Ook hier groen onderstreepte advertentielinks

[AnnVR]

Manlief wilde vanmorgen snelsnel even een nieuw programma installeren, en lette niet goed op waar hij het vandaan haalde. Er kwam allerlei rommel mee, en het programma dat geïnstalleerd moest worden is er nog steeds niet.

Ondergetekende mocht dus proberen het op te lossen, maar deed dat waarschijnlijk niet op een slimme manier.

Ik heb de programma's in kwestie 'gewoon' gedesinstalleerd (lollipop en nog iets anders), en vervolgens ccleaner de registry laten schoonmaken, maar dat was niet de goede, of in elk geval niet de volledige oplossing.

Hieronder het logje van RSIT:

Alvast bedankt voor de hulp...

Logfile of random's system information tool 1.09 (written by random/random)

Run by Ann at 2014-03-17 11:49:45

Microsoft Windows 8.1

System drive C: has 1191 GB (65%) free of 1844 GB

Total RAM: 8136 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:50:02, on 17-3-2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

- - - Updated - - -

Ik probeer de log in stukjes te posten, want ik krijg volgende foutmelding als ik ze in één keer verstuur:

Fatal error: Maximum execution time of 30 seconds exceeded in /home/pchelpfor/domains/pc-helpforum.be/public_html/includes/functions.php on line 2351

Running processes:

C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

C:\Program Files\CrashPlan\CrashPlanTray.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Users\Ann\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Ann.exe

- - - Updated - - -

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

O4 - HKLM\..\Run: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

O4 - HKCU\..\Run: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

O4 - Startup: 2YourFace_Updater.lnk = C:\Users\Ann\AppData\Roaming\2YourFace\Updater.exe

O4 - Startup: Dropbox.lnk = Ann\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: original1.desktop.ini

O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe

O4 - Global Startup: Online plug-in.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: View Password (ViewPassword) - Unknown owner - C:\Program Files (x86)\View-Password-soft\ViewPassword157.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13270 bytes

- - - Updated - - -

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

"dwm.exe"

"C:\WINDOWS\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\WINDOWS\system32\nvvsvc.exe -session -first

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"

"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"

C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe /HTC:356

"C:\Program Files\CrashPlan\CrashPlanService.exe"

dashost.exe {ca4c8111-93ba-41ae-b19f589c5880835b}

"C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1

taskhostex.exe

taskeng.exe {BB806A5A-6FCC-48AF-A369-5AB3F4F53D47}

C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"

"C:\Program Files (x86)\View-Password-soft\ViewPassword157.exe"

"C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /c /a /s UserSession2

"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\EscSvc64.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8962d090-b2b7-458d-95c3-1aded5cb8da5 -SystemEventPortName:HostProcess-c79dfc65-738c-4803-9a07-1fecfa754dac -IoCancelEventPortName:HostProcess-14444212-c55b-47f9-97e0-b59075ddf025 -NonStateChangingEventPortName:HostProcess-43d35fd2-0d6a-4953-a111-58efc156ebfc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2bcb2c74-1820-48f6-9080-99000848e8ce -DeviceGroupId:WpdFsGroup

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.1.752428235\462129094" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.2.338531788\1749314081" /prefetch:673131151

- - - Updated - - -

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.3.362325315\1605579064" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.4.1359220\884784959" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.6.758366730\1540402258" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.7.830485182\1790063303" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3480.9.1525592424\789315528" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun

"C:\Program Files\CrashPlan\CrashPlanTray.exe"

"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\vssvc.exe

"C:\Users\Ann\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup

C:\WINDOWS\System32\svchost.exe -k swprv

C:\WINDOWS\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.12.1655838775\1880277863" /prefetch:673131151

- - - Updated - - -

C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.14.1998705144\376853127" /prefetch:673131151

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.17.1393537921\1658597407" /prefetch:673131151

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3480.18.400100629\1220865163" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Ann\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0" --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x124b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3165 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3480.19.300251988\1918663575" /prefetch:673131151

"C:\Users\Ann\Desktop\RSITx64.exe"

- - - Updated - - -

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\View Password Update.job

C:\WINDOWS\tasks\View Password_wd.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\ufkjpzpn.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]

"Description"=Microsoft Lync Plug-in for Firefox

"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf]

"Description"=Handles PDF files in place in the browser

"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf]

"Description"=Handles PDF files in place in the browser

"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll

C:\Program Files (x86)\Mozilla Firefox\components\

IICAClient.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

CCMSDK.dll

cgpcfg.dll

CgpCore.dll

confmgr.dll

ctxlogging.dll

ctxmui.dll

ICAClObj.class

icafile.dll

icalogon.dll

npicaN.dll

npMeetingJoinPluginOC.dll

sslsdk_b.dll

TcpPServ.dll

C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\ufkjpzpn.default\extensions\

en-US@dictionaries.addons.mozilla.org

support@lastpass.com

======Registry dump======

- - - Updated - - -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2013-11-02 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A6CAA2-533D-4AED-9E05-8EB19A4021AB}]

ExplorerWatcher Class - C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23 201216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]

