Have0
-
Items
408 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Have0
-
Internetpagina slaat vast, reageert/laadt traag
Have0 plaatste een topic in Archief Bestrijding malware & virussen
Beste lezer/lezeres, wie kan me helpen met dit probleem ? Hieronder vind u alvast de logfiles. Bedankt alvast voor uw tijd en moeite ! Logfile of random's system information tool 1.10 (written by random/random) Run by Have0 at 2014-10-16 17:17:07 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 14 GB (19%) free of 76 GB Total RAM: 4095 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:18:06, on 16-10-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17344) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\Program Files\trend micro\Have0.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9158 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=efcdb951-e5b1-4d06-8a56-03498fd87b3b /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\cd33dd63-955b-473f-b1cf-91666f7a7620-150-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE 0x2e8 C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService atieclxx "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" taskeng.exe {D4E709C7-9AF3-45C5-8C48-06720A542525} "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" Atouch64.exe "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding ATKOSD.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "294554727-1220486195233554166-1806270348-1714064871027874141-20290401631132847935 KBFiltr.exe WDC.exe "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" C:\Windows\Explorer.EXE "C:\Windows\system32\Dwm.exe" C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-10dfb93f-150e-47ca-979e-03feff842c1b -SystemEventPortName:HostProcess-ae424ea4-cbed-4964-9278-f8395cf03c99 -IoCancelEventPortName:HostProcess-3df3500f-434c-4965-b317-1c8e3b29f833 -NonStateChangingEventPortName:HostProcess-54a2682a-eaeb-4020-8bc5-16dcdb1f017e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3a82abc1-d9d8-48b5-b865-54e42da3dbec -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe ctfmon.exe "C:\Program Files (x86)\CCleaner\CCleaner.exe" /uac C:\Windows\system32\sppsvc.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k WerSvcGroup "C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=UPDATE /pri=4 /sched=3 /source=inet /path="" /caller=SCHEDULER C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=324.1698d7b0.1258365619 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 324 "\\.\pipe\gecko-crash-server-pipe.324" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --proxy-stub-channel=Flash5080.69A83FA8.29649 --host-broker-channel=Flash5080.69A83FA8.15697 --host-pid=5080 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --channel=4000.0020F6A4.12158048 --proxy-stub-channel=Flash5080.69A83FA8.29649 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" --host-npapi-version=27 --type=renderer taskhost.exe $(Arg0) C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 21c -InterruptEvent 220 -NGENProcess 1d8 -Pipe 1ac -Comment "NGen Worker Process" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\Have0\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default prefs.js - "browser.search.useDBForOrder" - "false" prefs.js - "browser.startup.homepage" - "https://mysearch.avg.com?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4〈=nl&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-29 17:46:32&v=3.2.0.14&pid=wtu&sg=&sap=hp" prefs.js - "keyword.URL" - "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.152 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.152 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\extensions\ avg@toolbar C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\searchplugins\ avg-secure-search.xml google-.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"=C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-08 1385808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-12-19 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-08 1385808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112] "vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-10-07 2662424] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=16 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-10-16 17:17:07 ----DC---- C:\rsit 2014-10-15 15:10:04 ----A---- C:\Windows\system32\win32k.sys 2014-10-15 15:09:52 ----A---- C:\Windows\SYSWOW64\mscorier.dll 2014-10-15 15:09:52 ----A---- C:\Windows\SYSWOW64\dfshim.dll 2014-10-15 15:09:52 ----A---- C:\Windows\system32\mscorier.dll 2014-10-15 15:09:52 ----A---- C:\Windows\system32\dfshim.dll 2014-10-15 15:09:51 ----A---- C:\Windows\SYSWOW64\mscories.dll 2014-10-15 15:09:51 ----A---- C:\Windows\system32\mscories.dll 2014-10-15 15:08:40 ----A---- C:\Windows\system32\blackbox.dll 2014-10-15 15:08:39 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2014-10-15 15:08:39 ----A---- C:\Windows\system32\drmv2clt.dll 2014-10-15 15:08:37 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2014-10-15 15:08:30 ----A---- C:\Windows\system32\wmp.dll 2014-10-15 15:08:25 ----A---- C:\Windows\system32\mf.dll 2014-10-15 15:08:24 ----A---- C:\Windows\system32\wmdrmsdk.dll 2014-10-15 15:08:22 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2014-10-15 15:08:18 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-10-15 15:08:13 ----A---- C:\Windows\SYSWOW64\wmp.dll 2014-10-15 15:08:07 ----A---- C:\Windows\system32\drmmgrtn.dll 2014-10-15 15:08:06 ----A---- C:\Windows\SYSWOW64\mf.dll 2014-10-15 15:08:05 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2014-10-15 15:08:04 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-10-15 15:08:04 ----A---- C:\Windows\system32\drivers\PEAuth.sys 2014-10-15 15:08:04 ----A---- C:\Windows\system32\ci.dll 2014-10-15 15:08:02 ----A---- C:\Windows\system32\AudioEng.dll 2014-10-15 15:08:01 ----A---- C:\Windows\system32\winload.exe 2014-10-15 15:08:01 ----A---- C:\Windows\system32\quartz.dll 2014-10-15 15:08:00 ----A---- C:\Windows\system32\winresume.exe 2014-10-15 15:07:59 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-10-15 15:07:59 ----A---- C:\Windows\system32\wintrust.dll 2014-10-15 15:07:59 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-10-15 15:07:59 ----A---- C:\Windows\system32\cryptsvc.dll 2014-10-15 15:07:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2014-10-15 15:07:57 ----A---- C:\Windows\system32\evr.dll 2014-10-15 15:07:54 ----A---- C:\Windows\system32\EncDump.dll 2014-10-15 15:07:53 ----A---- C:\Windows\system32\crypt32.dll 2014-10-15 15:07:52 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2014-10-15 15:07:51 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2014-10-15 15:07:51 ----A---- C:\Windows\system32\AudioSes.dll 2014-10-15 15:07:49 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2014-10-15 15:07:49 ----A---- C:\Windows\system32\cryptui.dll 2014-10-15 15:07:47 ----A---- C:\Windows\SYSWOW64\quartz.dll 2014-10-15 15:07:47 ----A---- C:\Windows\SYSWOW64\evr.dll 2014-10-15 15:07:47 ----A---- C:\Windows\system32\mfplat.dll 2014-10-15 15:07:47 ----A---- C:\Windows\system32\audiosrv.dll 2014-10-15 15:07:44 ----A---- C:\Windows\SYSWOW64\cryptui.dll 2014-10-15 15:07:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2014-10-15 15:07:44 ----A---- C:\Windows\system32\srcore.dll 2014-10-15 15:07:44 ----A---- C:\Windows\system32\pcasvc.dll 2014-10-15 15:07:43 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2014-10-15 15:07:43 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2014-10-15 15:07:42 ----A---- C:\Windows\system32\qdvd.dll 2014-10-15 15:07:42 ----A---- C:\Windows\system32\cryptsp.dll 2014-10-15 15:07:41 ----A---- C:\Windows\SYSWOW64\cryptsp.dll 2014-10-15 15:07:41 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-10-15 15:07:39 ----A---- C:\Windows\system32\msscp.dll 2014-10-15 15:07:36 ----A---- C:\Windows\system32\msnetobj.dll 2014-10-15 15:07:35 ----A---- C:\Windows\system32\rstrui.exe 2014-10-15 15:07:35 ----A---- C:\Windows\system32\appidsvc.dll 2014-10-15 15:07:34 ----A---- C:\Windows\SYSWOW64\msscp.dll 2014-10-15 15:07:34 ----A---- C:\Windows\system32\drivers\appid.sys 2014-10-15 15:07:34 ----A---- C:\Windows\system32\audiodg.exe 2014-10-15 15:07:34 ----A---- C:\Windows\system32\appidapi.dll 2014-10-15 15:07:33 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2014-10-15 15:07:33 ----A---- C:\Windows\system32\rrinstaller.exe 2014-10-15 15:07:32 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2014-10-15 15:07:31 ----A---- C:\Windows\SYSWOW64\mfps.dll 2014-10-15 15:07:31 ----A---- C:\Windows\system32\mfps.dll 2014-10-15 15:07:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2014-10-15 15:07:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 15:07:29 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2014-10-15 15:07:29 ----A---- C:\Windows\system32\setbcdlocale.dll 2014-10-15 15:07:29 ----A---- C:\Windows\system32\mfpmp.exe 2014-10-15 15:07:28 ----A---- C:\Windows\SYSWOW64\srclient.dll 2014-10-15 15:07:28 ----A---- C:\Windows\system32\srclient.dll 2014-10-15 15:07:27 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 15:07:26 ----A---- C:\Windows\system32\spwmp.dll 2014-10-15 15:07:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2014-10-15 15:07:23 ----A---- C:\Windows\SYSWOW64\mferror.dll 2014-10-15 15:07:23 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2014-10-15 15:07:23 ----A---- C:\Windows\system32\mferror.dll 2014-10-15 15:07:23 ----A---- C:\Windows\system32\dxmasf.dll 2014-10-15 15:07:22 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2014-10-15 15:07:22 ----A---- C:\Windows\system32\wmploc.DLL 2014-10-15 15:06:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-10-15 15:06:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-10-15 15:06:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-10-15 15:06:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-10-15 15:06:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-10-15 15:06:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-10-15 15:06:33 ----A---- C:\Windows\system32\iernonce.dll 2014-10-15 15:06:33 ----A---- C:\Windows\system32\ie4uinit.exe 2014-10-15 15:06:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-10-15 15:06:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 15:06:32 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-10-15 15:06:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-10-15 15:06:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-10-15 15:06:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-10-15 15:06:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-10-15 15:06:25 ----A---- C:\Windows\system32\iedkcs32.dll 2014-10-15 