Ga naar inhoud

Problemen laptop


Aanbevolen berichten

Hallo,

 

Laptop doet laatste vreemd. Vooral problemen met muis, indien ik één maal klik doet hij 2 maal open, of wil tekst niet selecteren etc. Denk niet dat het hardware-matig is. Soms ook pop-ups. Alvast bedankt voor de hulp!

 

Mvg,

Peter

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Yasser at 2015-03-18 09:14:19
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 178 GB (26%) free of 686 GB
Total RAM: 7658 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:14:22, on 18/03/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files\trend micro\Yasser.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hpqtra08.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18240 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
atieclxx
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e81d8a4a-8c97-4524-8932-89e7f94e83b4 -SystemEventPortName:HostProcess-6362f030-d613-4c10-baa1-cc5c673c3805 -IoCancelEventPortName:HostProcess-51701b4c-c189-4574-8489-71b860f9b58f -NonStateChangingEventPortName:HostProcess-e1254ba9-1235-40e2-afa1-df3204d8eb3f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:be8a82c4-83d8-4d5f-90a2-a819b9944d7e -DeviceGroupId:
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2586752
\??\C:\Windows\system32\conhost.exe "-1878981411-77439889318673016581467256439860910191887281232-647005612-901630091
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe" -PermissionManagerRun
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3640
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
"C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe" -e5
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3300 series#1381079781" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8252.22bda8a0.1011274203 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 8252 "\\.\pipe\gecko-crash-server-pipe.8252" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash9132.60690BB8.25427 --host-broker-channel=Flash9132.60690BB8.29511 --host-pid=9132 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=4176.0044F724.1658560481 --proxy-stub-channel=Flash9132.60690BB8.25427 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=28 --type=renderer
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /SHOWPROCMON
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Yasser\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe  /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c.job - C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForYasser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe  HPCeeScheduleForYasser (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://www.google.be/"
prefs.js - "keyword.URL" -  ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}]
Virtual Storage Mount Notification - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26 1763656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}]
Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll [2011-12-02 158224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-17 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26 1613640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-29 1425408]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LaCie Desktop Manager Startup"=C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe [2012-10-10 3460608]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-26 1514040]
"Google Update"=C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray]
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-11 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\Yasser\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2015-02-13 3754312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault]
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-09-30 43320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Yasser\AppData\Roaming\Spotify\Spotify.exe [2014-11-26 6553144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Yasser\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-26 1514040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-28 343168]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-10-08 169528]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll [2011-12-02 191504]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave4"=wdmaud.drv
"aux5"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-14 01:54:32 ----A---- C:\Windows\SYSWOW64\sho3896.tmp
2015-03-13 22:26:58 ----A---- C:\Windows\system32\drivers\PSKMAD.sys
2015-03-13 22:26:22 ----D---- C:\Users\Yasser\AppData\Roaming\Panda Security
2015-03-13 22:25:44 ----D---- C:\Program Files (x86)\Panda Security
2015-03-13 22:25:12 ----D---- C:\ProgramData\Panda Security
2015-03-10 21:31:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-10 21:31:11 ----A---- C:\Windows\system32\lpk.dll
2015-03-10 21:31:11 ----A---- C:\Windows\system32\atmfd.dll
2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-10 21:31:10 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-10 21:31:10 ----A---- C:\Windows\system32\fontsub.dll
2015-03-10 21:31:10 ----A---- C:\Windows\system32\dciman32.dll
2015-03-10 21:31:10 ----A---- C:\Windows\system32\atmlib.dll
2015-03-10 21:30:45 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-10 21:30:45 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-10 21:30:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-10 21:30:43 ----A---- C:\Windows\system32\crypt32.dll
2015-03-10 21:30:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-10 21:30:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-10 21:30:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-10 21:30:39 ----A---- C:\Windows\system32\mf.dll
2015-03-10 21:30:39 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-10 21:30:38 ----A---- C:\Windows\system32\wmp.dll
2015-03-10 21:30:37 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-10 21:30:37 ----A---- C:\Windows\system32\quartz.dll
2015-03-10 21:30:37 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-10 21:30:36 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-10 21:30:36 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-10 21:30:36 ----A---- C:\Windows\system32\winload.exe
2015-03-10 21:30:36 ----A---- C:\Windows\system32\msscp.dll
2015-03-10 21:30:36 ----A---- C:\Windows\system32\cryptui.dll
2015-03-10 21:30:36 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-10 21:30:35 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\wintrust.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\srcore.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\rstrui.exe
2015-03-10 21:30:35 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\mfplat.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\blackbox.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-10 21:30:35 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-10 21:30:34 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\qdvd.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\evr.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-10 21:30:34 ----A---- C:\Windows\system32\audiodg.exe
2015-03-10 21:30:33 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-10 21:30:33 ----A---- C:\Windows\system32\pcadm.dll
2015-03-10 21:30:32 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-10 21:30:32 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-10 21:30:32 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-10 21:30:31 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\srclient.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\smss.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\pcalua.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\mfps.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\EncDump.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-10 21:30:31 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 21:30:31 ----A---- C:\Windows\system32\appidapi.dll
2015-03-10 21:30:30 ----A---- C:\Windows\system32\spwmp.dll
2015-03-10 21:30:30 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-10 21:30:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-10 21:30:29 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-10 21:30:29 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-10 21:30:29 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-10 21:30:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-10 21:30:27 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-10 21:30:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-10 21:30:22 ----A---- C:\Windows\system32\mferror.dll
2015-03-10 21:29:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-10 21:29:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-10 21:29:27 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-10 21:29:27 ----A---- C:\Windows\system32\shell32.dll
2015-03-10 21:29:21 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-10 21:29:21 ----A---- C:\Windows\system32\ubpm.dll
2015-03-10 21:29:20 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-10 21:29:20 ----A---- C:\Windows\system32\msctf.dll
2015-03-10 21:28:57 ----A---- C:\Windows\system32\schannel.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-10 21:28:56 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-10 21:28:56 ----A---- C:\Windows\system32\wdigest.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\sspicli.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\lsass.exe
2015-03-10 21:28:56 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\kerberos.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-10 21:28:56 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-10 21:28:56 ----A---- C:\Windows\system32\credssp.dll
2015-03-10 21:28:56 ----A---- C:\Windows\system32\auditpol.exe
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-10 21:28:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-10 21:28:55 ----A---- C:\Windows\system32\secur32.dll
2015-03-10 21:28:55 ----A---- C:\Windows\system32\msobjs.dll
2015-03-10 21:28:55 ----A---- C:\Windows\system32\msaudite.dll
2015-03-10 21:28:55 ----A---- C:\Windows\system32\adtschema.dll
2015-03-10 21:28:38 ----A---- C:\Windows\system32\win32k.sys
2015-03-10 21:28:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-10 21:28:22 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-10 21:28:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-10 21:28:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-10 21:28:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-10 21:28:21 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-10 21:28:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-10 21:28:20 ----A---- C:\Windows\system32\iernonce.dll
2015-03-10 21:28:20 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-10 21:28:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-10 21:28:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 21:28:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-10 21:28:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-10 21:28:17 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-10 21:28:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-10 21:28:16 ----A---- C:\Windows\system32\urlmon.dll
2015-03-10 21:28:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 21:28:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-10 21:28:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-10 21:28:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 21:28:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-10 21:28:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-10 21:28:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-10 21:28:10 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-10 21:28:09 ----A---- C:\Windows\system32\iesetup.dll
2015-03-10 21:28:08 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-10 21:28:07 ----A---- C:\Windows\system32\iertutil.dll
2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-10 21:28:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-10 21:28:06 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-10 21:28:06 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-10 21:28:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-10 21:27:57 ----A---- C:\Windows\system32\ieui.dll
2015-03-10 21:27:57 ----A---- C:\Windows\system32\ieframe.dll
2015-03-10 21:27:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-10 21:27:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-10 21:27:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-10 21:27:55 ----A---- C:\Windows\system32\wininet.dll
2015-03-10 21:27:55 ----A---- C:\Windows\system32\vbscript.dll
2015-03-10 21:27:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-10 21:27:55 ----A---- C:\Windows\system32\jscript9.dll
2015-03-10 21:27:54 ----A---- C:\Windows\system32\msrating.dll
2015-03-10 21:27:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-10 21:27:53 ----A---- C:\Windows\system32\mshtml.dll
2015-03-10 21:27:26 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-10 21:27:26 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-09 19:32:54 ----D---- C:\Users\Yasser\AppData\Roaming\License_Activator
2015-03-09 19:32:28 ----D---- C:\Users\Yasser\AppData\Roaming\DDP_Player
2015-03-09 19:32:22 ----D---- C:\Program Files (x86)\Sonoris
2015-03-06 14:42:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-03 20:46:46 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-03-03 20:46:46 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 20:46:46 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 20:46:46 ----A---- C:\Windows\system32\perftrack.dll
2015-02-25 20:03:25 ----A---- C:\Windows\system32\drivers\PSINReg.sys
2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINProt.sys
2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINProc.sys
2015-02-25 20:03:24 ----A---- C:\Windows\system32\drivers\PSINKNC.sys
2015-02-25 20:03:23 ----A---- C:\Windows\system32\drivers\PSINFile.sys
2015-02-25 20:03:23 ----A---- C:\Windows\system32\drivers\PSINAflt.sys