E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28 238656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-11-15 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28 238656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Fitbit Connect"=C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [2014-01-10 3362336]

"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-02-20 6161176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2012-04-02 1058912]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-02-03 2092032]

"Fitbit Connect"=C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [2014-01-10 3362336]

"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2012-03-28 309184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

CrashPlan Tray.lnk - C:\Program Files\CrashPlan\CrashPlanTray.exe

Online plug-in.lnk - C:\WINDOWS\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe

- - - Updated - - -

C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2YourFace_Updater.lnk - C:\Users\Ann\AppData\Roaming\2YourFace\Updater.exe

Dropbox.lnk - C:\Users\Ann\AppData\Roaming\Dropbox\bin\Dropbox.exe

original1.desktop.ini

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

- - - Updated - - -

C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2YourFace_Updater.lnk - C:\Users\Ann\AppData\Roaming\2YourFace\Updater.exe

Dropbox.lnk - C:\Users\Ann\AppData\Roaming\Dropbox\bin\Dropbox.exe

original1.desktop.ini

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

- - - Updated - - -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

- - - Updated - - -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[AnnVR]

Vervolg logfile:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

- - - Updated - - -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"EnableUIADesktopToggle"=0

"EnableCursorSuppression"=1

"ConsentPromptBehaviorUser"=3

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ForceActiveDesktopOn"=0

"NoActiveDesktopChanges"=1

"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.yuy2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"vidc.yvyu"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"vidc.uyvy"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-17 11:49:45 ----D---- C:\rsit

2014-03-17 11:49:45 ----D---- C:\Program Files\trend micro

2014-03-17 10:59:49 ----D---- C:\Program Files\CCleaner

2014-03-17 08:46:00 ----D---- C:\ProgramData\TEMP

2014-03-17 08:40:28 ----D---- C:\Program Files (x86)\View-Password-soft

2014-03-14 08:38:52 ----SHD---- C:\Config.Msi

2014-03-14 07:58:21 ----A---- C:\WINDOWS\system32\winload.exe

2014-03-14 07:58:19 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-03-14 07:58:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2014-03-14 07:58:12 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-03-14 07:58:09 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2014-03-14 07:58:08 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-03-14 07:58:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\wininet.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2014-03-14 07:58:01 ----A---- C:\WINDOWS\system32\sppsvc.exe

2014-03-14 07:57:59 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll

2014-03-14 07:57:59 ----A---- C:\WINDOWS\system32\mstscax.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\SYSWOW64\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\system32\kernel32.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbghelp.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\swprv.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\mfps.dll

2014-03-14 07:57:47 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\sppcomapi.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys

2014-03-14 07:57:40 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\win32k.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\qedit.dll

2014-03-12 19:54:01 ----D---- C:\Program Files\Common Files\DESIGNER

2014-03-12 19:53:31 ----D---- C:\Program Files\Microsoft.NET

2014-03-12 19:53:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server

2014-03-12 19:52:55 ----D---- C:\WINDOWS\PCHEALTH

2014-03-12 19:52:55 ----D---- C:\Program Files\Microsoft SQL Server

2014-03-12 19:49:52 ----D---- C:\Program Files\Microsoft Analysis Services

2014-03-12 19:49:52 ----D---- C:\Program Files (x86)\Microsoft Analysis Services

2014-03-12 19:49:47 ----D---- C:\Program Files (x86)\Microsoft Office

2014-03-12 19:49:44 ----D---- C:\Program Files\Microsoft Office

2014-03-12 19:49:43 ----D---- C:\ProgramData\Microsoft Help

2014-03-12 19:49:36 ----RHD---- C:\MSOCache

2014-03-12 19:40:00 ----D---- C:\Users\Ann\AppData\Roaming\e-academy Inc

2014-03-12 14:27:49 ----D---- C:\Program Files\office.tmp

2014-02-27 20:12:11 ----D---- C:\ProgramData\Citrix

2014-02-27 20:11:38 ----D---- C:\Program Files (x86)\Citrix

2014-02-24 14:04:11 ----D---- C:\ProgramData\FitbitConnect

2014-02-24 14:04:11 ----D---- C:\Program Files (x86)\Fitbit Connect

2014-02-23 19:19:34 ----D---- C:\Program Files (x86)\Scrivener

2014-02-23 19:15:13 ----D---- C:\Program Files (x86)\Scapple

2014-02-23 18:26:25 ----D---- C:\Program Files (x86)\Clover

2014-02-23 17:33:35 ----D---- C:\Users\Ann\AppData\Roaming\PDF Writer

2014-02-23 17:33:35 ----D---- C:\ProgramData\PDF Writer

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzpdfc.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzFlRdr.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzDCT.dll

2014-02-23 17:33:33 ----D---- C:\Program Files\Common Files\Bullzip

2014-02-23 17:33:29 ----D---- C:\Program Files\Bullzip

2014-02-19 22:19:13 ----D---- C:\Users\Ann\AppData\Roaming\DropboxMaster

======List of files/folders modified in the last 1 month======

- - - Updated - - -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"EnableUIADesktopToggle"=0