15:06:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-10-15 15:06:24 ----A---- C:\Windows\system32\urlmon.dll 2014-10-15 15:06:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-10-15 15:06:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 15:06:21 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-10-15 15:06:20 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-10-15 15:06:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-10-15 15:06:20 ----A---- C:\Windows\system32\msfeeds.dll 2014-10-15 15:06:20 ----A---- C:\Windows\system32\dxtmsft.dll 2014-10-15 15:06:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-10-15 15:06:17 ----A---- C:\Windows\system32\iesetup.dll 2014-10-15 15:06:15 ----A---- C:\Windows\system32\iertutil.dll 2014-10-15 15:06:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-10-15 15:06:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-10-15 15:06:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-10-15 15:06:12 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-10-15 15:06:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-10-15 15:06:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-10-15 15:06:11 ----A---- C:\Windows\system32\jsproxy.dll 2014-10-15 15:06:10 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-10-15 15:06:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-10-15 15:06:07 ----A---- C:\Windows\system32\dxtrans.dll 2014-10-15 15:06:03 ----A---- C:\Windows\system32\ieui.dll 2014-10-15 15:06:02 ----A---- C:\Windows\system32\ieframe.dll 2014-10-15 15:06:00 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-10-15 15:06:00 ----A---- C:\Windows\system32\mshtmled.dll 2014-10-15 15:05:59 ----A---- C:\Windows\system32\ieUnatt.exe 2014-10-15 15:05:58 ----A---- C:\Windows\system32\jscript9diag.dll 2014-10-15 15:05:58 ----A---- C:\Windows\system32\jscript9.dll 2014-10-15 15:05:56 ----A---- C:\Windows\system32\vbscript.dll 2014-10-15 15:05:55 ----A---- C:\Windows\system32\ieapfltr.dll 2014-10-15 15:05:54 ----A---- C:\Windows\system32\wininet.dll 2014-10-15 15:05:53 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-10-15 15:05:52 ----A---- C:\Windows\system32\msrating.dll 2014-10-15 15:05:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 15:05:47 ----A---- C:\Windows\system32\mshtml.dll 2014-10-15 15:05:32 ----A---- C:\Windows\system32\mstscax.dll 2014-10-15 15:05:29 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-10-15 15:04:58 ----A---- C:\Windows\system32\rdpcorets.dll 2014-10-15 15:04:33 ----A---- C:\Windows\system32\rastls.dll 2014-10-15 15:04:32 ----A---- C:\Windows\SYSWOW64\rastls.dll 2014-10-15 15:04:06 ----A---- C:\Windows\system32\termsrv.dll 2014-10-15 15:04:02 ----A---- C:\Windows\system32\winsta.dll 2014-10-15 15:04:01 ----A---- C:\Windows\SYSWOW64\winsta.dll 2014-10-15 15:04:01 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-10-15 15:04:00 ----A---- C:\Windows\system32\winlogon.exe 2014-10-15 15:04:00 ----A---- C:\Windows\system32\rdpcorekmts.dll 2014-10-15 15:03:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-10-15 15:03:58 ----A---- C:\Windows\system32\TSpkg.dll 2014-10-15 15:03:57 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-10-15 15:03:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-10-15 15:03:57 ----A---- C:\Windows\system32\credssp.dll 2014-10-15 15:03:14 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-10-15 15:03:14 ----A---- C:\Windows\system32\packager.dll 2014-09-26 11:48:06 ----DC---- C:\Program Files (x86)\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2014-10-16 17:18:10 ----RSDC---- C:\Windows\assembly 2014-10-16 17:17:38 ----DC---- C:\Program Files\trend micro 2014-10-16 17:15:56 ----DC---- C:\Users\Have0\AppData\Roaming\uTorrent 2014-10-16 17:13:42 ----DC---- C:\ProgramData\MFAData 2014-10-16 17:13:21 ----DC---- C:\Windows\Temp 2014-10-16 17:12:01 ----DC---- C:\Windows\Microsoft.NET 2014-10-16 17:09:33 ----DC---- C:\Windows\system32\Tasks 2014-10-16 17:09:13 ----DC---- C:\Windows\system32\config 2014-10-16 17:08:35 ----AC---- C:\Windows\system32\acovcnt.exe 2014-10-15 20:50:54 ----DC---- C:\Windows\system32\catroot2 2014-10-15 19:55:47 ----D---- C:\Windows\winsxs 2014-10-15 19:55:30 ----SHDC---- C:\Boot 2014-10-15 19:48:49 ----DC---- C:\Windows\System32 2014-10-15 19:48:46 ----DC---- C:\Windows\SysWOW64 2014-10-15 19:48:16 ----DC---- C:\Program Files\Windows Media Player 2014-10-15 19:48:15 ----DC---- C:\Windows\SYSWOW64\nl-NL 2014-10-15 19:48:15 ----DC---- C:\Windows\SYSWOW64\Dism 2014-10-15 19:48:15 ----DC---- C:\Program Files (x86)\Windows Media Player 2014-10-15 19:48:12 ----DC---- C:\Windows\system32\nl-NL 2014-10-15 19:48:12 ----DC---- C:\Windows\system32\drivers 2014-10-15 19:48:12 ----DC---- C:\Windows\system32\Dism 2014-10-15 19:47:29 ----DC---- C:\Windows\system32\CodeIntegrity 2014-10-15 19:47:29 ----D---- C:\Windows\system32\Boot 2014-10-15 19:47:21 ----DC---- C:\Windows\SYSWOW64\en-US 2014-10-15 19:47:21 ----DC---- C:\Windows\system32\en-US 2014-10-15 19:47:21 ----DC---- C:\Program Files\Internet Explorer 2014-10-15 19:47:18 ----DC---- C:\Program Files (x86)\Internet Explorer 2014-10-15 16:44:35 ----SHDC---- C:\Windows\Installer 2014-10-15 16:44:34 ----DC---- C:\Config.Msi 2014-10-15 16:39:06 ----DC---- C:\ProgramData\Microsoft Help 2014-10-15 16:34:55 ----DC---- C:\Windows\Prefetch 2014-10-15 15:59:08 ----DC---- C:\Windows\system32\MRT 2014-10-15 15:59:07 ----DC---- C:\Windows\debug 2014-10-15 15:58:58 ----AC---- C:\Windows\system32\MRT.exe 2014-10-15 15:57:38 ----SHD---- C:\System Volume Information 2014-10-15 15:53:35 ----AC---- C:\Windows\system32\PerfStringBackup.INI 2014-10-15 15:53:34 ----DC---- C:\Windows\inf 2014-10-15 15:02:57 ----DC---- C:\Windows\system32\catroot 2014-10-14 16:42:55 ----DC---- C:\Windows 2014-10-13 16:40:35 ----DC---- C:\ProgramData\Adobe 2014-10-13 16:40:29 ----DC---- C:\Program Files (x86)\Common Files 2014-10-13 16:40:29 ----DC---- C:\Program Files (x86)\Adobe 2014-10-07 18:14:18 ----DC---- C:\Program Files (x86)\AVG Web TuneUp 2014-10-05 20:41:44 ----D---- C:\Windows\rescache 2014-10-05 17:10:18 ----DC---- C:\Windows\system32\FxsTmp 2014-10-03 21:51:55 ----DC---- C:\Program Files (x86)\ASUS 2014-09-27 13:44:59 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-26 12:35:41 ----RDC---- C:\Program Files (x86) 2014-09-22 16:11:52 ----DC---- C:\Program Files (x86)\CCleaner ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-22 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-07-04 19456] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-07-04 56832] S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328] R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-08-29 1843736] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392] S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-10-15 111616] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-26 114288] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- info.txt logfile of random's system information tool 1.10 2014-10-16 17:19:12 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F85100183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731EFE4E110F850C00807E00800F848A00B280EB825532E48A5600CD135DEB9C813EFE7D55AA756EFF7600E88A000F851500B0D1E664E87F00B0DFE660E87800B0FFE664E87100B800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C0074FCBB0700B40ECD10EBF22BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D00000000627A99A82C69760000002021001CFEFFFF0008000078A9D40180FEFFFF07FEFFFF78B1D40100A6500900FEFFFF0FFEFFFF7857250B497F1D1A0000000000000000000000000000000055AA ======Uninstall list====== -->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{214C0F83-C9E0-46C6-8910-305C06508BC3}" "1043" "0" 1Click DVD Copy Pro 4.0.6.2-->"C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\unins000.exe" ABBYY FineReader 9.0 Sprint-->MsiExec.exe /I {F9000000-0018-0000-0000-074957833700} ABBYY FineReader 9.0 Sprint-->MsiExec.exe /X{F9000000-0018-0000-0000-074957833700} Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 15 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe -maintain plugin Adobe Reader XI (11.0.09)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AB0000000001} Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\Setup.exe -runfromtemp -l0x0409 Alice Greenfingers-->"C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\install.log" AMD USB Filter Driver-->MsiExec.exe /X{82809116-D1EE-443C-AE31-F19E709DDF7A} Apple Application Support-->MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0} ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe" ASUS FancyStart-->MsiExec.exe /I{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988} ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9 ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9 ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47} ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5} ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D} ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} Asus WebStorage-->C:\Program Files (x86)\ASUS\Asus WebStorage\uninst.exe Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9} ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF} ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B} AVG 2014-->"C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall AVG 2014-->MsiExec.exe /I{15E4B9CE-C5FB-40B3-A88B-6F210BF46DB7} AVG 2014-->MsiExec.exe /I{977EBBDB-BA86-4975-803C-A7FDDF92A10C} AVG 2014-->MsiExec.exe /I{B42D82E8-FF97-48BB-91AA-86717B2B6B16} AVG Web TuneUp-->C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL Basishandleiding EPSON SX440 Series-->"C:\Program Files (x86)\Epson Software\Epson Manual\EPSON SX440 Series\nl\Bog\DocUnins.exe" Bing Bar-->MsiExec.exe /X{B4089055-D468-45A4-A6BA-5A138DD715FC} CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" Chicken Invaders 2-->"C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\install.log" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21} CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{650DE870-ECA3-4E63-8D77-778512BE5D4C}" "1043" "0" Download Navigator-->MsiExec.exe /X{E728441A-7820-4B1C-87C9-DE7BE37B2953} Epson Connect Printer Setup-->MsiExec.exe /X{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C} Epson Event Manager-->MsiExec.exe /X{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94} EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r EPSON SX440 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\x64\3\E_IINSHBE.EXE /R /APD /P:"EPSON SX440 Series" EpsonNet Print-->C:\Program Files (x86)\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x0009 -EPSON -removeonly ETDWare PS/2-x64 7.0.5.7_WHQL-->C:\Program Files\Elantech\ETDUninst.exe Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755} Gebruikershandleiding EPSON SX440 Series-->"C:\Program Files (x86)\Epson Software\Epson Manual\EPSON SX440 Series\nl\Useg\DocUnins.