======List of files/folders modified in the last 1 month======

2015-03-18 09:14:22 ----D---- C:\Windows\Prefetch
2015-03-18 09:14:21 ----D---- C:\Program Files\trend micro
2015-03-17 20:54:57 ----D---- C:\Windows\Temp
2015-03-17 19:12:45 ----D---- C:\Windows\inf
2015-03-17 19:09:38 ----D---- C:\Windows\system32\config
2015-03-17 18:53:55 ----D---- C:\Windows\system32\drivers
2015-03-17 18:53:26 ----A---- C:\Windows\system32\deviceAppeared.txt
2015-03-17 18:53:14 ----D---- C:\Windows
2015-03-14 11:54:07 ----D---- C:\Windows\System32
2015-03-14 11:54:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-14 11:52:43 ----A---- C:\Windows\system32\devicelist.txt
2015-03-14 11:52:43 ----A---- C:\Windows\system32\devicealertlist.txt
2015-03-14 10:00:48 ----D---- C:\Users\Yasser\AppData\Roaming\Dropbox
2015-03-14 10:00:46 ----A---- C:\Windows\wininit.ini
2015-03-14 01:54:33 ----D---- C:\Windows\SysWOW64
2015-03-13 23:50:29 ----HD---- C:\ProgramData
2015-03-13 22:27:57 ----SHD---- C:\Windows\Installer
2015-03-13 22:27:56 ----HD---- C:\Config.Msi
2015-03-13 22:27:40 ----D---- C:\Windows\system32\DriverStore
2015-03-13 22:25:49 ----RSD---- C:\Windows\Fonts
2015-03-13 22:25:44 ----RD---- C:\Program Files (x86)
2015-03-12 20:14:35 ----SHD---- C:\System Volume Information
2015-03-12 19:17:58 ----D---- C:\Program Files (x86)\NCH Software
2015-03-12 19:17:56 ----D---- C:\Users\Yasser\AppData\Roaming\NCH Software
2015-03-11 22:55:26 ----D---- C:\Users\Yasser\AppData\Roaming\vlc
2015-03-11 13:13:38 ----D---- C:\Users\Yasser\AppData\Roaming\uTorrent
2015-03-11 13:13:33 ----D---- C:\Windows\debug
2015-03-11 09:54:06 ----D---- C:\Windows\rescache
2015-03-11 08:50:58 ----D---- C:\Windows\winsxs
2015-03-11 08:45:52 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-03-11 08:45:52 ----D---- C:\Program Files\Windows Media Player
2015-03-11 08:45:52 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 08:45:51 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 08:45:48 ----D---- C:\Windows\system32\nl-NL
2015-03-11 08:45:48 ----D---- C:\Windows\system32\Dism
2015-03-11 08:45:41 ----D---- C:\Windows\system32\Boot
2015-03-11 08:45:27 ----D---- C:\Program Files\Internet Explorer
2015-03-11 08:45:24 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 08:45:22 ----D---- C:\Windows\system32\en-US
2015-03-11 08:45:20 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 08:25:06 ----D---- C:\Windows\system32\MRT
2015-03-11 08:16:06 ----A---- C:\Windows\system32\MRT.exe
2015-03-10 21:26:42 ----D---- C:\Windows\system32\catroot2
2015-03-04 20:11:22 ----D---- C:\Windows\tracing
2015-02-26 21:59:49 ----D---- C:\Windows\Minidump
2015-02-24 03:17:24 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-23 18:50:54 ----D---- C:\Windows\Microsoft.NET
2015-02-21 13:05:28 ----D---- C:\Windows\Tasks
2015-02-21 13:05:28 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-09-22 14456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2014-07-10 93160]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2014-07-10 102992]
R1 cbfs3;cbfs3; \??\C:\Windows\system32\drivers\cbfs3.sys [2011-12-02 348560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-22 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-07-16 96896]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-29 10210304]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-29 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-07-16 214144]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2014-08-21 727592]
R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2014-08-21 261056]
R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2014-08-21 601360]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-09-21 133672]
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-05-29 4747840]
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-11 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2011-09-21 620584]
R3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2011-09-21 167976]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-09-21 178728]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-09-21 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-21 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-21 21544]
R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [2015-01-22 155912]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-31 338536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-05-29 535552]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056]
S3 4598AC4582F0E60C;4598AC4582F0E60C; \??\C:\Users\Yasser\AppData\Local\Temp\7DDBCE06F.sys []
S3 a2djavs;Audio 2 DJ WDM Audio; C:\Windows\System32\Drivers\a2djavs.sys [2012-12-18 359784]
S3 a2djusb_svc;Audio 2 DJ; C:\Windows\System32\Drivers\a2djusb.sys [2012-12-18 98664]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-10-30 32512]
S3 L6PODHD5SE;Service - Line 6 POD HD500X; C:\Windows\System32\Drivers\L6PODHD5SE64.sys [2013-07-11 772864]
S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2013-07-11 772864]
S3 L6TPortA;Service - Line 6 TonePort UX1; C:\Windows\System32\Drivers\L6TPortA64.sys [2013-07-11 772864]
S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080]
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-01-22 452040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-29 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-29 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-09-20 1085216]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-08-26 260424]
R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-09-16 662104]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056]
R2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-10-10 1379840]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-30 75136]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-29 311808]
R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-07-28 1511872]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
 