"EnableCursorSuppression"=1

"ConsentPromptBehaviorUser"=3

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ForceActiveDesktopOn"=0

"NoActiveDesktopChanges"=1

"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.yuy2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"vidc.yvyu"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"vidc.uyvy"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-17 11:49:45 ----D---- C:\rsit

2014-03-17 11:49:45 ----D---- C:\Program Files\trend micro

2014-03-17 10:59:49 ----D---- C:\Program Files\CCleaner

2014-03-17 08:46:00 ----D---- C:\ProgramData\TEMP

2014-03-17 08:40:28 ----D---- C:\Program Files (x86)\View-Password-soft

2014-03-14 08:38:52 ----SHD---- C:\Config.Msi

2014-03-14 07:58:21 ----A---- C:\WINDOWS\system32\winload.exe

2014-03-14 07:58:19 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-03-14 07:58:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2014-03-14 07:58:12 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-03-14 07:58:09 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2014-03-14 07:58:08 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-03-14 07:58:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\wininet.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2014-03-14 07:58:01 ----A---- C:\WINDOWS\system32\sppsvc.exe

2014-03-14 07:57:59 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll

2014-03-14 07:57:59 ----A---- C:\WINDOWS\system32\mstscax.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\SYSWOW64\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\system32\kernel32.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbghelp.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\swprv.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\mfps.dll

2014-03-14 07:57:47 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\sppcomapi.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys

2014-03-14 07:57:40 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\win32k.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\qedit.dll

2014-03-12 19:54:01 ----D---- C:\Program Files\Common Files\DESIGNER

2014-03-12 19:53:31 ----D---- C:\Program Files\Microsoft.NET

2014-03-12 19:53:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server

2014-03-12 19:52:55 ----D---- C:\WINDOWS\PCHEALTH

2014-03-12 19:52:55 ----D---- C:\Program Files\Microsoft SQL Server

2014-03-12 19:49:52 ----D---- C:\Program Files\Microsoft Analysis Services

2014-03-12 19:49:52 ----D---- C:\Program Files (x86)\Microsoft Analysis Services

2014-03-12 19:49:47 ----D---- C:\Program Files (x86)\Microsoft Office

2014-03-12 19:49:44 ----D---- C:\Program Files\Microsoft Office

2014-03-12 19:49:43 ----D---- C:\ProgramData\Microsoft Help

2014-03-12 19:49:36 ----RHD---- C:\MSOCache

2014-03-12 19:40:00 ----D---- C:\Users\Ann\AppData\Roaming\e-academy Inc

2014-03-12 14:27:49 ----D---- C:\Program Files\office.tmp

2014-02-27 20:12:11 ----D---- C:\ProgramData\Citrix

2014-02-27 20:11:38 ----D---- C:\Program Files (x86)\Citrix

2014-02-24 14:04:11 ----D---- C:\ProgramData\FitbitConnect

2014-02-24 14:04:11 ----D---- C:\Program Files (x86)\Fitbit Connect

2014-02-23 19:19:34 ----D---- C:\Program Files (x86)\Scrivener

2014-02-23 19:15:13 ----D---- C:\Program Files (x86)\Scapple

2014-02-23 18:26:25 ----D---- C:\Program Files (x86)\Clover

2014-02-23 17:33:35 ----D---- C:\Users\Ann\AppData\Roaming\PDF Writer

2014-02-23 17:33:35 ----D---- C:\ProgramData\PDF Writer

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzpdfc.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzFlRdr.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzDCT.dll

2014-02-23 17:33:33 ----D---- C:\Program Files\Common Files\Bullzip

2014-02-23 17:33:29 ----D---- C:\Program Files\Bullzip

2014-02-19 22:19:13 ----D---- C:\Users\Ann\AppData\Roaming\DropboxMaster

======List of files/folders modified in the last 1 month======

- - - Updated - - -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"EnableUIADesktopToggle"=0

"EnableCursorSuppression"=1

"ConsentPromptBehaviorUser"=3

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ForceActiveDesktopOn"=0

"NoActiveDesktopChanges"=1

"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.yuy2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"vidc.yvyu"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"vidc.uyvy"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-17 11:49:45 ----D---- C:\rsit

2014-03-17 11:49:45 ----D---- C:\Program Files\trend micro

2014-03-17 10:59:49 ----D---- C:\Program Files\CCleaner

2014-03-17 08:46:00 ----D---- C:\ProgramData\TEMP

2014-03-17 08:40:28 ----D---- C:\Program Files (x86)\View-Password-soft

2014-03-14 08:38:52 ----SHD---- C:\Config.Msi

2014-03-14 07:58:21 ----A---- C:\WINDOWS\system32\winload.exe

2014-03-14 07:58:19 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-03-14 07:58:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2014-03-14 07:58:12 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-03-14 07:58:09 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2014-03-14 07:58:08 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-03-14 07:58:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\wininet.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\jscript9.dll

2014-03-14 07:58:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-03-14 07:58:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2014-03-14 07:58:01 ----A---- C:\WINDOWS\system32\sppsvc.exe