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Intel WiDi Media Share-->MsiExec.exe /I{275CD120-A23B-47C7-944A-9B6D9CDA583F} Intel® WiDi Media Share-->"C:\ProgramData\Package Cache\{32d14b1d-18fa-48e7-867d-93b7a72c816a}\Intel WiDi Media Share Setup.exe" /uninstall Island Wars 2-->"C:\Program Files (x86)\Asus\Game Park\Island Wars 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Island Wars 2\install.log" Java 7 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417000FF} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} Malwarebytes Anti-Malware versie 2.0.2.1012-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" Microsoft .NET Framework 4.5.1 (Nederlands)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\NLD\\Setup.exe /repair /x86 /x64 /lcid 1043 Microsoft .NET Framework 4.5.1 (NLD)-->MsiExec.exe /X{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09} Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE} Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE} Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2010-->MsiExec.exe /X{90140000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Minecraft1.7.4-->C:\Users\Have0\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe Mozilla Firefox 32.0.3 (x86 en-GB)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Netwerkhandleiding EPSON SX440 Series-->"C:\Program Files (x86)\Epson Software\Epson Manual\EPSON SX440 Series\nl\Netg\DocUnins.exe" QuickTime 7-->MsiExec.exe /I{111EE7DF-FC45-40C7-98A7-753AC46B12FB} SABnzbd 0.7.16-->"C:\Program Files (x86)\SABnzbd\uninstall.exe" Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45} Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D} Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A} Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533} Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C} Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042} Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{63EF0C85-5B63-410F-ACE4-C1D4E6769E7A}" "1043" "0" Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1043" "0" Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1EE5FA17-F624-438C-B7AC-7C5A41E90FA2}" "1043" "0" Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7AC3F78E-ECA0-45F4-A9CC-3E885DA23662}" "1043" "0" Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{9A854864-23D5-4FD5-8357-F4602A2A7CC4}" "1043" "0" Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{5EE42B42-1159-435C-898A-2A3298453B20}" "1043" "0" Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{0BC570F0-7352-4A3A-B2A2-CA56ADA7375F}" "1043" "0" Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{80CEB9D6-F98A-47DD-B41C-DD40B7561AFD}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{09A9DF49-DA06-4093-A2FD-F339211E39EA}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{2C2D6CA0-1F04-4551-A82A-E0800CD616FA}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{E4D76E88-C65F-4003-9C71-EC4306679D17}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0413-1000-0000000FF1CE}" "{8218F3D1-A3CE-483C-819B-855338E4397C}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0413-0000-0000000FF1CE}" "{0B17C286-F7CC-4605-80D0-B465D5A44152}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{07466203-7D4B-49A0-85BC-85CCC297AD9E}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0" SlimCleaner-->MsiExec.exe /X{FBFBDCEB-1921-4771-B80E-09BBD33680D0} Smileyville-->"C:\Program Files (x86)\Asus\Game Park\Smileyville\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Smileyville\install.log" Spotnet-->"C:\Program Files (x86)\Spotnet\unins000.exe" TVersity Codec Pack 1.7-->C:\Program Files (x86)\TVersity Codec Pack\uninst.exe Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1043" "0" Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{9179FC17-97A8-4D98-9E09-05720AF5D44E}" "1043" "0" Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1043" "0" Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1043" "0" Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}" "1043" "0" Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{39767ECA-1731-45DB-AB5B-6BF40E151D66}" "1043" "0" Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1043" "0" Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1043" "0" Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1043" "0" Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1043" "0" Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{9D69691D-823D-4C3E-9B12-563A3F520366}" "1043" "0" Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}" "1043" "0" Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1043" "0" Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1043" "0" Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1043" "0" Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}" "1043" "0" Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BA610006-2C39-4419-9834-CF61AB24810A}" "1043" "0" Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}" "1043" "0" Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B0D672F7-883E-4279-8E75-D97A5445AB46}" "1043" "0" Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}" "1043" "0" Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}" "1043" "0" Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}" "1043" "0" Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{51CCA922-A0CC-47C4-8910-6936D97CAC2E}" "1043" "0" Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{51CCA922-A0CC-47C4-8910-6936D97CAC2E}" "1043" "0" Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2AB483F1-C86E-427A-83B4-23889B03512D}" "1043" "0" Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{2CDD05C4-26E6-4125-8499-EB6D800614EE}" "1043" "0" Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}" "1043" "0" Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{F071F40F-CBA0-452D-A1CB-3F327CC8DF66}" "1043" "0" Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F9F5A080-AF38-4966-9A6B-C43DCA465035}" "1043" "0" Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F9F5A080-AF38-4966-9A6B-C43DCA465035}" "1043" "0" Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7B29D8B8-6A87-496C-A65E-B935E740448A}" "1043" "0" Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{38CF30E4-3348-4BD1-A859-B630C355A56F}" "1043" "0" USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat USB Audio/Vide Driver-->C:\Program Files (x86)\InstallShield Installation Information\{03CD367D-3959-4529-81B6-B7C80F146781}\setup.exe -runfromtemp -l0x0413 VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D} Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F} Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484} Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} VLC media player 2.0.3-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe WinAVI Video Converter-->"C:\Program Files (x86)\WinAVI Video Converter\unins000.exe" Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live aanmeldhulp-->MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B} Windows Live Call-->MsiExec.exe /I{362F80B4-9628-4100-B074-5A1BB6FCBBF3} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{B3B4E65B-F8B9-46E8-9B30-4DE339DB3F1E} Windows Live Family Safety-->MsiExec.exe /X{B1F3A3DB-1C09-48E5-A277-5815DB14FB81} Windows Live Mail-->MsiExec.exe /I{B38B1F86-8202-482F-A289-A4806DFA498D} Windows Live Messenger-->MsiExec.exe /X{1A38EBE5-08BD-4E0D-AAB9-0DFECACE108B} Windows Live Photo Gallery-->MsiExec.exe /X{22B63288-28E5-4F8C-9BA4-5BD7F6A027E0} Windows Live Sync-->MsiExec.exe /X{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C} Windows Live Writer-->MsiExec.exe /X{C8114985-F9C5-4A4A-885D-C6BA4AE8F231} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe WinZip 14.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD} Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2} Xiph.Org Open Codecs 0.85.17777-->C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe Xvid Video Codec-->C:\Program Files (x86)\Xvid\uninstall.exe ======System event log====== Computer Name: Have0-PC Event Code: 26 Message: Toepassingspop-up: Windows - Geen schijf : Exception Processing Message 0xc0000013 Parameters 0x000007FEFC23718C 0x0000000000000004 0x000007FEFC23718C 0x000007FEFC23718C Record Number: 134123 Source Name: Application Popup Time Written: 20140522165722.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 26 Message: Toepassingspop-up: Windows - Geen schijf : Exception Processing Message 0xc0000013 Parameters 0x000007FEFC23718C 0x0000000000000004 0x000007FEFC23718C 0x000007FEFC23718C Record Number: 134122 Source Name: Application Popup Time Written: 20140522165721.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 26 Message: Toepassingspop-up: Windows - Geen schijf : Exception Processing Message 0xc0000013 Parameters 0x000007FEFC23718C 0x0000000000000004 0x000007FEFC23718C 0x000007FEFC23718C Record Number: 134121 Source Name: Application Popup Time Written: 20140522165721.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 26 Message: Toepassingspop-up: Windows - Geen schijf : Exception Processing Message 0xc0000013 Parameters 0x000007FEFC23718C 0x0000000000000004 0x000007FEFC23718C 0x000007FEFC23718C Record Number: 134120 Source Name: Application Popup Time Written: 20140522165721.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 26 Message: Toepassingspop-up: Windows - Geen schijf : Exception Processing Message 0xc0000013 Parameters 0x000007FEFC23718C 0x0000000000000004 0x000007FEFC23718C 0x000007FEFC23718C Record Number: 134119 Source Name: Application Popup Time Written: 20140522165721.000000-000 Event Type: Informatie User: =====Application event log===== Computer Name: Have0-PC Event Code: 302 Message: Windows (4068) Windows: De database-engine heeft de herstelstappen uitgevoerd. Record Number: 17310 Source Name: ESENT Time Written: 20120420170804.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 301 Message: Windows (4068) Windows: De database-engine is begonnen met het opnieuw afspelen van logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log. Record Number: 17309 Source Name: ESENT Time Written: 20120420170747.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 300 Message: Windows (4068) Windows: De database-engine voert herstelstappen uit. Record Number: 17308 Source Name: ESENT Time Written: 20120420170746.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 102 Message: Windows (4068) Windows: De database-engine (6.01.7600.0000) heeft een nieuwe sessie (0) gestart. Record Number: 17307 Source Name: ESENT Time Written: 20120420170745.000000-000 Event Type: Informatie User: Computer Name: Have0-PC Event Code: 6000 Message: De kennisgevingssubscriber van winlogon <SessionEnv> was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken. Record Number: 17306 Source Name: Microsoft-Windows-Winlogon Time Written: 20120420170658.