jl72
Lid-
Items
12 -
Registratiedatum
-
Laatst bezocht
jl72's prestaties
-
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Hallo Kape, Net nog even een paar dingen gedaan: Utorrent verwijderd en eveneens AVG tune-up. Van AVG tuneup kreeg ik de laatste tijd steeds meldingen in mijn taakbalk dat het verlopen was en ik het kon aanschaffen. Nu loopt mijn computer weer als een trein en ik ben heel erg dankbaar voor de tijd en aandacht die je hebt besteed aan mijn probleem. Nogmaals heel erg bedankt voor de vakkundige begeleiding, echt heel erg top! Groeten, Jan Lourens Veenstra. -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Kan ik via REGEDIT de software van Utorrent verwijderen? Ik heb al een kijkje genomen maar ik heb geen idee wat ik wel en niet kan doen. Vriendelijke groeten, Jan Lourens Veenstra -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Het trachten verwijderen van Utorrent heb ik gedaan in veilig modus, vandaag een paar keer in normale modus geprobeerd, eenmaal met mijn administrator account kwam ik weer eens tot het laden van de pictogrammen rechts onder in de taakbalk (geluid, verbinding, windows 10 update en het computerprobleem oplossing vlaggetje) maar daarna met de eerste actie direct weer vastgelopen. -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Hallo, Vanuit menu start -->configuratiescherm --> programma's krijg ik na kiezen VERWIJDEREN bij Utorrent: U bent niet gemachtigd, neem contact op met uw systeembeheerder. Groeten, Jan Lourens Veenstra. -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Goedendag Kape, Vandaag de computer in normale modus opgestart, maar de taakbalk liep weer vast, zo gauw het netwerk icoontje met de internetverbinding verschijnt, loopt deze vast. Er zijn een aantal opties waar ik aan denk dat mijn taakbalk vastloopt: 1: Bij het opstartproces van mijn Utorrent gaat iets verkeerd; dit programma zal ik nu ook verwijderen 2: De nieuwe versie van AVG werkt niet naar behoren 3: Windows is ook nog recent geupdated, maar mocht hier wat fout mee zijn dan zou het probleem denk ik veel groter zijn. Mochten er van jouw kant nog opties zijn dan hoor ik het graag, maar tot zo ver ben ik al erg blij om te weten dat er een gigantische rotzooi van mijn PC af is gehaald! Groeten, Jan Lourens Veenstra -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Resultaat na de 2e scan log.txt -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Het scannen met de ESET-online scanner is ook geslaagd Daarna onder programfiles het logbestand gezocht en daar vond ik het niet. Nieuwe scan gestart en even later weer achter de computer zag ik het mapje programfiles(x86) en daar vond ik het bestand. Dit bestand zit bijgevoegd in dit bericht. Groeten, Jan Lourens Veenstra. log.txt -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Hallo, Dit is ook weer gelukt, na het opstarten kwam ik weer in de normale modus bij mijn account, maar na inloggen loopt nog steeds de taakbalk vast, kan dat kloppen? Er staan meer bestanden in het mapje dus heb ik ze maar allemaal bijgevoegd. Het duurde even voordat ik weer actie kon ondernemen, we hadden hier last van een tijdelijke stroomstoring Groeten, Jan Lourens AdwCleanerC1.txt AdwCleanerS1.txt Quarantine.log -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
zoek-results.txtGoedendag, De deepscan is geslaagd, hier dan mijn results bijgevoegd. Vriendelijke groeten, Jan Lourens. -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Hallo, Heel erg bedankt voor deze informatie, ik zal er straks mee aan de slag gaan voor zo ver is me alles duidelijk, zal het zo nog een keer goed doorlezen. Nog een kleine vraag, moet ik mijn comodo firewall ook uitschakelen? Groeten, Jan Lourens -
waarschijnlijk malware op mijn computer
jl72 reageerde op jl72's topic in Archief Bestrijding malware & virussen
Logfile of random's system information tool 1.10 (written by random/random) Run by 'indonesia' at 2015-12-14 16:09:03 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1184 GB (84%) free of 1418 GB Total RAM: 4077 MB (76% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:09:25, on 14-12-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18123) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\'indonesia'\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\'indonesia'.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/27 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/27 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPCON/27 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: midicair - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files (x86)\midicair\prxtbmidi.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: midicair Toolbar - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files (x86)\midicair\prxtbmidi.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: (no name) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - (no file) O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.9.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15182 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE ctfmon.