2014-03-14 07:57:59 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll

2014-03-14 07:57:59 ----A---- C:\WINDOWS\system32\mstscax.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll

2014-03-14 07:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys

2014-03-14 07:57:57 ----A---- C:\WINDOWS\system32\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\SYSWOW64\combase.dll

2014-03-14 07:57:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll

2014-03-14 07:57:50 ----A---- C:\WINDOWS\system32\kernel32.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\Faultrep.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbghelp.dll

2014-03-14 07:57:49 ----A---- C:\WINDOWS\system32\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\WerFault.exe

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\swprv.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\rdpencom.dll

2014-03-14 07:57:48 ----A---- C:\WINDOWS\system32\mfps.dll

2014-03-14 07:57:47 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\tsgqec.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\sppcomapi.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\rdvidcrl.dll

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE

2014-03-14 07:57:46 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys

2014-03-14 07:57:40 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys

2014-03-14 07:57:39 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\win32k.sys

2014-03-14 07:57:37 ----A---- C:\WINDOWS\system32\qedit.dll

2014-03-12 19:54:01 ----D---- C:\Program Files\Common Files\DESIGNER

2014-03-12 19:53:31 ----D---- C:\Program Files\Microsoft.NET

2014-03-12 19:53:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server

2014-03-12 19:52:55 ----D---- C:\WINDOWS\PCHEALTH

2014-03-12 19:52:55 ----D---- C:\Program Files\Microsoft SQL Server

2014-03-12 19:49:52 ----D---- C:\Program Files\Microsoft Analysis Services

2014-03-12 19:49:52 ----D---- C:\Program Files (x86)\Microsoft Analysis Services

2014-03-12 19:49:47 ----D---- C:\Program Files (x86)\Microsoft Office

2014-03-12 19:49:44 ----D---- C:\Program Files\Microsoft Office

2014-03-12 19:49:43 ----D---- C:\ProgramData\Microsoft Help

2014-03-12 19:49:36 ----RHD---- C:\MSOCache

2014-03-12 19:40:00 ----D---- C:\Users\Ann\AppData\Roaming\e-academy Inc

2014-03-12 14:27:49 ----D---- C:\Program Files\office.tmp

2014-02-27 20:12:11 ----D---- C:\ProgramData\Citrix

2014-02-27 20:11:38 ----D---- C:\Program Files (x86)\Citrix

2014-02-24 14:04:11 ----D---- C:\ProgramData\FitbitConnect

2014-02-24 14:04:11 ----D---- C:\Program Files (x86)\Fitbit Connect

2014-02-23 19:19:34 ----D---- C:\Program Files (x86)\Scrivener

2014-02-23 19:15:13 ----D---- C:\Program Files (x86)\Scapple

2014-02-23 18:26:25 ----D---- C:\Program Files (x86)\Clover

2014-02-23 17:33:35 ----D---- C:\Users\Ann\AppData\Roaming\PDF Writer

2014-02-23 17:33:35 ----D---- C:\ProgramData\PDF Writer

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzpdfc.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzFlRdr.dll

2014-02-23 17:33:35 ----A---- C:\WINDOWS\SYSWOW64\bzDCT.dll

2014-02-23 17:33:33 ----D---- C:\Program Files\Common Files\Bullzip

2014-02-23 17:33:29 ----D---- C:\Program Files\Bullzip

2014-02-19 22:19:13 ----D---- C:\Users\Ann\AppData\Roaming\DropboxMaster

======List of files/folders modified in the last 1 month======

- - - Updated - - -

2014-03-17 11:49:45 ----RD---- C:\Program Files

2014-03-17 11:49:30 ----D---- C:\WINDOWS\Prefetch

2014-03-17 11:49:18 ----D---- C:\WINDOWS\Temp

2014-03-17 11:46:55 ----RD---- C:\WINDOWS\System32

2014-03-17 11:46:55 ----D---- C:\WINDOWS\Inf

2014-03-17 11:46:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2014-03-17 11:45:01 ----SHD---- C:\System Volume Information

2014-03-17 11:43:47 ----D---- C:\Users\Ann\AppData\Roaming\Dropbox

2014-03-17 11:41:03 ----D---- C:\Windows

2014-03-17 11:41:01 ----D---- C:\ProgramData\NVIDIA

2014-03-17 11:38:41 ----SHD---- C:\WINDOWS\Installer

2014-03-17 11:02:20 ----DC---- C:\WINDOWS\Panther

2014-03-17 11:02:20 ----D---- C:\WINDOWS\SoftwareDistribution

2014-03-17 11:02:20 ----D---- C:\WINDOWS\Logs

2014-03-17 11:02:20 ----D---- C:\WINDOWS\debug

2014-03-17 11:00:02 ----D---- C:\WINDOWS\system32\sru

2014-03-17 10:59:52 ----D---- C:\WINDOWS\system32\Tasks

2014-03-17 10:56:14 ----RD---- C:\Program Files (x86)