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: Have0-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: HAVE0-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2b8 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 45335 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131018110034.167560-000 Event Type: Controle geslaagd User: Computer Name: Have0-PC Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 45334 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131018110033.793160-000 Event Type: Controle geslaagd User: Computer Name: Have0-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: HAVE0-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2b8 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 45333 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131018110033.793160-000 Event Type: Controle geslaagd User: Computer Name: Have0-PC Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 45332 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131018110016.399129-000 Event Type: Controle geslaagd User: Computer Name: Have0-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: HAVE0-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2b8 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 45331 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131018110016.399129-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\Common Files\ArcSoft\Bin;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0602 "configsetroot"=%SystemRoot%\ConfigSetRoot -----------------EOF----------------- -
logflies internet draait lang
Have0 reageerde op Have0's topic in Archief Bestrijding malware & virussen
Hoi Kape, weer bedankt. Nu geen problemen meer inderdaad. Zijn dit nu virussen die er toch doorsluipen ondanks programma's anti malware bytes male ware en AVG ? -
logflies internet draait lang
Have0 reageerde op Have0's topic in Archief Bestrijding malware & virussen
Beste Kape, zie onderstaande logfile. De verwijdering is dat een soort virus of ook datgene wat cc-cleaner er uit haalt ? Hoe kan ik dit voorkomen. Alvast weer hartelijk dank. Zoek.exe v5.0.0.0 Updated 11-August-2014 Tool run by Have0 on ma 11-08-2014 at 17:14:22,06. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 11-8-2014 17:17:05 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\Users\Have0\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Have0\AppData\Local\Google deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE\mbam.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Have0\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Have0\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4096 MB CPU Info: AMD Athlon II Dual-Core M300 CPU Speed: 2052,9 MHz Sound Card: Speakers (VIA High Definition A | Display Adapters: ATI Mobility Radeon HD 4570 | ATI Mobility Radeon HD 4570 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW TS-L633C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 74,5GB | D: 208,9GB Hard Disks - Free: C: 17,4GB | D: 195,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 11/02/09 | _ASUS_ - 20091102 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K70AD Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Firefox 31.0 Internet Explorer Version: 11.0.9600.17207 Mozilla Firefox version: 31.0 (x86 en-GB) Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0 (64-bit) Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Have0\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-08-01 06:55:54 867148EBF47E7E7E7B21C07B4A981929 581600 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2014-08-01 06:55:54 372218B80DEF827063049EBEE76B7501 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2014-08-01 06:55:54 255F0417EC31C71585824269522EC8E9 36320 ----a-w- C:\Windows\SysWOW64\wups.dll 2014-08-01 06:55:34 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2014-08-01 06:55:34 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\Windows\SysWOW64\wuwebv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-08-01 06:56:17 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2014-08-01 06:56:17 E76F105AD039B9E4DA9ECE839298C4A2 44512 ----a-w- C:\Windows\Sysnative\wups2.dll 2014-08-01 06:56:17 6335F8B4B89F002A3801473C1A799237 2620928 ----a-w- C:\Windows\Sysnative\wucltux.dll 2014-08-01 06:56:16 61FF576450CCC80564B850BC3FB6713A 2477536 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2014-08-01 06:55:54 7EC6617005F76714C7E16605E7A8AB06 38880 ----a-w- C:\Windows\Sysnative\wups.dll 2014-08-01 06:55:54 1180B5ADFB507258DA10F51B46681A33 97792 ----a-w- C:\Windows\Sysnative\wudriver.dll 2014-08-01 06:55:54 0DB2758CF1BAFE22E0970FDA0785B74C 700384 ----a-w- C:\Windows\Sysnative\wuapi.dll 2014-08-01 06:55:34 45D4BDEA136E72E75CF008D3C38D949A 198600 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2014-08-01 06:55:34 29FE783F75362AD6D2D9C0555BA83BD2 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Have0\AppData\Roaming ====== ====== C:\Users\Have0 ====== 2014-08-10 12:08:55 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 -c--a-w- C:\Users\Have0\Downloads\RSITx64.exe 2014-07-30 11:24:34 4D124C4F40B471DFFEDF0ED8A79CCCAD 1365551 -c--a-w- C:\Users\Have0\Downloads\adwcleaner_3.301.exe ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2578091034-2730396283-2997144666-1001\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"="C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Have0\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Xvid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Xvid" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Xvid\\CheckUpdate.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\NewShortcut1.lnk" "backup"="C:\\Windows\\pss\\NewShortcut1.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\USB_VI~1\\Utility\\REMOTE~1\\BDAREM~1.EXE " "item"="NewShortcut1" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a--c--- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-07-2014 19:02] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{A43D4B78-0311-4C53-983B-3317133FAC60}" [C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 5B0F6A8F086D3220272919A3023EF180 - C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [uTorrent] "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDN4MCLY will be deleted at reboot C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YG828NC8 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Have0\AppData\Local\Mozilla\Firefox\Profiles\7uw19joy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5 folders=1 2219 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Have0\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Have0\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDN4MCLY" not found "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YG828NC8" not found ==== EOF on ma 11-08-2014 at 18:03:04,60 ====================== -
logflies internet draait lang
Have0 reageerde op Have0's topic in Archief Bestrijding malware & virussen
Ziet er iemand hieronder foutmeldingen of dingen die verwijderd moeten worden ? Bedankt alvast. Logfile of random's system information tool 1.10 (written by random/random) Run by Have0 at 2014-08-10 14:09:20 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 18 GB (23%) free of 76 GB Total RAM: 4095 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:09:31, on 10-8-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\sysWow64\SearchProtocolHost.exe C:\Program Files\trend micro\Have0.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [uTorrent] "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8725 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=3d9f0804-bfed-4215-b77b-f66516687b2b /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\b769e46b-f102-462c-914d-ef4d467e6874-150-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" Atouch64.exe "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" ATKOSD.exe "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" KBFiltr.exe WDC.exe "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" taskeng.exe {595097AA-5F19-4052-A077-03E8E889010F} "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files\P4G\BatteryLife.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" C:\Windows\Explorer.EXE "C:\Windows\system32\Dwm.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-77212ac6-6f20-4db3-a768-79b7488a8b98 -SystemEventPortName:HostProcess-0d760790-7beb-4335-a1b2-99325338383d -IoCancelEventPortName:HostProcess-f15b6877-3727-43f4-b494-e5154d302bb2 -NonStateChangingEventPortName:HostProcess-d3efb989-a85e-41ab-a582-566221b319b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a39c4df4-5a90-473c-9419-4a23c5d56eff -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 ctfmon.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\system32\AUDIODG.EXE 0x978 "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5140.ba13590.138589351 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5140 "\\.\pipe\gecko-crash-server-pipe.5140" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4436.616D0D80.5848 --host-broker-channel=Flash4436.616D0D80.2847 --host-pid=4436 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=5548.0045F668.1434344035 --proxy-stub-channel=Flash4436.616D0D80.5848 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2578091034-2730396283-2997144666-100116_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2578091034-2730396283-2997144666-100116 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Users\Have0\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default prefs.js - "browser.search.useDBForOrder" - "false" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\searchplugins\ google-.