Link naar reactie
Delen op andere sites

Hebben we het hier over dezelfde laptop als de laptop in dit topic waarin je geen enkele feedback meer postte ondanks de expliciete vraag van collega Kape ? ... :hmmmm:

 

Zodra één van de malware-experts online komt gebeurt de analyse van je logje en krijg je verdere persoonlijke begeleiding.
 

Link naar reactie
Delen op andere sites

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

  • Klik op "Gratis Java-download".
  • Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  • Het bestand jxpiinstall.exe wordt aangeboden - kies hier voor "bestand opslaan".
  • Sluit alle programma's die eventueel open zijn - zeker je web browser!
  • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Klik vervolgens op jxpiinstall.exe om de nieuwste versie van Java te installeren.
  • Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.


 

Ik zie dat je ook Lavasoft AdAware gebruikt als bescherming.

Dat is een beetje zoals bij de duivel te biechten gaan want het bedrijf dat Lavasoft enkel jaren geleden heeft opgekocht, is niet helemaal koosjer op gebied van malware verspreiding.

Dit programma kan je dus best weer verwijderen.

 


 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
C:\Windows\SYSWOW64\sho3896.tmp;f
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
     
  • Do a Deep Scan
  • Installed Programs
  • Auto Clean
     
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites

@ Asus: moet dit volledig uit oog verloren zijn. Excuses!

 

Zoek.exe v5.0.0.0 Updated 18-March-2015
Tool run by Yasser on do 19/03/2015 at 13:19:38,07.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Yasser\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-04-10-112126.log    24645 bytes
C:\zoek-results2014-11-05-194629.log    30172 bytes
C:\zoek-results2014-11-23-184236.log    14297 bytes

==== Empty Folders Check ======================

C:\Users\Yasser\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Yasser\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Yasser\AppData\Local\CrashDumps deleted successfully
C:\Users\Yasser\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2615218092-1894063395-1112891428-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