2014-03-17 10:19:41 ----D---- C:\WINDOWS\system32\FxsTmp

2014-03-17 10:13:21 ----D---- C:\WINDOWS\AppReadiness

2014-03-17 08:46:00 ----HD---- C:\ProgramData

2014-03-17 08:40:31 ----D---- C:\WINDOWS\Tasks

2014-03-17 08:39:38 ----RSD---- C:\WINDOWS\assembly

2014-03-17 05:45:01 ----D---- C:\WINDOWS\Microsoft.NET

2014-03-16 12:05:03 ----D---- C:\WINDOWS\rescache

2014-03-16 10:54:05 ----D---- C:\WINDOWS\system32\config

2014-03-16 10:42:21 ----D---- C:\WINDOWS\WinSxS

2014-03-16 10:42:19 ----D---- C:\WINDOWS\SysWOW64

2014-03-16 10:38:41 ----D---- C:\WINDOWS\system32\drivers

2014-03-16 10:38:40 ----D---- C:\Program Files\Windows Defender

2014-03-16 10:38:40 ----D---- C:\Program Files (x86)\Windows Defender

2014-03-16 10:38:35 ----D---- C:\WINDOWS\system32\Boot

2014-03-16 10:38:35 ----D---- C:\Program Files\Internet Explorer

2014-03-16 10:38:35 ----D---- C:\Program Files (x86)\Internet Explorer

2014-03-16 10:38:34 ----D---- C:\WINDOWS\system32\DriverStore

2014-03-15 15:45:23 ----D---- C:\WINDOWS\CbsTemp

2014-03-14 20:25:57 ----HD---- C:\Program Files\WindowsApps

2014-03-14 08:47:54 ----A---- C:\WINDOWS\win.ini

2014-03-12 19:54:14 ----D---- C:\WINDOWS\ShellNew

2014-03-12 19:54:11 ----D---- C:\Program Files\Common Files\microsoft shared

2014-03-12 19:54:01 ----D---- C:\Program Files\Common Files

2014-03-12 19:53:31 ----D---- C:\Program Files (x86)\Microsoft.NET

2014-03-12 19:53:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft

2014-03-12 19:50:21 ----D---- C:\Program Files\Common Files\System

2014-03-08 13:55:08 ----RD---- C:\Users

2014-03-06 16:36:01 ----D---- C:\Users\Ann\AppData\Roaming\foobar2000

2014-03-06 07:48:31 ----D---- C:\WINDOWS\system32\LogFiles

2014-03-04 23:53:04 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

2014-03-02 08:37:59 ----SD---- C:\Users\Ann\AppData\Roaming\Microsoft

2014-02-27 20:11:40 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-25 17:45:55 ----D---- C:\Program Files\CrashPlan

2014-02-23 19:00:41 ----D---- C:\Program Files (x86)\Epson Software

2014-02-23 17:21:42 ----D---- C:\ProgramData\EPSON

2014-02-19 19:49:33 ----SHD---- C:\$Recycle.Bin

2014-02-19 10:33:34 ----D---- C:\Program Files (x86)\Google

- - - Updated - - -

2014-03-17 11:49:45 ----RD---- C:\Program Files

2014-03-17 11:49:30 ----D---- C:\WINDOWS\Prefetch

2014-03-17 11:49:18 ----D---- C:\WINDOWS\Temp

2014-03-17 11:46:55 ----RD---- C:\WINDOWS\System32

2014-03-17 11:46:55 ----D---- C:\WINDOWS\Inf

2014-03-17 11:46:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2014-03-17 11:45:01 ----SHD---- C:\System Volume Information

2014-03-17 11:43:47 ----D---- C:\Users\Ann\AppData\Roaming\Dropbox

2014-03-17 11:41:03 ----D---- C:\Windows

2014-03-17 11:41:01 ----D---- C:\ProgramData\NVIDIA

2014-03-17 11:38:41 ----SHD---- C:\WINDOWS\Installer

2014-03-17 11:02:20 ----DC---- C:\WINDOWS\Panther

2014-03-17 11:02:20 ----D---- C:\WINDOWS\SoftwareDistribution

2014-03-17 11:02:20 ----D---- C:\WINDOWS\Logs

2014-03-17 11:02:20 ----D---- C:\WINDOWS\debug

2014-03-17 11:00:02 ----D---- C:\WINDOWS\system32\sru

2014-03-17 10:59:52 ----D---- C:\WINDOWS\system32\Tasks

2014-03-17 10:56:14 ----RD---- C:\Program Files (x86)