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"=C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-11 1322832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-12-19 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-11 1322832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-06-17 5179408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=16 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-08-10 14:09:20 ----DC---- C:\rsit 2014-08-01 08:56:17 ----A---- C:\Windows\system32\wups2.dll 2014-08-01 08:56:17 ----A---- C:\Windows\system32\wucltux.dll 2014-08-01 08:56:17 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-01 08:56:16 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-01 08:55:54 ----A---- C:\Windows\SYSWOW64\wups.dll 2014-08-01 08:55:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2014-08-01 08:55:54 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2014-08-01 08:55:54 ----A---- C:\Windows\system32\wups.dll 2014-08-01 08:55:54 ----A---- C:\Windows\system32\wudriver.dll 2014-08-01 08:55:54 ----A---- C:\Windows\system32\wuapi.dll 2014-08-01 08:55:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2014-08-01 08:55:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2014-08-01 08:55:34 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-01 08:55:34 ----A---- C:\Windows\system32\wuapp.exe 2014-07-23 15:49:14 ----DC---- C:\Program Files (x86)\Mozilla Firefox 2014-07-20 19:06:28 ----A---- C:\Windows\system32\schannel.dll 2014-07-20 19:06:27 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-07-20 19:06:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-07-20 19:06:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-07-20 19:06:27 ----A---- C:\Windows\system32\kerberos.dll 2014-07-20 19:06:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-07-20 19:06:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-07-20 19:06:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-07-20 19:06:26 ----A---- C:\Windows\system32\wdigest.dll 2014-07-20 19:06:26 ----A---- C:\Windows\system32\TSpkg.dll 2014-07-20 19:06:26 ----A---- C:\Windows\system32\ncrypt.dll 2014-07-20 19:06:26 ----A---- C:\Windows\system32\msv1_0.dll 2014-07-20 19:06:25 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-07-20 19:06:25 ----A---- C:\Windows\system32\credssp.dll ======List of files/folders modified in the last 1 month====== 2014-08-10 14:09:31 ----DC---- C:\Windows\Prefetch 2014-08-10 14:09:27 ----DC---- C:\Program Files\trend micro 2014-08-10 14:06:51 ----DC---- C:\Windows\Temp 2014-08-10 14:03:39 ----DC---- C:\Users\Have0\AppData\Roaming\uTorrent 2014-08-10 13:46:27 ----SHDC---- C:\Windows\Installer 2014-08-10 13:44:40 ----DC---- C:\Config.Msi 2014-08-10 13:09:54 ----DC---- C:\Windows\system32\config 2014-08-10 12:37:03 ----DC---- C:\ProgramData\MFAData 2014-08-10 12:31:07 ----DC---- C:\Windows\system32\Tasks 2014-08-08 09:19:34 ----DC---- C:\Windows\system32\FxsTmp 2014-08-07 20:58:35 ----SDC---- C:\Users\Have0\AppData\Roaming\Microsoft 2014-08-05 19:11:46 ----DC---- C:\Windows 2014-08-03 20:26:57 ----D---- C:\Windows\rescache 2014-08-03 19:00:48 ----SHD---- C:\System Volume Information 2014-08-03 12:00:44 ----DC---- C:\Windows\System32 2014-08-03 12:00:44 ----DC---- C:\Windows\inf 2014-08-03 12:00:44 ----AC---- C:\Windows\system32\PerfStringBackup.INI 2014-08-02 10:54:21 ----AC---- C:\Windows\system32\acovcnt.exe 2014-08-02 10:53:41 ----D---- C:\Windows\winsxs 2014-08-02 10:52:55 ----DC---- C:\Windows\SYSWOW64\nl-NL 2014-08-02 10:52:55 ----DC---- C:\Windows\SysWOW64 2014-08-02 10:52:55 ----DC---- C:\Windows\system32\nl-NL 2014-08-01 08:56:45 ----DC---- C:\Windows\system32\catroot 2014-08-01 08:55:44 ----DC---- C:\Windows\system32\catroot2 2014-07-30 13:26:57 ----DC---- C:\AdwCleaner 2014-07-30 13:12:41 ----DC---- C:\Users\Have0\AppData\Roaming\vlc 2014-07-27 16:33:40 ----DC---- C:\Windows\system32\wdi 2014-07-26 08:44:33 ----DC---- C:\Program Files\Microsoft Silverlight 2014-07-26 08:44:30 ----DC---- C:\Program Files (x86)\Microsoft Silverlight 2014-07-26 08:44:26 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-25 19:21:35 ----DC---- C:\Users\Have0\AppData\Roaming\dvdcss 2014-07-24 09:34:38 ----RDC---- C:\Program Files (x86) 2014-07-20 19:19:54 ----DC---- C:\Windows\SYSWOW64\Dism 2014-07-20 19:19:53 ----DC---- C:\Windows\system32\Dism 2014-07-20 16:03:24 ----DC---- C:\Windows\debug 2014-07-20 10:58:31 ----DC---- C:\Windows\system32\drivers 2014-07-20 10:58:31 ----DC---- C:\Windows\ServiceProfiles ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-22 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-17 153368] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-08 30568] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-07-04 19456] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-07-04 56832] S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392] S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-09 111616] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- -
Graag jullie advies, sommige internetpagina's blijven hangen. Welke logfile kan ik doorsturen ? Wie heeft er link naar hijjackthis of ander programma wat nodig is ? Bedankt.
-
Super bedankt weer !!! Ik had ook al enige tijd rondgekeken op internet maar kon het niet vinden. Het werkt thanks.
-
Beste Leroy, het scherm heb ik zo aangepast naar Windows 7. Toch zie ik nergens het zoekvlak ? Of doe ik iets verkeerd ? Of moet ik iets veranderen bij View ? Zie onderstaande screenshot.
-
Sorry er is iets misgegaan. Nu gaat het beter zie bijlages.
-
Hoi Kape, ik heb wel windows 7. Maar startknop is vierkant, daarboven zie ik alleen direct staan blokje alle programma's, ik kan daar niets invullen. Als ik op blokje alle programma's klik, dan komt er blokje vorige weergave.
-
Beste lezer, ik lees overal je moet op je startknop staan en dan komt zoekvlak tevoorschijn. Bij mij niet. Moet ik ergens, waar een instelling veranderen ? Ik wil bijvoorbeeld een programma zoeken. Ik weet niet hoe ik dit moet doen, alvast bedankt.
-
Hartelijk dank ! Hij draait als nooit tevoren ! Super bedankt !
-
Beste Mako, logisch toch studeren is ook super belangrijk net zoals contacten met vrienden. Mako, Kweezie Rabbit en Passer super bedankt dat jullie mij weer geholpen hebben. Alles gaat nu sneller. Ik heb nog 2 vragen, was het nu een virus of een fout waardoor wordt deze door veroorzaakt ? Ik gebruik AVGfree Malwarebytes- anti malware, soms scan ik met ADW-cleaner en CC-cleaner gebruik ik regelmatig. Meer gratis goede programma's voor je p.c. zijn er toch niet ? Super bedankt allemaal.
-
Beste mensen van PC helpforum, bedankt voor jullie hulp en tijd. Hieronder de logfile waarom Kweezie Rabbit vroeg. Ik weet nu niet of Service Pack 1 nu geinstalleerd is, ik denk van wel. Kunnen jullie dit zien in eerdere logfiles ? Zoek.exe v5.0.0.0 Updated 22-06-2014 Tool run by Have0 on za 28-06-2014 at 12:22:36,52. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-19-194645.log 13094 bytes C:\zoek-results2014-06-20-151808.log 7251 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Have0\Searches deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 738C29EAC995029E13333034C1402F56 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash 5B0F6A8F086D3220272919A3023EF180 - C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Have0\AppData\Local\Mozilla\Firefox\Profiles\7uw19joy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=269 folders=59 22648312 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Have0\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Have0\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on za 28-06-2014 at 13:08:24,23 ======================
-
Ik heb nog eens gekeken of de defregmentatie gelukt is. Vandaar nogmaals een logfile. Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is enabled) ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SlimCleaner Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 14.0.0.125 Adobe Reader 10.1.10 Adobe Reader out of Date! Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
-
Beste Mako, ik weet niet zeker of het gelukt is vandaar de logfile. Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is enabled) ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` SlimCleaner Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 14.0.0.125 Adobe Reader 10.1.10 Adobe Reader out of Date! Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 19% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
-
Beste Mako, het is mij helaas niet gelukt. Er komt een foutcode 800B0100, daarna heb ik hulpprogramma system update readirect gedownload. KB0427821 Hotfix voor windows. Maar toch lukt het niet. De Service Pack 1 kan niet installeren. De link van passer heb ik vertaald naar het nederlands maar ik snap niet wat en hoe ik het moet doen. Misschien heeft u nog advies ?
-
Beste Mako, zou ik onderstaande dingen moeten proberen denkt u ? Problemen met het installeren van Service Pack 1 (SP1) voor Windows 7 en Windows Server 2008 R2 oplossen - Windows Help
-
Beste Mako, ik heb het nogmaals geprobeerd maar weer niet gelukt. Hij geeft foutcode aan "Fout: DS_S_SUCCESS(0x0) Ik begrijp er niets van. Wat kan er misgaan met de Service Pack. Ik had mijn AVG niet uitgezet maar dat kan het probleem toch niet zijn of toch wel ? Alvast weer bedankt voor uw hulp/advies.
-
Beste Mako, hieronder de logfile. Results of screen317's Security Check version 0.99.85 Windows 7 x64 (UAC is enabled) Out of date service pack!! ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SlimCleaner Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 14.0.0.125 Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
-
Beste Mako, ik heb de instructies van Kweezie Rabbit bericht 11 opgevolgd. Waar kan ik google chrome terugvinden ? Ik gebruik alleen firefox. Via configuratieprogramma software vind ik geen google chrome. Ik weet ook niet hoe ik bestand moet zoeken in windows 7. Het zoekvenster bij startknop zie ik niet ? De plug-ins staan nu allemaal op ask to activate. Welke zou ik moeten veranderen ? Of kan ik ze beter allemaal zetten op always activate of juist niet en vooral op never activate ? Alvast weer hartelijk dank voor uw antwoorden en adviezen !!!
-
Beste Mako, zie hieronder alvast de logfile. De instructies van Kweezie Wabbit in bericht 11 moet ik nog doen. Kan ik ook beter Google chrome verwijderen ik gebruik alleen firefox. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01 Ran by Have0 at 2014-06-21 12:37:37 Run:1 Running from C:\Users\Have0\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {1EF1B9D5-3A7A-4B75-933D-6DA7453E8275} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\Temp:15024E60 CHR Extension: (Re-markit) - C:\Users\Have0\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphmhoddjhmehbbpmkhhmepfhpmjigfk [2014-05-11] ***************** 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EF1B9D5-3A7A-4B75-933D-6DA7453E8275}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EF1B9D5-3A7A-4B75-933D-6DA7453E8275}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar' => Key deleted successfully. C:\ProgramData\Temp => ":15024E60" ADS removed successfully. C:\Users\Have0\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphmhoddjhmehbbpmkhhmepfhpmjigfk => Moved successfully. ==== End of Fixlog ====
-
Beste Mako als ik via configuratiescherm, naar firewall gaat staat er bij status windows firewall ingeschakeld bij thuisnetwerk of particulier verbonden. Bij openbare netwerken niet verbonden. Of staat windows defender ergens anders of begrijp ik het verkeerd ?