æTorrent  
3100_3200_3300_Help  
3100_3200_3300trb  
3300  
64 Bit HP CIO Components Installer  
Ad-Aware Antivirus  
Adobe AIR  
Adobe Community Help  
Adobe Flash Player 16 ActiveX  
Adobe Flash Player 17 NPAPI  
Adobe Media Player  
Adobe Photoshop Lightroom 4.4 64-bit  
Adobe Photoshop Lightroom 5.2 64-bit  
Adobe Reader X (10.1.0) MUI  
Adobe Shockwave Player 11.6  
Advanced Photo Recovery  
AIO_CDB_ProductContext  
AIO_CDB_Software  
AIO_Scan  
AMD APP SDK Runtime  
AMD Catalyst Install Manager  
AMD Fuel  
AMD Steady Video Plug-In   
AMD System Monitor  
AMD VISION Engine Control Center  
Antares Autotune VST RTAS TDM v5.08  
Antares Avox 1.06  
Antares Filter VST DX v1.01  
Antares Harmony Engine VST RTAS v1.0  
Antares Microphone Modeler DX v1.32  
Antares Tube VST v1.02  
Apple Application Support  
Apple Software Update  
AuthenTec TrueAPI  
Bejeweled 3  
Broadcom 802.11 Wireless LAN Adapter  
Broadcom Bluetooth Software  
Broadcom InConcert Maestro  
BufferChm  
Cake Mania  
Catalyst Control Center - Branding  
Catalyst Control Center Graphics Previews Common  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
CCleaner  
ChromecastApp  
Chuzzle Deluxe  
Compatibility Pack for the 2007 Office system  
Copy  
Cradle of Rome 2  
D3DX10  
DAEMON Tools Lite  
DebugMode PluginPac (remove only)  
Destinations  
DeviceDiscovery  
DocProc  
Dropbox  
Edirol HQ Orchestral v1.01  
ESU for Microsoft Windows 7 SP1  
Evernote v. 4.2.3  
EZdrummer  
EZXDfh  
Facebook Video Calling 3.1.0.521  
Farm Frenzy  
Farmscapes  
FATE  
Fax  
FileZilla Client 3.5.3  
Final Drive Fury  
Finale 2014  
Fishdom 2  
Fotogalerie  
Free Media Converter  
Galerie de photos Windows Live  
Genie Timeline  
Google Chrome  
Google Update Helper  
Google+ Auto Backup  
GPBaseService2  
Hewlett-Packard ACLM.NET v1.2.2.3  
HP 3D DriveGuard  
HP Auto  
HP Client Services  
HP CoolSense  
HP Customer Experience Enhancements  
HP Customer Participation Program 13.0  
HP Documentation  
HP DVB-T TV Tuner 8.0.64.43  
HP Games  
HP Imaging Device Functions 13.0  
HP Launch Box  
HP On Screen Display  
HP Photosmart Essential 3.5  
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B  
HP Power Manager  
HP Quick Launch  
HP QuickWeb  
HP Recovery Manager  
HP Security Assistant  
HP Setup  
HP Setup Manager  
HP SimplePass 2012  
HP Smart Web Printing 4.51  
HP Software Framework  
HP Solution Center 13.0  
HP Update  
HPPhotoGadget  
HPPhotoSmartDiscLabelContent1  
HPPhotosmartEssential  
HPProductAssistant  
HPSSupply  
IDT Audio  
Insaniquarium Deluxe  
Java 8 Update 40  
Java Auto Updater  
Jewel Match 3  
Jewel Quest II  
Jewel Quest Solitaire 2  
Junk Mail filter update  
K-Lite Codec Pack 10.6.5 Basic  
LaCie Desktop Manager 1.5.5  
Line 6 Uninstaller  
Live 8.0.4  
M-Audio USB MIDI Series Driver 5.0.1 (x64)  
Mahjongg Artifacts  
Malwarebytes Anti-Malware versie 2.0.3.1025  
MarketResearch  
Mass Effect  
Microsoft .NET Framework 4.5.2  
Microsoft Application Error Reporting  
Microsoft Games for Windows - LIVE Redistributable  
Microsoft Office Klik-en-Klaar 2010  
Microsoft Office Starter 2010 - Nederlands  
Microsoft Office XP Professional with FrontPage  
Microsoft Silverlight  
Microsoft SkyDrive  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft_VC80_ATL_x86  
Microsoft_VC80_ATL_x86_x64  
Microsoft_VC80_CRT_x86  
Microsoft_VC80_CRT_x86_x64  
Microsoft_VC80_MFC_x86  
Microsoft_VC80_MFC_x86_x64  
Microsoft_VC80_MFCLOC_x86  
Microsoft_VC80_MFCLOC_x86_x64  
Microsoft_VC90_ATL_x86  
Microsoft_VC90_ATL_x86_x64  
Microsoft_VC90_CRT_x86  
Microsoft_VC90_CRT_x86_x64  
Microsoft_VC90_MFC_x86  
Microsoft_VC90_MFC_x86_x64  
More Games from HP Games  
Movie Maker  
Mozilla Firefox 36.0.1 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT Redists  
MSVCRT_amd64  
MSVCRT110  
MSVCRT110_amd64  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
MyFreeCodec  
Mystery of Mortlake Mansion  
Native Instruments Audio 2 DJ Driver  
Native Instruments Controller Editor  
Native Instruments Guitar Rig 5  
Native Instruments Guitar Rig Mobile I/O  
Native Instruments Guitar Rig Session I/O  
Native Instruments Rig Kontrol 3  
Native Instruments Service Center  
Nero 7 Ultra Edition  
neroxml  
Network64  
OCR Software by I.R.I.S. 13.0  
opensource  
Panda Devices Agent  
Panda Free Antivirus  
PDF Settings CS5  
Photo Common  
Photo Gallery  
Plants vs. Zombies - Game of the Year  
Polar Bowler  
QuickTime 7  
Ranch Rush 2 - Premium Edition  
Realtek Ethernet Controller Driver  
Realtek PCIE Card Reader  
Recuva  
Resolume Avenue 4.1.1  
Samsung Kies  
SAMSUNG USB Driver for Mobile Phones  
Shop for HP Supplies  
SkypeT 6.21  
SmartWebPrinting  
SolutionCenter  
Sonnox Oxford Inflator Native VST v1.5.1  
Sonnox Oxford Limiter Native VST v1.1.1  
Sonnox Oxford R3 Dynamics Native VST v1.3.1  
Sonnox Oxford R3 EQ Native VST v1.6.1  
Sonnox Oxford Reverb Native VST v1.0  
Sonnox Oxford TransMod Native VST v1.3.1  
Sonoris DDP Player  
Sonoris License Activator  
Status  
Subtitle Edit 3.3.9  
Switch Sound File Converter  
swMSM  
Synaptics TouchPad Driver  
T-RackS 3 Deluxe  
Toolbox  
Torchlight  
TrayApp  
UnloadSupport  
Update Installer for WildTangent Games App  
Validity WBF DDK  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
Vegas Pro 12.0 (64-bit)  
Videostream Port Fix  
Virtual DJ - Atomix Productions  
Virtual Families  
Virtual Villagers 4 - The Tree of Life  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player 2.1.3  
Wave Arts Power Suite  
WavePad Sound Editor  
Waves GTR 3  
Waves Mercury Bundle  
WebReg  
Wedding Dash  
WildTangent Games App (HP Games)  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Family Safety  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Mail  
Windows Live Messenger  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinRAR 4.20 (32-bit)  
Wuala  
Wuala CBFS  
Wuala OverlayIcons  
Zuma's Revenge  