2014-03-17 10:19:41 ----D---- C:\WINDOWS\system32\FxsTmp

2014-03-17 10:13:21 ----D---- C:\WINDOWS\AppReadiness

2014-03-17 08:46:00 ----HD---- C:\ProgramData

2014-03-17 08:40:31 ----D---- C:\WINDOWS\Tasks

2014-03-17 08:39:38 ----RSD---- C:\WINDOWS\assembly

2014-03-17 05:45:01 ----D---- C:\WINDOWS\Microsoft.NET

2014-03-16 12:05:03 ----D---- C:\WINDOWS\rescache

2014-03-16 10:54:05 ----D---- C:\WINDOWS\system32\config

2014-03-16 10:42:21 ----D---- C:\WINDOWS\WinSxS

2014-03-16 10:42:19 ----D---- C:\WINDOWS\SysWOW64

2014-03-16 10:38:41 ----D---- C:\WINDOWS\system32\drivers

2014-03-16 10:38:40 ----D---- C:\Program Files\Windows Defender

2014-03-16 10:38:40 ----D---- C:\Program Files (x86)\Windows Defender

2014-03-16 10:38:35 ----D---- C:\WINDOWS\system32\Boot

2014-03-16 10:38:35 ----D---- C:\Program Files\Internet Explorer

2014-03-16 10:38:35 ----D---- C:\Program Files (x86)\Internet Explorer

2014-03-16 10:38:34 ----D---- C:\WINDOWS\system32\DriverStore

2014-03-15 15:45:23 ----D---- C:\WINDOWS\CbsTemp

2014-03-14 20:25:57 ----HD---- C:\Program Files\WindowsApps

2014-03-14 08:47:54 ----A---- C:\WINDOWS\win.ini

2014-03-12 19:54:14 ----D---- C:\WINDOWS\ShellNew

2014-03-12 19:54:11 ----D---- C:\Program Files\Common Files\microsoft shared

2014-03-12 19:54:01 ----D---- C:\Program Files\Common Files

2014-03-12 19:53:31 ----D---- C:\Program Files (x86)\Microsoft.NET

2014-03-12 19:53:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft

2014-03-12 19:50:21 ----D---- C:\Program Files\Common Files\System

2014-03-08 13:55:08 ----RD---- C:\Users

2014-03-06 16:36:01 ----D---- C:\Users\Ann\AppData\Roaming\foobar2000

2014-03-06 07:48:31 ----D---- C:\WINDOWS\system32\LogFiles

2014-03-04 23:53:04 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

2014-03-02 08:37:59 ----SD---- C:\Users\Ann\AppData\Roaming\Microsoft

2014-02-27 20:11:40 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-25 17:45:55 ----D---- C:\Program Files\CrashPlan

2014-02-23 19:00:41 ----D---- C:\Program Files (x86)\Epson Software

2014-02-23 17:21:42 ----D---- C:\ProgramData\EPSON

2014-02-19 19:49:33 ----SHD---- C:\$Recycle.Bin

2014-02-19 10:33:34 ----D---- C:\Program Files (x86)\Google

- - - Updated - - -

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\WINDOWS\System32\drivers\ACPI.sys [2013-11-14 523096]

R0 acpiex;Microsoft ACPIEx Driver; C:\WINDOWS\System32\Drivers\acpiex.sys [2013-08-22 79712]

R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\WINDOWS\System32\drivers\CLFS.sys [2013-08-22 377696]

R0 CNG;CNG; C:\WINDOWS\System32\Drivers\cng.sys [2013-08-22 564520]

R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\WINDOWS\System32\drivers\disk.sys [2013-08-22 100192]

R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\WINDOWS\System32\drivers\fileinfo.sys [2013-08-22 79200]

R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\WINDOWS\system32\drivers\fltmgr.sys [2013-08-22 358752]

R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\WINDOWS\System32\DRIVERS\fvevol.sys [2013-11-14 579416]

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]

R0 intelpep;@intelpep.inf,%INTELPEP.SVCDESC%;Intel® Power Engine Plug-in Driver; C:\WINDOWS\System32\drivers\intelpep.sys [2014-02-14 39768]

R0 KSecDD;KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [2013-11-14 101208]

R0 KSecPkg;KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [2013-08-22 192864]

R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\WINDOWS\System32\drivers\mountmgr.sys [2013-08-22 101728]

R0 msisadrv;msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [2013-08-22 17248]

R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\WINDOWS\System32\Drivers\mup.sys [2013-08-22 78688]

R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\WINDOWS\system32\drivers\ndis.sys [2014-02-14 1119064]

R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\WINDOWS\System32\drivers\partmgr.sys [2013-08-22 88928]

R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus-stuurprogramma; C:\WINDOWS\System32\drivers\pci.sys [2013-08-22 285536]

R0 pcw;Performance Counters for Windows Driver; C:\WINDOWS\System32\drivers\pcw.sys [2013-08-22 50016]

R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\WINDOWS\system32\drivers\pdc.sys [2014-02-14 86872]

R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2013-11-14 258904]

R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\WINDOWS\System32\drivers\spaceport.sys [2014-02-14 372568]

R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [2013-09-10 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]

R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\WINDOWS\System32\drivers\tcpip.sys [2014-01-29 2543960]

R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\WINDOWS\System32\drivers\vdrvroot.sys [2013-08-22 37728]

R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\WINDOWS\System32\drivers\volmgr.sys [2013-08-22 73568]

R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\WINDOWS\System32\drivers\volmgrx.sys [2013-08-22 377696]

R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\WINDOWS\System32\drivers\volsnap.sys [2014-01-31 311640]

R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\WINDOWS\system32\drivers\Wdf01000.sys [2013-08-22 839488]

R0 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\WINDOWS\system32\drivers\WdFilter.sys [2013-10-31 236888]