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="1208.5.729858069\2033519085" --font-cache-shared-handle=2008 /prefetch:673131151 "C:\Users\'indonesia'\Downloads\HijackThis.exe" "C:\Windows\system32\NOTEPAD.EXE" C:\Users\'indonesia'\Downloads\hijackthis.log "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="1208.15.877947081\1962381404" --font-cache-shared-handle=4208 /prefetch:673131151 C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="1208.17.1559010749\1349806003" --font-cache-shared-handle=5184 /prefetch:673131151 "C:\Users\'indonesia'\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForJANLOURENSVEENS$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJANLOURENSVEENS$ (null) C:\Windows\tasks\HPCeeScheduleForSYSTEM.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSYSTEM (null) C:\Windows\tasks\SetupManager.job - C:\Program Files (x86)\Hewlett-Packard\Setup Manager\Toaster.exe /SetupManager ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}] AVG Do Not Track [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}] PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll [2014-04-18 1104552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] Babylon toolbar helper [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}] Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-10-05 712264] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77f8c945-4b74-4bd6-a073-e0d1997edce8}] midicair Toolbar - C:\Program Files (x86)\midicair\prxtbmidi.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-04 3548048] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-10-05 62864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}] PrivDog Extension - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll [2014-04-18 948392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] Yontoo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288] {98889811-442D-49dd-99D7-DC866BE87DBC} - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - midicair Toolbar - C:\Program Files (x86)\midicair\prxtbmidi.dll [2011-05-09 176936] {ae07101b-46d4-4a98-af68-0333ea26e113} {F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-04 3548048] {EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040] {377e5d4d-77e5-476a-8716-7e70a9272da0} {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-10-05 712264] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-21 62768] "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06 1427648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkury Chrome Smartbar] C:\Users\janlourensveenstra\AppData\Local\Linkury\Application\Smartbar.exe startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlusForSkypeService] C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-12-16 1508408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-05-06 658424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivDogService] C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.22\trustedadssvc.exe [2014-04-18 662696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-01 336384] ""= [] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-05-18 61112] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2015-09-15 2567568] "SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032] "Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-16 231768] "VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-10-05 44784] "Magic Desktop for HP notification"=C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [2013-12-31 1258504] "AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-13 3855272] "AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-27 1136552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-11-16 52920] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-12-14 16:09:03 ----D---- C:\rsit 2015-12-14 16:09:03 ----D---- C:\Program Files\trend micro 2015-12-14 09:16:36 ----A---- C:\Windows\ntbtlog.txt 2015-12-10 14:11:38 ----A---- C:\Windows\system32\TURegOpt.exe 2015-12-10 14:11:36 ----A---- C:\Windows\SYSWOW64\authuitu.dll 2015-12-10 14:11:36 ----A---- C:\Windows\system32\authuitu.dll 2015-12-09 10:52:36 ----A---- C:\Windows\SYSWOW64\tzres.dll 2015-12-09 10:52:36 ----A---- C:\Windows\system32\tzres.dll 2015-12-09 10:52:33 ----A---- C:\Windows\SYSWOW64\usp10.dll 2015-12-09 10:52:33 ----A---- C:\Windows\system32\usp10.dll 2015-12-09 10:52:32 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-12-09 10:52:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-12-09 10:52:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-12-09 10:52:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wuwebv.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wups2.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wups.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wudriver.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wucltux.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wuaueng.