-
Beste Mako, als het goed is vind u hieronder de logfiles. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01 Ran by Have0 at 2014-06-21 10:45:10 Running from C:\Users\Have0\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.) 1Click DVD Copy Pro 4.0.6.2 (HKLM-x32\...\1Click DVD Copy Pro_is1) (Version: - LG Software Innovations) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Reader X (10.1.8) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) AMD USB Filter Driver (HKLM-x32\...\{82809116-D1EE-443C-AE31-F19E709DDF7A}) (Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS) ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK) ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus) Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.) Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.) ATI Catalyst Install Manager (HKLM\...\{138CD2BA-D40F-B371-83A2-6412684CEFDD}) (Version: 3.0.732.0 - ATI Technologies, Inc.) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies) AVG 2014 (Version: 14.0.3681 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.3972 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden Basishandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Bog) (Version: - ) Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation) Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0729.2227.38498 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.) CyberLink LabelPrint (x32 Version: 2.5.1720 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.) CyberLink Power2Go (x32 Version: 6.1.2713 - CyberLink Corp.) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft) Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - ) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS) Gebruikershandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Useg) (Version: - ) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Intel WiDi Media Share (x32 Version: 1.1.0.0 - Intel Corporation) Hidden Intel® WiDi Media Share (HKLM-x32\...\{32d14b1d-18fa-48e7-867d-93b7a72c816a}) (Version: 1.1.0.0 - Intel Corporation) Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version: - Oberon Media) Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle) Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versie 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 NLD Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0120-0413-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation) Microsoft Office Outlook MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Minecraft1.7.4 (HKLM-x32\...\Minecraft1.7.4) (Version: - ) Mozilla Firefox 30.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-GB)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden Netwerkhandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Netg) (Version: - ) Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden SlimCleaner (HKLM-x32\...\{FBFBDCEB-1921-4771-B80E-09BBD33680D0}) (Version: 1.9.14612 - SlimWare Utilities, Inc.) Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version: - Oberon Media) Spotnet (HKLM-x32\...\{12947715-B6F0-4597-816F-5E13FB647921}_is1) (Version: 1.8.1 - Spotnet) Taalpakket voor Microsoft .NET Framework 4.5 - NLD (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50709 - Microsoft Corporation) TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUS_{2CDD05C4-26E6-4125-8499-EB6D800614EE}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUS_{F071F40F-CBA0-452D-A1CB-3F327CC8DF66}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) USB Audio/Vide Driver (HKLM-x32\...\InstallShield_{03CD367D-3959-4529-81B6-B7C80F146781}) (Version: 1.00.0000 - ) USB Audio/Vide Driver (x32 Version: 1.00.0000 - ) Hidden VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN) WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter 10.5_is1) (Version: - ZJ Computing,Inc.) Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Live aanmeldhulp (HKLM-x32\...\{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}) (Version: 5.000.818.6 - Microsoft Corporation) Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS) WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. ) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.11 - ASUS) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.1 - Xvid Team) ==================== Restore Points ========================= 20-06-2014 21:35:18 Windows 7 Service Pack 1 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2012-07-28 19:30 - 00000027 ___AC C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1EF1B9D5-3A7A-4B75-933D-6DA7453E8275} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION Task: {204339A7-DF04-4FAB-B203-C4A5635101B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {4928B02E-BF35-4DBF-A521-74E0EB8443BF} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {4D03DA6C-90B6-4BC3-9610-17B2F0714065} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {55271D53-419F-468D-ACB2-7D4A76F1A975} - System32\Tasks\{A43D4B78-0311-4C53-983B-3317133FAC60} => C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe [2009-08-13] (LG Software Innovations) Task: {5FB2FC62-791A-46E9-95B1-1F36EB423DDE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-19] () Task: {6A21E193-7A92-4E68-979C-676F0F4365D0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {7CC95640-FBCF-47B6-B317-0FB0710FDD3D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {9D39131A-4304-4A35-ABC7-8F2B3E32C3AD} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-12] (TODO: <Company name>) Task: {AFCE63F4-53EC-4858-928F-734010A3F4C3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK) Task: {B4B1F1F8-243C-4900-893F-5B72948B53D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated) Task: {B8C3EC42-7818-4D91-A1B7-AACA6C0302AE} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS) Task: {C496B371-F6F2-4025-B3E3-5E183E8A200E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {CC2C9781-5EB7-4EB5-9494-C84ED6F3C4CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {CEE2FC1F-A3E3-4EA7-B8F0-9A1F1D909BAA} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-09-05] () Task: {DB339C1A-15AF-41D6-B38B-26B0915B5EC3} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] () Task: {FEDC8796-AADC-452C-BE07-7E81320D10BF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2009-12-19 04:43 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe 2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2009-12-19 04:45 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2009-09-11 02:42 - 2009-09-11 02:42 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll 2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll 2009-12-19 04:43 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll 2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe 2009-09-05 01:24 - 2009-09-05 01:24 - 01600128 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2008-08-14 06:59 - 2008-08-14 06:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2009-08-25 09:47 - 2009-08-25 09:47 - 00140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll 2009-12-19 04:17 - 2009-12-19 04:17 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll 2009-12-19 04:17 - 2009-12-19 04:17 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll 2009-08-25 09:47 - 2009-08-25 09:47 - 00095504 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSWorker.dll 2009-08-25 09:47 - 2009-08-25 09:47 - 00083216 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSBroker.dll 2009-12-19 04:29 - 2009-12-19 04:29 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:15024E60 ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk => C:\Windows\pss\NewShortcut1.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: uTorrent => "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/20/2014 10:38:38 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft Outlook: Accepted Safe Mode action : Outlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus?. Accepted Safe Mode action : Microsoft Outlook. Error: (06/20/2014 10:33:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x6c0 Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (06/19/2014 09:38:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x668 Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (06/19/2014 07:22:16 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: ) Description: Microsoft Outlook: Rejected Safe Mode action : Outlook kan niet in de veilige modus worden gestart. Wilt u beginnen met herstellen?. Rejected Safe Mode action : Microsoft Outlook. Error: (06/19/2014 05:53:03 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft Outlook: Accepted Safe Mode action : Outlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus?. Accepted Safe Mode action : Microsoft Outlook. Error: (06/19/2014 05:53:01 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft Outlook: Accepted Safe Mode action : Outlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus?. Accepted Safe Mode action : Microsoft Outlook. Error: (06/18/2014 10:34:34 PM) (Source: VSS) (EventID: 12305) (User: ) Description: Fout in de Volume Shadow Copy-service: het volume of de schijf is niet aangesloten of niet gevonden. Foutcontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3 - 00000000000000F8,0x0053c198,00000000001B1FF0,0,00000000001B0FE0,4096,[0]). Bewerking: PostFinalCommitSnapshots verwerken Context: Uitvoeringscontext: System Provider Error: (06/18/2014 09:38:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. . Error: (06/18/2014 09:38:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. . Error: (06/18/2014 09:36:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. . System errors: ============= Error: (06/21/2014 10:10:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC) Error: (06/21/2014 10:09:21 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (06/21/2014 