==== Running Processes ======================

C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Yasser\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\gimmishop deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\sho3896.tmp deleted
"C:\Users\Yasser\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll" deleted
"C:\Users\Yasser\AppData\Roaming\Dropbox" not deleted
"C:\Users\Yasser\AppData\Roaming\Dropbox\bin" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 7658 MB
CPU Info: AMD A8-3530MX APU with Radeon HD Graphics
CPU Speed: 1946,2 MHz
Sound Card: Luidsprekers en hoofdtelefoons  |
Communicatie-hoofdtelefoons (ID |
Display Adapters: AMD Radeon HD 6620G | AMD Radeon HD 6620G | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Personal Area Network | Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi-adapter
CD / DVD Drives: 2x (F: | G: | ) F: hp      DVD-RAM UJ8B1    | G: DTSOFT  BDROM
Ports: COM18 | COM17 | COM16 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  670,0GB | D:  24,4GB | E:  4,0GB | Q:  0,0MB
Hard Disks - Free: C:  174,0GB | D:  2,5GB | E:  990,4MB | Q:  0,0MB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 12/06/05 | HPQOEM - 1
Time Zone: Romance (standaardtijd)
Motherboard *: Hewlett-Packard 180D
Country: Belgi‰
Language: NLB

==== System Specs (Software) ======================

Anti-Virus: Panda Free Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Panda Free Antivirus disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Panda Firewall disabled
Default Browser: Firefox    36.0.1
Internet Explorer Version: 11.0.9600.17691
Mozilla Firefox version: 36.0.1 (x86 nl)
Google Chrome version: 41.0.2272.89
Adobe Reader version: 10.1.0.534
Sun Java version: 1.8.0_40 (32-bit)
Sun Java version: 1.8.0_40 (64-bit)
Flash Player version: 17.0.0.134
Shockwave Player version: 11.6.8r638