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wuauclt.exe 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wuapp.exe 2015-12-09 10:52:32 ----A---- C:\Windows\system32\wuapi.dll 2015-12-09 10:52:32 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-12-09 10:52:31 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-12-09 10:52:31 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-12-09 10:52:26 ----A---- C:\Windows\SYSWOW64\nlsbres.dll 2015-12-09 10:52:26 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll 2015-12-09 10:52:26 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL 2015-12-09 10:52:26 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL 2015-12-09 10:52:26 ----A---- C:\Windows\system32\nlsbres.dll 2015-12-09 10:52:26 ----A---- C:\Windows\system32\kbdgeoqw.dll 2015-12-09 10:52:26 ----A---- C:\Windows\system32\KBDAZEL.DLL 2015-12-09 10:52:26 ----A---- C:\Windows\system32\KBDAZE.DLL 2015-12-09 10:52:24 ----A---- C:\Windows\SYSWOW64\wshrm.dll 2015-12-09 10:52:24 ----A---- C:\Windows\system32\wshrm.dll 2015-12-09 10:52:24 ----A---- C:\Windows\system32\drivers\rmcast.sys 2015-12-09 10:52:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2015-12-09 10:52:21 ----A---- C:\Windows\system32\win32k.sys 2015-12-09 10:52:21 ----A---- C:\Windows\system32\FntCache.dll 2015-12-09 10:52:21 ----A---- C:\Windows\system32\DWrite.dll 2015-12-09 10:52:20 ----A---- C:\Windows\system32\user32.dll 2015-12-09 10:52:19 ----A---- C:\Windows\SYSWOW64\user32.dll 2015-12-09 10:52:18 ----A---- C:\Windows\SYSWOW64\comsvcs.dll 2015-12-09 10:52:18 ----A---- C:\Windows\SYSWOW64\catsrvut.dll 2015-12-09 10:52:18 ----A---- C:\Windows\system32\comsvcs.dll 2015-12-09 10:52:18 ----A---- C:\Windows\system32\catsrvut.dll 2015-12-09 10:52:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-12-09 10:52:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-12-09 10:52:16 ----A---- C:\Windows\system32\iertutil.dll 2015-12-09 10:52:16 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-12-09 10:52:15 ----A---- C:\Windows\SYSWOW64\occache.dll 2015-12-09 10:52:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-12-09 10:52:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-12-09 10:52:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-12-09 10:52:15 ----A---- C:\Windows\system32\iernonce.dll 2015-12-09 10:52:15 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-12-09 10:52:15 ----A---- C:\Windows\system32\ie4uinit.exe 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-12-09 10:52:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-12-09 10:52:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 10:52:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-12-09 10:52:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-12-09 10:52:13 ----A---- C:\Windows\SYSWOW64\jscript.dll 2015-12-09 10:52:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-12-09 10:52:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-12-09 10:52:13 ----A---- C:\Windows\system32\urlmon.dll 2015-12-09 10:52:13 ----A---- C:\Windows\system32\occache.dll 2015-12-09 10:52:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 10:52:13 ----A---- C:\Windows\system32\iedkcs32.dll 2015-12-09 10:52:12 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-12-09 10:52:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-12-09 10:52:12 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-12-09 10:52:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 10:52:12 ----A---- C:\Windows\system32\msfeeds.dll 2015-12-09 10:52:12 ----A---- C:\Windows\system32\dxtrans.dll 2015-12-09 10:52:11 ----A---- C:\Windows\system32\iesetup.dll 2015-12-09 10:52:11 ----A---- C:\Windows\system32\ieapfltr.dll 2015-12-09 10:52:10 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-12-09 10:52:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2015-12-09 10:52:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-12-09 10:52:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-12-09 10:52:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-12-09 10:52:10 ----A---- C:\Windows\system32\vbscript.dll 2015-12-09 10:52:10 ----A---- C:\Windows\system32\jsproxy.dll 2015-12-09 10:52:09 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-12-09 10:52:09 ----A---- C:\Windows\system32\ieui.dll 2015-12-09 10:52:09 ----A---- C:\Windows\system32\ieframe.dll 2015-12-09 10:52:09 ----A---- C:\Windows\system32\dxtmsft.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\webcheck.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\mshtmled.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\jscript9diag.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\jscript.dll 2015-12-09 10:52:08 ----A---- C:\Windows\system32\ieUnatt.exe 2015-12-09 10:52:07 ----A---- C:\Windows\system32\wininet.dll 2015-12-09 10:52:07 ----A---- C:\Windows\system32\jscript9.dll 2015-12-09 10:52:06 ----A---- C:\Windows\system32\msrating.dll 2015-12-09 10:52:06 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-12-09 10:52:06 ----A---- C:\Windows\system32\mshtml.dll 2015-12-09 10:51:27 ----A---- C:\Windows\SYSWOW64\els.dll 2015-12-09 10:51:27 ----A---- C:\Windows\system32\els.dll 2015-11-27 23:00:36 ----D---- C:\Users\'indonesia'\AppData\Roaming\AVG 2015-11-27 22:55:10 ----D---- C:\ProgramData\Avg ======List of files/folders modified in the last 1 month====== 2015-12-14 16:09:03 ----RD---- C:\Program Files 2015-12-14 12:06:12 ----D---- C:\Windows\System32 2015-12-14 12:06:12 ----D---- C:\Windows\inf 2015-12-14 12:06:12 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-12-14 11:36:36 ----D---- C:\Windows\Temp 2015-12-14 11:33:29 ----A---- C:\Windows\SYSWOW64\log.txt 2015-12-14 11:31:34 ----D---- C:\Windows\system32\config 2015-12-14 11:31:29 ----D---- C:\ProgramData\PDFC 2015-12-14 11:31:12 ----D---- C:\ProgramData\MFAData 2015-12-14 09:16:36 ----D---- C:\Windows 2015-12-13 22:35:04 ----SHD---- C:\System Volume Information 2015-12-13 14:47:27 ----SHD---- C:\Windows\Installer 2015-12-13 14:47:25 ----SHD---- C:\Config.Msi 2015-12-10 14:14:30 ----D---- C:\ProgramData\Temp 2015-12-10 14:14:29 ----HD---- C:\ProgramData 2015-12-10 14:11:36 ----D---- C:\Windows\SysWOW64 2015-12-10 14:11:18 ----D---- C:\Program Files (x86)\AVG 2015-12-10 14:06:33 ----D---- C:\Windows\Minidump 2015-12-10 14:06:12 ----D---- C:\Windows\system32\Tasks 2015-12-10 14:06:09 ----D---- C:\Windows\Tasks 2015-12-10 14:05:23 ----SHD---- C:\$RECYCLE.BIN 2015-12-10 14:03:31 ----D---- C:\Windows\Prefetch 2015-12-10 09:05:23 ----D---- C:\Windows\Microsoft.NET 2015-12-10 09:04:47 ----RSD---- C:\Windows\assembly 2015-12-10 08:53:19 ----D---- C:\Windows\winsxs 2015-12-10 08:49:50 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-12-10 08:49:50 ----D---- C:\Windows\system32\nl-NL 2015-12-10 08:49:48 ----RSD---- C:\Windows\Fonts 2015-12-10 08:49:47 ----D---- C:\Windows\ehome 2015-12-10 08:49:46 ----D---- C:\Windows\system32\drivers 2015-12-10 08:49:45 ----D---- C:\Windows\SYSWOW64\en-US 2015-12-10 08:49:45 ----D---- C:\Program Files\Internet Explorer 2015-12-10 08:49:44 ----D---- C:\Windows\system32\en-US 2015-12-10 08:49:43 ----D---- C:\Program Files (x86)\Internet Explorer 2015-12-09 12:38:55 ----D---- C:\Program Files\Microsoft Silverlight 2015-12-09 12:38:55 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2015-12-09 12:36:52 ----D---- C:\Windows\system32\MRT 2015-12-09 12:27:41 ----A---- C:\Windows\system32\MRT.exe 2015-12-09 10:50:59 ----D---- C:\Windows\system32\catroot2 2015-12-02 14:57:09 ----RD---- C:\Program Files (x86) 2015-11-27 23:01:57 ----D---- C:\ProgramData\AVG2015 2015-11-27 22:59:36 ----D---- C:\Program Files\Common Files\AV ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-11-27 298416] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-11-27 255408] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-11-27 42416] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-11-27 302000] R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-11-19 21184] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-08-05 45856] R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-08-05 105096] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968] S0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-11-27 398256] S1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-27 197040] S1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-11-27 313776] S1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-11-27 284080] S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-11-19 806032] S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-02 9320448] S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-02 306688] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-31 114704] S3 DCamUSBNovatek;USB2.0 UVC Camera; C:\Windows\System32\Drivers\nvtcam.sys [2010-07-14 2746624] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-11 6108416] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-20 3074664] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-11-23 31144] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2015-07-26 19968] S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-02 203776] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272] S2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-27 1046952] S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-11 579776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-09-12 5542472] S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2015-02-16 2370240] S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-24 514232] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200] S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] S2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] S2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-26 249648] S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-12-10 4378024] S2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-10-05 42504] S2 vToolbarUpdater18.9.0;vToolbarUpdater18.9.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [2015-10-04 1862032] S2 WebOptimizer;WebOptimizer; C:\Windows\system32\dmwu.exe [2012-08-16 436344] S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27 267440] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-13 615584] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-06 2265792] S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-11-20 227904] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-11-15 259664] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-14 1129760] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-12-18 104944] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1255736] S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400] S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728] S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680] S4 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF----------------- -
waarschijnlijk malware op mijn computer
jl72 plaatste een topic in Archief Bestrijding malware & virussen
Goedendag, Mijn taakbalk slaat vast na het opstarten van windows. Ik ben bij jullie website uitgekomen en heb inmiddels HijakThis geinstalleerd en een scan gemaakt van het geheel. Dit gedaan na het lezen van een forumbericht op jullie site. Ik stuur jullie mijn log met dit bericht.hijackthis.log De problemen zijn begonnen na een update van AVG virusscanner en nadat ik via dat programma een systeemoptimalisatie heb laten draaien. Hierna duurde het vaak heel erg lang voordat de PC ging afsluiten, soms na drukken op ENTER of SPATIEBALK versnelde het proces
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!