10:09:21 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (06/20/2014 11:36:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x800b0100: Windows 7 Service Pack 1 voor x64-systemen (KB976932). Error: (06/20/2014 11:16:00 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (06/20/2014 10:38:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC) Error: (06/20/2014 10:36:09 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000006f8, 0xfffff80002ea823e)C:\Windows\MEMORY.DMP062014-46956-01 Error: (06/20/2014 10:35:39 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (06/20/2014 10:35:39 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (06/20/2014 10:35:44 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 22:33:40 op 20-6-2014 is onverwacht gebeurd. Microsoft Office Sessions: ========================= Error: (06/20/2014 10:38:38 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft OutlookOutlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus? Error: (06/20/2014 10:33:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b6c001cf8cc01c5c2c24C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2343a109-f8ba-11e3-8135-e0cb4e415243 Error: (06/19/2014 09:38:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b66801cf8be77df88723C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll5a46b112-f7e9-11e3-8dc5-e0cb4e415243 Error: (06/19/2014 07:22:16 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: ) Description: Microsoft OutlookOutlook kan niet in de veilige modus worden gestart. Wilt u beginnen met herstellen? Error: (06/19/2014 05:53:03 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft OutlookOutlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus? Error: (06/19/2014 05:53:01 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft OutlookOutlook is de vorige keer niet goed gestart. Als u Outlook in de veilige modus start, kunt u het opstartprobleem mogelijk opsporen en corrigeren, zodat het programma juist kan worden gestart. Mogelijk wordt bepaalde functionaliteit in deze modus uitgeschakeld. Wilt u Outlook starten in de veilige modus? Error: (06/18/2014 10:34:34 PM) (Source: VSS) (EventID: 12305) (User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3 - 00000000000000F8,0x0053c198,00000000001B1FF0,0,00000000001B0FE0,4096,[0]) Bewerking: PostFinalCommitSnapshots verwerken Context: Uitvoeringscontext: System Provider Error: (06/18/2014 09:38:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. Error: (06/18/2014 09:38:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. Error: (06/18/2014 09:36:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. CodeIntegrity Errors: =================================== Date: 2012-07-28 19:29:04.437 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-07-28 19:29:04.203 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 49% Total physical RAM: 4095.21 MB Available physical RAM: 2068.56 MB Total Pagefile: 8188.56 MB Available Pagefile: 6226.56 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:26.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:195.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 76692CA8) Partition 1: (Not Active) - (Size=15 GB) - (Type=1C) Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=209 GB) - (Type=OF Extended) ==================== End Of Log ============================ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01 Ran by Have0 (administrator) on HAVE0-PC on 21-06-2014 10:42:20 Running from C:\Users\Have0\Desktop Platform: Windows 7 Home Premium (X64) OS Language: Nederlands (Nederland) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (ATK) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.) HKLM-x32\...\Run: [updateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: OverlayIconExtension1 -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: OverlayIconExtension2 -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Handler: linkscanner - No CLSID Value - Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: linkscanner - No CLSID Value - Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 212.54.40.25 212.54.44.54 FireFox: ======== FF ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default FF DefaultSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\searchplugins\google-.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared FF Extension: AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011-09-20] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Re-markit) - C:\Users\Have0\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphmhoddjhmehbbpmkhhmepfhpmjigfk [2014-05-11] ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed] S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [984392 2011-04-22] () R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] U3 tmlwf; U3 tmwfp; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-21 10:42 - 2014-06-21 10:43 - 00016190 ____C () C:\Users\Have0\Desktop\FRST.txt 2014-06-21 10:42 - 2014-06-21 10:42 - 00000000 ___DC () C:\FRST 2014-06-21 10:40 - 2014-06-21 10:40 - 02083328 ____C (Farbar) C:\Users\Have0\Desktop\FRST64.exe 2014-06-20 23:35 - 2014-06-20 23:35 - 00000000 ___DC () C:\Windows\system32\SPReview 2014-06-20 22:35 - 2014-06-20 22:36 - 00275216 ____C () C:\Windows\Minidump\062014-46956-01.dmp 2014-06-20 22:35 - 2014-06-20 22:35 - 512572684 _____ () C:\Windows\MEMORY.DMP 2014-06-20 21:22 - 2014-06-20 21:22 - 01333465 ____C () C:\Users\Have0\Desktop\adwcleaner_3.212(1).exe 2014-06-20 17:03 - 2014-06-20 16:25 - 00024064 ____C () C:\Windows\zoek-delete.exe 2014-06-20 16:26 - 2014-06-19 21:46 - 00013094 ____C () C:\zoek-results2014-06-19-194645.log 2014-06-19 21:36 - 2014-06-20 17:18 - 00007251 ____C () C:\zoek-results.log 2014-06-19 21:32 - 2014-06-19 21:32 - 01285120 ____C () C:\Users\Have0\Desktop\zoek.exe 2014-06-19 19:18 - 2014-06-21 10:12 - 00003484 ____C () C:\Windows\System32\Tasks\AutoKMS 2014-06-19 19:18 - 2014-06-19 19:54 - 00000000 ___DC () C:\Windows\AutoKMS 2014-06-19 18:34 - 2014-06-20 21:38 - 00007252 ____C () C:\Windows\PFRO.log 2014-06-19 17:31 - 2014-06-19 17:31 - 00000000 ___DC () C:\rsit 2014-06-19 17:30 - 2014-06-19 17:30 - 01222144 ____C () C:\Users\Have0\Downloads\RSITx64(1).exe 2014-06-19 17:29 - 2014-06-19 17:29 - 01222144 ____C () C:\Users\Have0\Downloads\RSITx64.exe 2014-06-18 21:54 - 2014-06-21 10:09 - 00003170 ____C () C:\Windows\System32\Tasks\P4GIntlCtrl 2014-06-18 17:32 - 2014-06-18 17:33 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 19:29 - 2014-06-21 10:09 - 00001960 ____C () C:\Windows\setupact.log 2014-06-17 19:29 - 2014-06-17 19:29 - 00000000 ____C () C:\Windows\setuperr.log 2014-06-17 16:21 - 2014-06-17 16:21 - 00000000 ___DC () C:\Users\Have0\AppData\Local\Adobe 2014-06-14 15:10 - 2014-06-14 14:51 - 00000030 ____C () C:\AVScanner.ini 2014-06-14 15:02 - 2014-06-14 15:02 - 04748896 ____C (Piriform Ltd) C:\Users\Have0\Downloads\ccsetup414.exe 2014-06-14 14:51 - 2014-06-14 14:51 - 00000000 ___DC () C:\ProgramData\McAfee 2014-06-07 18:00 - 2014-06-09 12:22 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\.minecraft 2014-06-07 18:00 - 2014-06-07 18:00 - 00002128 ____C () C:\Users\Have0\Desktop\Minecraft.lnk 2014-06-07 18:00 - 2014-06-07 18:00 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2014-06-07 17:56 - 2014-06-07 17:57 - 00000000 ___DC () C:\Users\Have0\Downloads\Minecraft 1.7.5 by TeamExtremeMc.com 2014-06-07 17:47 - 2014-06-07 17:47 - 01080944 ____C (Unity Technologies ApS) C:\Users\Have0\Downloads\UnityWebPlayer.exe 2014-06-07 17:47 - 2014-06-07 17:47 - 00000000 ___DC () C:\Users\Have0\AppData\Local\Unity 2014-06-06 16:45 - 2014-06-06 16:45 - 01333465 ____C () C:\Users\Have0\Downloads\adwcleaner_3.212.exe 2014-06-05 20:19 - 2014-06-05 20:19 - 00000000 ____C () C:\Users\Have0\Sti_Trace.log 2014-06-03 21:13 - 2014-06-05 22:10 - 00000000 ___DC () C:\Users\Have0\Documents\Margrita 2014-05-27 19:01 - 2014-05-28 20:03 - 00000000 ___DC () C:\Users\Have0\Documents\Bram 2014-05-27 19:01 - 2014-05-27 19:01 - 00000000 ___DC () C:\Users\Have0\Documents\Nieuwe map 2014-05-23 17:46 - 2014-05-23 17:51 - 00012208 _____ () C:\Users\Have0\Documents\Adressenlijst.xlsx 2014-05-23 17:45 - 2014-06-20 16:24 - 00000000 ___DC () C:\Users\Have0\Documents\Veteranen 2014-05-23 15:42 - 2014-05-23 15:42 - 00009455 _____ () C:\Users\Have0\Documents\Voorbeeld emailadressen.xlsx 2014-05-23 15:38 - 2014-05-23 15:38 - 00012221 _____ () C:\Users\Have0\Desktop\Veteranen.xlsx 2014-05-23 15:24 - 2014-05-23 15:36 - 00012222 _____ () C:\Users\Have0\Documents\Veteranen.xlsx 2014-05-22 19:41 - 2014-05-22 19:27 - 00003119 ____C () C:\Users\Have0\Desktop\Microsoft Outlook 2010.lnk 2014-05-22 19:27 - 2014-05-22 19:27 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2014-05-22 19:24 - 2014-05-22 19:24 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Synchronization Services 2014-05-22 19:23 - 2014-05-22 19:23 - 00000000 ___DC () C:\Windows\PCHEALTH 2014-05-22 19:18 - 2014-05-22 19:18 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Visual Studio 8 2014-05-22 19:17 - 2014-05-22 19:17 - 00000000 ___DC () C:\Program Files\Microsoft Office 2014-05-22 19:17 - 2014-05-22 19:17 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Analysis Services ==================== One Month Modified Files and Folders ======= 2014-06-21 10:43 - 2014-06-21 10:42 - 00016190 ____C () C:\Users\Have0\Desktop\FRST.txt 2014-06-21 10:42 - 2014-06-21 10:42 - 00000000 ___DC () C:\FRST 2014-06-21 10:41 - 2014-05-16 11:38 - 00000000 ___DC () C:\Users\Have0\Documents\Outlook-bestanden 2014-06-21 10:40 - 2014-06-21 10:40 - 02083328 ____C (Farbar) C:\Users\Have0\Desktop\FRST64.exe 2014-06-21 10:23 - 2013-09-30 17:31 - 01104733 ____C () C:\Windows\WindowsUpdate.log 2014-06-21 10:18 - 2009-07-14 06:45 - 00016112 