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Yasser\AppData\Local\Temp ====
2015-03-19 12:15:33    2E8A5736739C6D23F5CBAE22973A1E3A    6553144    ----a-w-    C:\Users\Yasser\AppData\Local\Temp\SpotifyUninstall.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-03-19 11:55:02    A685C8F01D011F40F5751277793816CA    789416    ----a-w-    C:\Windows\SysWOW64\deployJava1.dll
2015-03-19 11:55:02    2EE9DCAE1D70ABF4D058688DE35F8221    867240    ----a-w-    C:\Windows\SysWOW64\npDeployJava1.dll
2015-03-10 20:31:11    965D6A2B30A95A9F7EF13653988D3D9F    299008    ----a-w-    C:\Windows\SysWOW64\atmfd.dll
2015-03-10 20:31:10    ABB358777FDF4AF51B2FE26137D2B8D4    70656    ----a-w-    C:\Windows\SysWOW64\fontsub.dll
2015-03-10 20:31:10    55273844B66D77A2F1A2213C17A9EA4A    34304    ----a-w-    C:\Windows\SysWOW64\atmlib.dll
2015-03-10 20:31:10    274F0540FD4C88FC845C94CA1569688A    10240    ----a-w-    C:\Windows\SysWOW64\dciman32.dll
2015-03-10 20:31:10    01D9C9A70323BC7E5835B92442DD7EC2    25600    ----a-w-    C:\Windows\SysWOW64\lpk.dll
2015-03-10 20:30:45    B378B6A865C28CE5C1E23C35760A1199    11411968    ----a-w-    C:\Windows\SysWOW64\wmp.dll
2015-03-10 20:30:45    5B0C6247027FCF5A2E2F150E298D2FFA    3209728    ----a-w-    C:\Windows\SysWOW64\mf.dll
2015-03-10 20:30:42    74264B7F57A16D25CB581C07964D324A    1174528    ----a-w-    C:\Windows\SysWOW64\crypt32.dll
2015-03-10 20:30:41    6C2D4DC5D2E271F4AE4016FD4587B0B2    3973048    ----a-w-    C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-10 20:30:40    2CFE69A0A8AFDA8DB9A773D728000BB7    3917760    ----a-w-    C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-10 20:30:37    96DB6A923DEDB58FC7CBBF5CFF73314D    1329664    ----a-w-    C:\Windows\SysWOW64\quartz.dll
2015-03-10 20:30:36    DCC148408770F2D55B201F8FC26438A1    988160    ----a-w-    C:\Windows\SysWOW64\drmv2clt.dll
2015-03-10 20:30:36    B7D2BB84C590F0AE9DA51DBB065A780E    1005056    ----a-w-    C:\Windows\SysWOW64\cryptui.dll
2015-03-10 20:30:36    98C1191C862B44567FCF3C18BAEE859E    519680    ----a-w-    C:\Windows\SysWOW64\qdvd.dll
2015-03-10 20:30:36    003C51B9FE38287BA4E0E58D3AE080BD    744960    ----a-w-    C:\Windows\SysWOW64\blackbox.dll
2015-03-10 20:30:35    D5EC42139D6A6158CF188975C50B6A60    179200    ----a-w-    C:\Windows\SysWOW64\wintrust.dll
2015-03-10 20:30:35    C5667EE72D7364BE81516C0707FEF724    354816    ----a-w-    C:\Windows\SysWOW64\mfplat.dll
2015-03-10 20:30:35    833FCABCB5D95B1911BA6E62FC82AC04    617984    ----a-w-    C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-10 20:30:35    3BAA4BAE71460C5CEB40D5E9339A61BC    103936    ----a-w-    C:\Windows\SysWOW64\cryptnet.dll
2015-03-10 20:30:34    BB73C907D1BD437B6C30F2C23BB089FC    406016    ----a-w-    C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-10 20:30:34    49474B3E37969AF4B5C076F42B623AFF    143872    ----a-w-    C:\Windows\SysWOW64\cryptsvc.dll
2015-03-10 20:30:34    320A8699369C43CF53B2DB4538D17C52    504320    ----a-w-    C:\Windows\SysWOW64\msscp.dll
2015-03-10 20:30:34    2D4814D567E5A85C473228BA772A7AFB    489984    ----a-w-    C:\Windows\SysWOW64\evr.dll
2015-03-10 20:30:33    70E96EBE87A38857619671FCB9C8EC7B    265216    ----a-w-    C:\Windows\SysWOW64\msnetobj.dll
2015-03-10 20:30:32    2D21189858856316D55EAD55DF4964C2    374784    ----a-w-    C:\Windows\SysWOW64\AudioEng.dll
2015-03-10 20:30:31    E0AB9CA912398BE1AAD14FF7AD75C397    50688    ----a-w-    C:\Windows\SysWOW64\appidapi.dll
2015-03-10 20:30:31    B54FD1991E659FD61EF1D34EC27AAECD    81408    ----a-w-    C:\Windows\SysWOW64\cryptsp.dll
2015-03-10 20:30:31    AF47EAA4ADDA9AA221FB7647EE22BF53    103424    ----a-w-    C:\Windows\SysWOW64\mfps.dll
2015-03-10 20:30:31    A56F4029FDCF4F817E78953CDA953E28    442880    ----a-w-    C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-10 20:30:31    A4A2EFB40015B76467F09E6DC388BC26    43008    ----a-w-    C:\Windows\SysWOW64\srclient.dll
2015-03-10 20:30:31    50B8937A81360D16A5C772302BD32CFE    195584    ----a-w-    C:\Windows\SysWOW64\AudioSes.dll
2015-03-10 20:30:31    49F4EE8DF752CFA159B99046CD1FDD2B    23040    ----a-w-    C:\Windows\SysWOW64\mfpmp.exe
2015-03-10 20:30:31    08FF727297A97907AADED4BA86CF44E9    50176    ----a-w-    C:\Windows\SysWOW64\rrinstaller.exe
2015-03-10 20:30:29    FCD5137A10C8943B34C9BE891C50159F    6656    ----a-w-    C:\Windows\SysWOW64\apisetschema.dll
2015-03-10 20:30:29    D3916F83AC8F2314262387A2E16C6578    4096    ----a-w-    C:\Windows\SysWOW64\msdxm.ocx
2015-03-10 20:30:29    D3916F83AC8F2314262387A2E16C6578    4096    ----a-w-    C:\Windows\SysWOW64\dxmasf.dll
2015-03-10 20:30:29    8B07DBA0D77346545C6359AC67DCB980    8192    ----a-w-    C:\Windows\SysWOW64\spwmp.dll
2015-03-10 20:30:27    7C1CADCA0E674212412559B0EAD0919A    12625408    ----a-w-    C:\Windows\SysWOW64\wmploc.DLL
2015-03-10 20:30:22    2F3CE58D8C276570EEB69C99CFBAFD58    2048    ----a-w-    C:\Windows\SysWOW64\mferror.dll
2015-03-10 20:29:33    5F3628DCF926C4499BE1DC74431DFBC8    1230848    ----a-w-    C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-10 20:29:27    340EECB781E6C06A6171B3068DA208AD    12875264    ----a-w-    C:\Windows\SysWOW64\shell32.dll
2015-03-10 20:29:21    B804EAA9E037580F96C22537C2ECB62A    171520    ----a-w-    C:\Windows\SysWOW64\ubpm.dll
2015-03-10 20:29:20    84B460BB65567ED42DD605FA044DB370    828928    ----a-w-    C:\Windows\SysWOW64\msctf.dll
2015-03-10 20:28:56    D5063B86DC3F85B93D02AF68099F4C9A    248832    ----a-w-    C:\Windows\SysWOW64\schannel.dll
2015-03-10 20:28:56    C7D334A01C66BF07B92D04CD7A981B7F    259584    ----a-w-    C:\Windows\SysWOW64\msv1_0.dll