R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\WINDOWS\system32\DRIVERS\wfplwfs.sys [2013-11-14 136536]

R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\WINDOWS\system32\drivers\afd.sys [2013-08-22 567296]

R1 ahcache;@%systemroot%\system32\drivers\ahcache.sys,-102; C:\WINDOWS\system32\DRIVERS\ahcache.sys [2013-08-22 76800]

R1 BasicDisplay;BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [2013-08-22 50688]

R1 BasicRender;BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [2013-08-22 33792]

R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2013-08-22 7680]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-01-21 1526488]

R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1501000.012\ccSetx64.sys [2013-09-26 162392]

R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\WINDOWS\System32\drivers\cdrom.sys [2013-08-22 164352]

R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]

R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\WINDOWS\System32\Drivers\dfsc.sys [2013-08-22 134656]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-02-12 484952]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140314.001\IDSvia64.sys [2014-03-06 524504]

R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2013-08-22 30208]

R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\WINDOWS\System32\drivers\mssmbios.sys [2013-08-22 37728]

R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2013-08-22 48128]

R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\WINDOWS\System32\DRIVERS\netbt.sys [2013-08-22 282624]

R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2013-08-22 58880]

R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\WINDOWS\System32\drivers\npsvctrig.sys [2013-08-22 23040]

R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\WINDOWS\system32\drivers\nsiproxy.sys [2013-08-22 39936]

R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2013-08-22 5632]

R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\WINDOWS\system32\DRIVERS\pacer.sys [2013-08-22 151552]

R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2013-08-22 408576]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]

R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NISx64\1501000.012\Ironx64.SYS [2013-09-27 264280]

R1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [2013-09-26 590936]

R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\WINDOWS\system32\DRIVERS\tdx.sys [2013-08-22 107520]

R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\WINDOWS\system32\DRIVERS\lltdio.sys [2013-08-22 59392]

R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\WINDOWS\system32\drivers\luafv.sys [2013-08-22 123904]

R2 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys [2013-08-22 283648]

R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\WINDOWS\system32\drivers\Ndu.sys [2013-08-22 103424]

R2 PEAUTH;PEAUTH; C:\WINDOWS\system32\drivers\peauth.sys [2013-08-22 663040]

R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2013-08-22 80384]

R2 secdrv;Security Driver; C:\WINDOWS\system32\drivers\secdrv.sys [2013-08-22 23040]

R2 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\WINDOWS\System32\DRIVERS\srv.sys [2013-11-14 454656]

R2 tcpipreg;TCP/IP Registry Compatibility; C:\WINDOWS\System32\drivers\tcpipreg.sys [2013-08-22 48640]

R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\WINDOWS\system32\DRIVERS\bowser.sys [2013-08-22 102912]

R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\WINDOWS\System32\drivers\CompositeBus.sys [2013-08-22 36352]

R3 condrv;Console Driver; C:\WINDOWS\System32\drivers\condrv.sys [2013-08-22 43008]

R3 DXGKrnl;LDDM Graphics Subsystem; C:\WINDOWS\System32\drivers\dxgkrnl.sys [2014-02-14 1530200]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-02-12 137648]

R3 fastfat;FAT12/16/32 File System Driver; C:\WINDOWS\system32\drivers\fastfat.sys [2013-08-22 217952]

R3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\WINDOWS\system32\drivers\HdAudio.sys [2013-08-22 395776]

R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\drivers\HDAudBus.sys [2013-08-22 78336]

R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\WINDOWS\System32\drivers\hidusb.sys [2013-08-22 33792]

R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\WINDOWS\system32\drivers\HTTP.sys [2013-08-22 994144]

R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\WINDOWS\System32\drivers\intelppm.sys [2013-08-22 98816]

R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Stuurprogramma voor verschillende toetsenbordtypen; C:\WINDOWS\System32\drivers\kbdclass.sys [2013-08-22 58208]

R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\WINDOWS\System32\drivers\kbdhid.sys [2013-08-22 32256]

R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft-netwerkminipoort voor kernelfoutopsporing (NDIS 6.20); C:\WINDOWS\system32\DRIVERS\kdnic.sys [2013-08-22 19456]

R3 ksthunk;Kernel Streaming Thunks; C:\WINDOWS\system32\drivers\ksthunk.sys [2013-08-22 21248]

R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\WINDOWS\System32\drivers\monitor.sys [2013-08-22 30208]

R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Stuurprogramma voor muistypen; C:\WINDOWS\System32\drivers\mouclass.sys [2013-08-22 51040]

R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\WINDOWS\System32\drivers\mouhid.sys [2013-08-22 30208]

R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\WINDOWS\System32\drivers\mpsdrv.sys [2013-08-22 74240]

R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2014-02-14 403456]

R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys [2013-11-14 207360]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140316.022\ENG64.SYS [2014-02-12 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140316.022\EX64.SYS [2014-02-12 2099288]

R3 NdisVirtualBus;@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-08-22 16384]

R3 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2013-08-22 2011488]

R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-10-28 12572960]