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-21 10:18 - 2009-07-14 06:45 - 00016112 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-21 10:16 - 2010-11-17 23:21 - 00000000 ___DC () C:\ProgramData\MFAData 2014-06-21 10:12 - 2014-06-19 19:18 - 00003484 ____C () C:\Windows\System32\Tasks\AutoKMS 2014-06-21 10:09 - 2014-06-18 21:54 - 00003170 ____C () C:\Windows\System32\Tasks\P4GIntlCtrl 2014-06-21 10:09 - 2014-06-17 19:29 - 00001960 ____C () C:\Windows\setupact.log 2014-06-21 10:09 - 2014-01-28 22:13 - 00045056 ____C () C:\Windows\system32\acovcnt.exe 2014-06-21 10:09 - 2009-07-14 07:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT 2014-06-20 23:35 - 2014-06-20 23:35 - 00000000 ___DC () C:\Windows\system32\SPReview 2014-06-20 23:16 - 2013-05-31 19:52 - 00000940 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-20 22:36 - 2014-06-20 22:35 - 00275216 ____C () C:\Windows\Minidump\062014-46956-01.dmp 2014-06-20 22:35 - 2014-06-20 22:35 - 512572684 _____ () C:\Windows\MEMORY.DMP 2014-06-20 22:35 - 2011-02-14 10:33 - 00000000 ___DC () C:\Windows\Minidump 2014-06-20 21:38 - 2014-06-19 18:34 - 00007252 ____C () C:\Windows\PFRO.log 2014-06-20 21:37 - 2014-05-03 15:00 - 00000000 ___DC () C:\AdwCleaner 2014-06-20 21:22 - 2014-06-20 21:22 - 01333465 ____C () C:\Users\Have0\Desktop\adwcleaner_3.212(1).exe 2014-06-20 17:18 - 2014-06-19 21:36 - 00007251 ____C () C:\zoek-results.log 2014-06-20 17:14 - 2009-07-14 07:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-20 16:55 - 2013-10-23 17:19 - 00000000 ___DC () C:\zoek_backup 2014-06-20 16:25 - 2014-06-20 17:03 - 00024064 ____C () C:\Windows\zoek-delete.exe 2014-06-20 16:24 - 2014-05-23 17:45 - 00000000 ___DC () C:\Users\Have0\Documents\Veteranen 2014-06-19 21:46 - 2014-06-20 16:26 - 00013094 ____C () C:\zoek-results2014-06-19-194645.log 2014-06-19 21:32 - 2014-06-19 21:32 - 01285120 ____C () C:\Users\Have0\Desktop\zoek.exe 2014-06-19 19:54 - 2014-06-19 19:18 - 00000000 ___DC () C:\Windows\AutoKMS 2014-06-19 19:33 - 2009-12-19 03:48 - 00000000 ___DC () C:\ProgramData\Microsoft Help 2014-06-19 17:31 - 2014-06-19 17:31 - 00000000 ___DC () C:\rsit 2014-06-19 17:31 - 2013-10-21 21:35 - 00000000 ___DC () C:\Program Files\trend micro 2014-06-19 17:30 - 2014-06-19 17:30 - 01222144 ____C () C:\Users\Have0\Downloads\RSITx64(1).exe 2014-06-19 17:29 - 2014-06-19 17:29 - 01222144 ____C () C:\Users\Have0\Downloads\RSITx64.exe 2014-06-19 17:06 - 2012-05-21 19:39 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-18 17:33 - 2014-06-18 17:32 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 20:29 - 2009-07-14 07:32 - 00000000 ___DC () C:\Windows\system32\FxsTmp 2014-06-17 20:20 - 2014-05-16 10:05 - 00000000 ___DC () C:\Users\Have0\AppData\Local\Microsoft Help 2014-06-17 19:29 - 2014-06-17 19:29 - 00000000 ____C () C:\Windows\setuperr.log 2014-06-17 16:21 - 2014-06-17 16:21 - 00000000 ___DC () C:\Users\Have0\AppData\Local\Adobe 2014-06-16 17:23 - 2010-11-03 21:07 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\uTorrent 2014-06-14 15:03 - 2010-11-04 21:13 - 00001023 ____C () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-14 15:03 - 2010-02-25 17:19 - 00000000 ___DC () C:\Program Files (x86)\CCleaner 2014-06-14 15:02 - 2014-06-14 15:02 - 04748896 ____C (Piriform Ltd) C:\Users\Have0\Downloads\ccsetup414.exe 2014-06-14 14:51 - 2014-06-14 15:10 - 00000030 ____C () C:\AVScanner.ini 2014-06-14 14:51 - 2014-06-14 14:51 - 00000000 ___DC () C:\ProgramData\McAfee 2014-06-14 14:51 - 2013-05-31 19:52 - 00003878 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-14 14:51 - 2012-07-29 16:10 - 00699056 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-14 14:51 - 2012-07-29 16:10 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-11 22:22 - 2013-09-05 16:05 - 00000000 ___DC () C:\Windows\system32\MRT 2014-06-11 22:21 - 2010-03-18 22:10 - 95414520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-09 12:22 - 2014-06-07 18:00 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\.minecraft 2014-06-07 18:00 - 2014-06-07 18:00 - 00002128 ____C () C:\Users\Have0\Desktop\Minecraft.lnk 2014-06-07 18:00 - 2014-06-07 18:00 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2014-06-07 17:57 - 2014-06-07 17:56 - 00000000 ___DC () C:\Users\Have0\Downloads\Minecraft 1.7.5 by TeamExtremeMc.com 2014-06-07 17:47 - 2014-06-07 17:47 - 01080944 ____C (Unity Technologies ApS) C:\Users\Have0\Downloads\UnityWebPlayer.exe 2014-06-07 17:47 - 2014-06-07 17:47 - 00000000 ___DC () C:\Users\Have0\AppData\Local\Unity 2014-06-06 16:45 - 2014-06-06 16:45 - 01333465 ____C () C:\Users\Have0\Downloads\adwcleaner_3.212.exe 2014-06-06 09:17 - 2012-01-16 17:07 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\vlc 2014-06-05 22:12 - 2013-01-16 20:48 - 00000000 ___DC () C:\Users\Have0\AppData\Roaming\Epson 2014-06-05 22:10 - 2014-06-03 21:13 - 00000000 ___DC () C:\Users\Have0\Documents\Margrita 2014-06-05 20:19 - 2014-06-05 20:19 - 00000000 ____C () C:\Users\Have0\Sti_Trace.log 2014-06-05 20:19 - 2010-02-24 21:13 - 00000000 ___DC () C:\Users\Have0 2014-05-31 11:07 - 2009-08-04 12:15 - 00720388 ____C () C:\Windows\system32\perfh013.dat 2014-05-31 11:07 - 2009-08-04 12:15 - 00143896 ____C () C:\Windows\system32\perfc013.dat 2014-05-31 11:07 - 2009-07-14 07:13 - 01604382 ____C () C:\Windows\system32\PerfStringBackup.INI 2014-05-28 20:03 - 2014-05-27 19:01 - 00000000 ___DC () C:\Users\Have0\Documents\Bram 2014-05-28 19:54 - 2014-05-06 12:30 - 00467456 ____C () C:\Users\Have0\Desktop\boekbespreking2014.ppt 2014-05-27 19:01 - 2014-05-27 19:01 - 00000000 ___DC () C:\Users\Have0\Documents\Nieuwe map 2014-05-24 09:34 - 2009-07-14 04:34 - 00000478 ____C () C:\Windows\win.ini 2014-05-23 21:14 - 2009-12-19 04:01 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-23 17:51 - 2014-05-23 17:46 - 00012208 _____ () C:\Users\Have0\Documents\Adressenlijst.xlsx 2014-05-23 15:42 - 2014-05-23 15:42 - 00009455 _____ () C:\Users\Have0\Documents\Voorbeeld emailadressen.xlsx 2014-05-23 15:38 - 2014-05-23 15:38 - 00012221 _____ () C:\Users\Have0\Desktop\Veteranen.xlsx 2014-05-23 15:36 - 2014-05-23 15:24 - 00012222 _____ () C:\Users\Have0\Documents\Veteranen.xlsx 2014-05-23 10:07 - 2010-02-24 21:14 - 00125416 ____C () C:\Users\Have0\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-23 10:06 - 2009-07-14 06:45 - 00477200 ____C () C:\Windows\system32\FNTCACHE.DAT 2014-05-22 19:27 - 2014-05-22 19:41 - 00003119 ____C () C:\Users\Have0\Desktop\Microsoft Outlook 2010.lnk 2014-05-22 19:27 - 2014-05-22 19:27 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2014-05-22 19:26 - 2009-07-14 09:45 - 00000000 ___DC () C:\Windows\ShellNew 2014-05-22 19:26 - 2009-07-14 07:32 - 00000000 ___DC () C:\Program Files (x86)\MSBuild 2014-05-22 19:24 - 2014-05-22 19:24 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Synchronization Services 2014-05-22 19:23 - 2014-05-22 19:23 - 00000000 ___DC () C:\Windows\PCHEALTH 2014-05-22 19:23 - 2010-02-24 21:18 - 00000000 ___DC () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-05-22 19:23 - 2009-12-19 03:48 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Office 2014-05-22 19:20 - 2009-07-14 05:20 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared 2014-05-22 19:18 - 2014-05-22 19:18 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Visual Studio 8 2014-05-22 19:17 - 2014-05-22 19:17 - 00000000 ___DC () C:\Program Files\Microsoft Office 2014-05-22 19:17 - 2014-05-22 19:17 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Analysis Services Some content of TEMP: ==================== C:\Users\Have0\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-08 10:20 ==================== End Of Log ============================
-
Hij sloeg daarnet wel weer vast. Zowel outlook en internet. Nu gaat het wel weer beterder maar raar dat hij daarnet vast sloeg. Kan ik wel AVG en Malware bytes anti malware gebruiken tegelijkertijd ?
-
Beste Mako, als alles is opgelost moet ik dan Adw-cleaner verwijderen, gaat het anders mis met AVG ? De fouten die u heb gezien zijn dat dan virussen ? Wat kan ik nog meer doen om mijn laptop snel te houden ? Hieronder de logfile. # AdwCleaner v3.212 - Rapport aangemaakt 20/06/2014 op 21:37:05 # Laatste Update 05/06/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium (64 bits) # Gebruikersnaam : Have0 - HAVE0-PC # Gestart vanuit : C:\Users\Have0\Desktop\adwcleaner_3.212(1).exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v30.0 (en-GB) [ Bestand : C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\prefs.js ] -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [1061 octets] - [03/05/2014 15:01:00] AdwCleaner[R1].txt - [6054 octets] - [15/05/2014 17:26:49] AdwCleaner[R2].txt - [1571 octets] - [20/05/2014 21:25:43] AdwCleaner[R3].txt - [1518 octets] - [31/05/2014 10:56:00] AdwCleaner[R4].txt - [1423 octets] - [01/06/2014 17:12:55] AdwCleaner[R5].txt - [1543 octets] - [04/06/2014 17:44:29] AdwCleaner[R6].txt - [1611 octets] - [06/06/2014 16:45:28] AdwCleaner[R7].txt - [1732 octets] - [14/06/2014 14:18:39] AdwCleaner[R8].txt - [1850 octets] - [19/06/2014 18:31:29] AdwCleaner[R9].txt - [1997 octets] - [20/06/2014 21:22:59] AdwCleaner[s0].txt - [1132 octets] - [03/05/2014 15:27:22] AdwCleaner[s1].txt - [6228 octets] - [15/05/2014 17:30:38] AdwCleaner[s2].txt - [1649 octets] - [20/05/2014 21:30:19] AdwCleaner[s3].txt - [1524 octets] - [31/05/2014 10:57:56] AdwCleaner[s4].txt - [1425 octets] - [01/06/2014 17:45:17] AdwCleaner[s5].txt - [1545 octets] - [04/06/2014 18:12:47] AdwCleaner[s6].txt - [1677 octets] - [06/06/2014 16:46:55] AdwCleaner[s7].txt - [1798 octets] - [14/06/2014 14:19:48] AdwCleaner[s8].txt - [1916 octets] - [19/06/2014 18:33:01] AdwCleaner[s9].txt - [1923 octets] - [20/06/2014 21:37:05] ########## EOF - C:\AdwCleaner\AdwCleaner[s9].txt - [1983 octets] ##########