2015-03-10 20:28:56    B06A4105DD22E91A1D922D7310803140    65536    ----a-w-    C:\Windows\SysWOW64\TSpkg.dll
2015-03-10 20:28:56    7A71DA6D6F75AB73475128F787DD8EAD    221184    ----a-w-    C:\Windows\SysWOW64\ncrypt.dll
2015-03-10 20:28:56    69925A266D265DAD96C6FCBB861FA5CD    550912    ----a-w-    C:\Windows\SysWOW64\kerberos.dll
2015-03-10 20:28:56    5E76C26CAE2810EA71C161ED9A2CF0D1    50176    ----a-w-    C:\Windows\SysWOW64\auditpol.exe
2015-03-10 20:28:56    4E15E2D20AE755FDEACD96F359F732DB    172032    ----a-w-    C:\Windows\SysWOW64\wdigest.dll
2015-03-10 20:28:55    ACD0CA819E279E1C17BE5C8A077EF448    146432    ----a-w-    C:\Windows\SysWOW64\msaudite.dll
2015-03-10 20:28:55    84974782ED5D108DA2EFAF3C6534A760    22016    ----a-w-    C:\Windows\SysWOW64\secur32.dll
2015-03-10 20:28:55    7407DDA27838C393DE67A0BDCDD044D0    60416    ----a-w-    C:\Windows\SysWOW64\msobjs.dll
2015-03-10 20:28:55    30F5B3E28636009A0B194057AAE4392A    17408    ----a-w-    C:\Windows\SysWOW64\credssp.dll
2015-03-10 20:28:55    04934912B1317F2F8816208067A32B96    96768    ----a-w-    C:\Windows\SysWOW64\sspicli.dll
2015-03-10 20:28:55    0485899A035E02C53014C0545D912405    686080    ----a-w-    C:\Windows\SysWOW64\adtschema.dll
2015-03-10 20:28:22    FDF0B4DC83627A859D18EE439B8E5A26    47616    ----a-w-    C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-10 20:28:22    B8445B89D0EA5C2575C98EA7BD180C5C    30720    ----a-w-    C:\Windows\SysWOW64\iernonce.dll
2015-03-10 20:28:21    6108ED659B5962DE73DACB3B04D86ED3    64000    ----a-w-    C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-10 20:28:21    00F39165D6D14302618C20CDD7BB213A    76288    ----a-w-    C:\Windows\SysWOW64\mshtmled.dll
2015-03-10 20:28:20    B35C35C55FED3DD7F995C77F63CBC29B    1311232    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2015-03-10 20:28:20    8FDE1162C9DCF7B180AA702DD9EB6071    60416    ----a-w-    C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 20:28:20    29EDBC5C381F1406A5262351E69BC87A    342696    ----a-w-    C:\Windows\SysWOW64\iedkcs32.dll
2015-03-10 20:28:19    AD1BA932AC31D2BC8C9105DA59BEA6BE    689152    ----a-w-    C:\Windows\SysWOW64\msfeeds.dll
2015-03-10 20:28:19    AD13E719AE506AA0E0BB5D49E0D5B44A    285696    ----a-w-    C:\Windows\SysWOW64\dxtrans.dll
2015-03-10 20:28:19    95CB6079B3E62D4301958023C2070A48    19720192    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2015-03-10 20:28:18    08B30EB9751858C1C369E8775492D732    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2015-03-10 20:28:17    BD838E2129623E8311720AA86C5DFBBF    62464    ----a-w-    C:\Windows\SysWOW64\iesetup.dll
2015-03-10 20:28:17    A41C85FDB2275FA9AAA821A118807FDB    710144    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2015-03-10 20:28:17    A34897A1A39316BDECCA3E61986F98F2    2052608    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2015-03-10 20:28:16    F5F730ED126DCFBEBDB9BB629BD482C4    620032    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2015-03-10 20:28:16    756B4F77945C61ADBE68150D7D2EC7A6    47104    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2015-03-10 20:28:16    52B4DECDC70B8758380D37EA2CDD4254    2278400    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2015-03-10 20:28:14    988AB676FBF4484508BA134CAAB711EB    115712    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2015-03-10 20:28:11    BA10D970EB39913357B224F4473D535B    418304    ----a-w-    C:\Windows\SysWOW64\dxtmsft.dll
2015-03-10 20:28:10    E868396BC5F8957A9E39BD9A28EA814D    12827648    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2015-03-10 20:28:10    AC35DA94A14679E8E515A44A8CF90804    478208    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2015-03-10 20:28:06    FC5FE9F2D140435FC95CB3EF6724EF0A    4300288    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2015-03-10 20:28:06    EA6EA6912F27F05C61D8D747517EB47E    1888256    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2015-03-10 20:28:06    BC9CE46C3F05CCC40F8F1EFC7E4B41C7    503296    ----a-w-    C:\Windows\SysWOW64\vbscript.dll
2015-03-10 20:28:06    02C0770DA3BE9231EFAF7185EE51020C    1155072    ----a-w-    C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-10 20:28:05    B0B83B31853E15C619FDB91B64F8349A    168960    ----a-w-    C:\Windows\SysWOW64\msrating.dll
2015-03-10 20:27:26    9566C8BBD2271A7962D4432A624762AD    417792    ----a-w-    C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-10 20:31:11    F351B0E520502552734BE70AA5940784    41984    ----a-w-    C:\Windows\Sysnative\lpk.dll
2015-03-10 20:31:11    1307814243F21EB129852D59B5AB37FB    372224    ----a-w-    C:\Windows\Sysnative\atmfd.dll
2015-03-10 20:31:10    DB0BD8B8D68D8211CA23FBE52DACE549    14336    ----a-w-    C:\Windows\Sysnative\dciman32.dll
2015-03-10 20:31:10    85D3E918658C2766780F7DEE5F8FBE57    46080    ----a-w-    C:\Windows\Sysnative\atmlib.dll
2015-03-10 20:31:10    39A108604F51821F6F4E2001E9A1CB60    100864    ----a-w-    C:\Windows\Sysnative\fontsub.dll
2015-03-10 20:30:45    FDA5F186596288F0B9ECE9DC7A5AA868    5554104    ----a-w-    C:\Windows\Sysnative\ntoskrnl.exe
2015-03-10 20:30:43    3FECBED0EACABD22E024EF4E50CF987B    1480192    ----a-w-    C:\Windows\Sysnative\crypt32.dll
2015-03-10 20:30:40    6AEEC5677AD522786CED371A7BEE620C    616360    ----a-w-    C:\Windows\Sysnative\winresume.efi
2015-03-10 20:30:39    29143C7827F9F2AC543E792A8C63FBB0    4121600    ----a-w-    C:\Windows\Sysnative\mf.dll
2015-03-10 20:30:38    BD311BB00DD0D656C091AC8888C2369D    14632960    ----a-w-    C:\Windows\Sysnative\wmp.dll
2015-03-10 20:30:37    DF6104DCED89E13A78BA5539CEF5100A    1202176    ----a-w-    C:\Windows\Sysnative\drmv2clt.dll