R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\WINDOWS\System32\drivers\rdpbus.sys [2013-08-22 22528]

R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [2013-09-27 858200]

R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\WINDOWS\System32\DRIVERS\srv2.sys [2013-11-14 675328]

R3 srvnet;srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [2013-11-14 244224]

R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\WINDOWS\System32\drivers\swenum.sys [2013-08-22 14176]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-02-12 177752]

R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\WINDOWS\system32\DRIVERS\tunnel.sys [2013-08-22 154112]

R3 UCX01000;USB Controller Extension; C:\WINDOWS\System32\drivers\ucx01000.sys [2013-08-22 189792]

R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\WINDOWS\System32\drivers\umbus.sys [2013-08-22 46080]

R3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass-stuurprogramma; C:\WINDOWS\System32\drivers\umpass.sys [2013-08-22 11776]

R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft algemeen hoofd-USB-stuurprogramma; C:\WINDOWS\System32\drivers\usbccgp.sys [2013-11-14 155480]

R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbehci.sys [2013-08-22 89952]

R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\drivers\usbhub.sys [2013-08-22 422240]

R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\WINDOWS\System32\drivers\UsbHub3.sys [2013-11-14 467800]

R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\WINDOWS\System32\drivers\USBSTOR.SYS [2014-02-14 142680]

R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\USBXHCI.SYS [2014-02-14 325464]

R3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\WINDOWS\System32\drivers\WpdUpFltr.sys [2013-08-22 26976]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\WINDOWS\system32\drivers\WudfPf.sys [2013-08-22 117760]

R3 WUDFRd;@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-08-22 230912]

R3 WUDFWpdFs;WUDFWpdFs; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2013-08-22 230912]

S0 3ware;3ware; C:\WINDOWS\System32\drivers\3ware.sys [2013-08-22 108896]

S0 ADP80XX;ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [2013-08-22 782176]

S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\WINDOWS\System32\drivers\agp440.sys [2013-08-22 62304]

S0 amdsata;amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [2013-08-22 79200]

S0 amdsbs;amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [2013-08-22 259424]

S0 amdxata;amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [2013-08-22 25952]

S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver; C:\WINDOWS\System32\drivers\arcsas.sys [2013-08-22 114016]

[AnnVR]

Beste mensen,

Mijn excuses voor het geknoei in een vorige post.

Mijn probleem is nog helemaal niet opgelost, maar omdat ik voortdurend time-outs kreeg tijdens mijn pogingen het logje te posten, heb ik in the cloud opgeslagen en geef hieronder de link.

Mijn probleem:

Manlief wilde vanmorgen snelsnel even een nieuw programma installeren, en lette niet goed op waar hij het vandaan haalde. Er kwam allerlei rommel mee, en het programma dat geïnstalleerd moest worden is er nog steeds niet.

Ondergetekende mocht dus proberen het op te lossen, maar deed dat waarschijnlijk niet op een slimme manier.

Ik heb de programma's in kwestie 'gewoon' gedesinstalleerd (lollipop en nog iets anders), en vervolgens ccleaner de registry laten schoonmaken, maar dat was niet de goede, of in elk geval niet de volledige oplossing.

Ik heb de log opgeslagen in mijn google-drive, en geef hieronder de link. Het bleek onmogelijk die in één keer te posten, en door een paar vergissingen blijken delen in een vorig topic dan ook dubbel te zijn overgenomen.

https://drive.google.com/file/d/0BzOPIS5j0PL4UHI0VU0zZHBiMlU/edit?usp=sharing

Bij voorbaat dank voor de hulp

- - - Updated - - -

En ik merk dat ik de log ook 'gewoon' kan meesturen, bij deze dus.

log.txt

[iEscape]

@ AnnVR,

Uw berichten zijn samengevoegd.

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[AnnVR]

Hierbij het logje...

zoek-results.txt

[kape]

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.
  

[AnnVR]

En weer een logje... (De groene linkjes en pop-ups zijn er overigens nog steeds)

Ik zie overigens wel, dat hiermee de oorspronkelijke boosdoener verwijderd is:

C:\Users\jos2\Downloads\Gadwin PrintScreen.exe

Ipv op de officiële site, had m'n man de exe elders gedownload...

mbam-log-2014-03-18 (14-08-38).txt

18 maart 2014 aangepast door AnnVR

[kape]

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

Kopieer en plak de inhoud van dit logje in je volgende bericht.

[AnnVR]

Toen ik zag dat één van de risico's die gevonden waren 'OpenCandy' heette had ik goeie hoop... Eén van de 'probleemprogjes' die ik in het begin verwijderde heette immers Lollipop... Maar ook na herstarten blijven er popup vensters en groene links opduiken...

Hierbij het logje...

Overigens hierboven werd aangegeven: 'Je mag het venster sluiten wanneer de scan klaar is.' In dat venster kon nog aangevinkt worden (weet niet meer de exacte bewoordingen), dat bij afsluiten ook de quarantaine kon geleegd worden (of iets dergelijks). Ik heb niets anders gedaan dan het venster afsluiten...

Esetlog.txt