windows\ModemLogs 2014-02-16 19:20:32 ----D---- C:\Windows\Logs 2014-02-16 19:20:31 ----D---- C:\Windows\Minidump 2014-02-16 19:09:05 ----D---- C:\Windows\Tasks 2014-02-16 19:09:04 ----D---- C:\Windows\system32\wfp 2014-02-16 19:09:01 ----D---- C:\Windows\system32\wbem 2014-02-16 19:08:14 ----D---- C:\Windows\system32\DriverStore 2014-02-16 19:08:14 ----D---- C:\Windows\system32\catroot2 2014-02-16 19:08:13 ----D---- C:\Windows\winsxs 2014-02-16 19:08:11 ----DC---- C:\Windows\system32\DRVSTORE 2014-02-16 19:08:07 ----D---- C:\ProgramData\Ubisoft 2014-02-16 19:08:07 ----D---- C:\ProgramData\McAfee Security Scan 2014-02-16 19:08:07 ----D---- C:\ProgramData\DAEMON Tools Lite 2014-02-16 19:08:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-02-16 19:08:05 ----D---- C:\Program Files\WIDCOMM 2014-02-16 19:08:05 ----D---- C:\Program Files\MotioninJoy 2014-02-16 19:08:05 ----D---- C:\Program Files (x86)\Ubisoft 2014-02-16 19:08:05 ----D---- C:\Program Files (x86)\SopCast 2014-02-16 19:08:04 ----D---- C:\Windows\registration 2014-02-16 15:42:08 ----D---- C:\Program Files\Internet Explorer 2014-02-16 15:42:08 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-16 15:29:14 ----D---- C:\Users\Marino\AppData\Roaming\Spotify 2014-02-16 11:26:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-16 11:20:30 ----D---- C:\Windows\system32\catroot 2014-02-15 23:13:58 ----D---- C:\Windows\system32\NDF 2014-02-08 17:19:26 ----D---- C:\ProgramData\Electronic Arts 2014-02-08 17:04:28 ----HD---- C:\Users\Marino\AppData\Roaming\Origin 2014-02-08 06:09:51 ----D---- C:\ProgramData\Origin 2014-02-07 17:38:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-04 09:39:36 ----A---- C:\Windows\system32\msvcr100.dll 2014-02-04 09:39:36 ----A---- C:\Windows\system32\msvcp100.dll 2014-01-20 18:12:07 ----A---- C:\AUTOEXEC.BAT 2014-01-19 22:49:06 ----D---- C:\ProgramData\Oracle 2014-01-19 22:41:29 ----D---- C:\Program Files (x86)\Java 2014-01-19 12:30:34 ----D---- C:\ProgramData\Microsoft Help 2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2007-11-14 53488] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-14 283064] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768] R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-12-16 22520] R3 BCM43XX;Stuurprogramma voor DW WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-12-16 3053560] R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2009-12-16 20984] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2011-08-29 117520] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-06 321584] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2010-08-19 74960] S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-03-30 53800] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2010-03-30 98344] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-03-30 132648] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-30 35104] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-03-30 21160] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-11-24 98616] S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136] S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-12-02 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992] S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys [] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 203320] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216] S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys [] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216] S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 873248] R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2010-01-11 155648] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-29 76888] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R2 wltrysvc;DW WLAN Tray Service; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [2009-12-16 48128] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07 257928] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256] S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768] S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-01-16 74392] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  9. mharinck
    Sinds kort is het CPU-gebruik van mijn pc erg hoog (+/- 45%) terwijl er geen programma draait wat dit kan verklaren. Ik heb wat rondgekeken op de forums van deze site met dezelfde problemen, maar kan er niet goed uitkomen wat ik nu moet doen. Als ik kijk wat voor programma mijn cpu zo hoog maakt, is dat het volgende programma: svchost.exe (LocalSystemNetworkRestricted). Ik heb het programma Malwarebytes laten scannen en hieruit bleek dat ik last had van Trojan.BitcoinMiner's had. Ik heb toen de processen svchost.exe laten beïndigen via het Taakbeheer. Nu heb ik echter weer een scan gedaan maar nu zegt Malwarebytes dat er geen bedreigingen meer zijn, maar mijn CPU gebruik blijft onveranderd hoog. (nog steeds rond de 45%) Kan iemand mij hierbij helpen? Alvast bedankt!!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.