2015-03-10 20:30:37    8DFDB70E3E56C2F1AE09CB3C03E266E5    1574400    ----a-w-    C:\Windows\Sysnative\quartz.dll
2015-03-10 20:30:36    F88B4A9EA1A956F09D5001D08B546228    641024    ----a-w-    C:\Windows\Sysnative\msscp.dll
2015-03-10 20:30:36    B7E752FFD95DC61FCB7A6E70E37175E5    693176    ----a-w-    C:\Windows\Sysnative\winload.efi
2015-03-10 20:30:36    7F4D59E70DD6E757E96B40570B498D5C    782848    ----a-w-    C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-10 20:30:36    7A4064169FBA91F39DB1FDC094A18DA8    619056    ----a-w-    C:\Windows\Sysnative\winload.exe
2015-03-10 20:30:36    410F6B1BE785F3630B4782F8E3D85A24    1069056    ----a-w-    C:\Windows\Sysnative\cryptui.dll
2015-03-10 20:30:36    1BE9877B199184D7657BC4CFCB7B4A99    140288    ----a-w-    C:\Windows\Sysnative\cryptnet.dll
2015-03-10 20:30:35    DB2D62AA2DF6B1F3D690A9EC9701AA2C    188416    ----a-w-    C:\Windows\Sysnative\pcasvc.dll
2015-03-10 20:30:35    B2F02AB28864B6D5B5B9BEDA565D41BB    497664    ----a-w-    C:\Windows\Sysnative\drmmgrtn.dll
2015-03-10 20:30:35    A53A63831185FF5339E76221BE45E6B9    842240    ----a-w-    C:\Windows\Sysnative\blackbox.dll
2015-03-10 20:30:35    93C7D1C3941086162B433107D9E8BCE3    296960    ----a-w-    C:\Windows\Sysnative\rstrui.exe
2015-03-10 20:30:35    7BC64DEEFD0E6812E21DE89F0CF50A49    500224    ----a-w-    C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-10 20:30:35    6968D02DC38757C3FBE7ED7C2F9670AA    680960    ----a-w-    C:\Windows\Sysnative\audiosrv.dll
2015-03-10 20:30:35    577D0B947B49DB83E2054FA169B2ECBF    229376    ----a-w-    C:\Windows\Sysnative\wintrust.dll
2015-03-10 20:30:35    483221CC1AAC288368292899E32B6B9B    503808    ----a-w-    C:\Windows\Sysnative\srcore.dll
2015-03-10 20:30:35    0BC72EA80234382701EAFC1BE0ECD7E4    432128    ----a-w-    C:\Windows\Sysnative\mfplat.dll
2015-03-10 20:30:34    C0AE7ABD87254B2789C8CB34AF274A65    296448    ----a-w-    C:\Windows\Sysnative\AudioSes.dll
2015-03-10 20:30:34    AE66D26930CA536706078537CB5AC840    325632    ----a-w-    C:\Windows\Sysnative\msnetobj.dll
2015-03-10 20:30:34    6E974F1C384615DEB0710E44F4847351    126464    ----a-w-    C:\Windows\Sysnative\audiodg.exe
2015-03-10 20:30:34    5FFEE6CA63E27CBA1F32002743E58F3C    631808    ----a-w-    C:\Windows\Sysnative\evr.dll
2015-03-10 20:30:34    3029D8E78E4BF18A0551E22CD4CB892C    371712    ----a-w-    C:\Windows\Sysnative\qdvd.dll
2015-03-10 20:30:34    1CD76A83B9E8E9A5A3519B39E28354D9    187904    ----a-w-    C:\Windows\Sysnative\cryptsvc.dll
2015-03-10 20:30:33    27793FE3FF2D0123896D1A01A2D222C7    37376    ----a-w-    C:\Windows\Sysnative\pcadm.dll
2015-03-10 20:30:32    CBE684883A45E5B047DA6B4AC46C2112    55808    ----a-w-    C:\Windows\Sysnative\rrinstaller.exe
2015-03-10 20:30:32    3A7BC2DC99D3C5B172465E890B3C3B14    440832    ----a-w-    C:\Windows\Sysnative\AudioEng.dll
2015-03-10 20:30:31    ED6BF1E1C4F40F600DFEC0CB101A1789    9728    ----a-w-    C:\Windows\Sysnative\pcalua.exe
2015-03-10 20:30:31    EA285B947EE48103697CDA53D76C9EEC    17920    ----a-w-    C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-10 20:30:31    C4937B9D6EF4D309A60054D4D00EE9DB    63488    ----a-w-    C:\Windows\Sysnative\setbcdlocale.dll
2015-03-10 20:30:31    BE7DA70C9F4A97CCA9ED78B70BCFC9AC    43520    ----a-w-    C:\Windows\Sysnative\csrsrv.dll
2015-03-10 20:30:31    A84C94CF795E08BBB99E4E145F9E81A3    11264    ----a-w-    C:\Windows\Sysnative\pcawrk.exe
2015-03-10 20:30:31    94BC902494AFC9F5EBC5FBB61445D73F    82432    ----a-w-    C:\Windows\Sysnative\cryptsp.dll
2015-03-10 20:30:31    947938F265D7CB99653CDFF2B3C0468D    206848    ----a-w-    C:\Windows\Sysnative\mfps.dll
2015-03-10 20:30:31    84DB8EB3C184BB549ED90A842020F278    58880    ----a-w-    C:\Windows\Sysnative\appidapi.dll
2015-03-10 20:30:31    72D4757510FDA69D729169C00AFC211E    32256    ----a-w-    C:\Windows\Sysnative\appidsvc.dll
2015-03-10 20:30:31    63D3C30B497347495B8EA78A38188969    112640    ----a-w-    C:\Windows\Sysnative\smss.exe
2015-03-10 20:30:31    589852B65C91F574E980ABDB8205080A    146944    ----a-w-    C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-10 20:30:31    56FD1BC602EE0E7949F92EE2EE327B72    284672    ----a-w-    C:\Windows\Sysnative\EncDump.dll
2015-03-10 20:30:31    29088A5723C81BF75AD909AAB6A91610    50176    ----a-w-    C:\Windows\Sysnative\srclient.dll
2015-03-10 20:30:31    0F79883E27BB1AFE2D9BB4656A1CEFCD    11264    ----a-w-    C:\Windows\Sysnative\msmmsp.dll
2015-03-10 20:30:31    00EE5D3E16D42F25F7813ACFA10EC803    24576    ----a-w-    C:\Windows\Sysnative\mfpmp.exe
2015-03-10 20:30:30    F43B09E257121ADC501ABE9367FAA850    9728    ----a-w-    C:\Windows\Sysnative\spwmp.dll
2015-03-10 20:30:29    FE03B35A22C3D2714B494FC2AB32AC5B    8704    ----a-w-    C:\Windows\Sysnative\pcaevts.dll
2015-03-10 20:30:29    DBCD54B841F2B216B2F0F86E18205C22    6656    ----a-w-    C:\Windows\Sysnative\apisetschema.dll
2015-03-10 20:30:29    D3F1F9C784BCCDF2C880669D69FC1970    5120    ----a-w-    C:\Windows\Sysnative\msdxm.ocx
2015-03-10 20:30:29    D3F1F9C784BCCDF2C880669D69FC1970    5120    ----a-w-    C:\Windows\Sysnative\dxmasf.dll
2015-03-10 20:30:27    77D49942BD5DC97723ABC8A6D2757B6E    12625920    ----a-w-    C:\Windows\Sysnative\wmploc.DLL
2015-03-10 20:30:22    8364A0F7633414DC5C50A37295B1FAFF    2048    ----a-w-    C:\Windows\Sysnative\mferror.dll
2015-03-10 20:29:33    0A4D03A4C0F908B15B8A4C48FB18F197    1424896    ----a-w-    C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-10 20:29:27    01F9FEB7F0C84EA1AC6A9B4D7C6B0435    14177280    ----a-w-    C:\Windows\Sysnative\shell32.dll
2015-03-10 20:29:21    1FB81632476857E8451DDA8A456EF3CE    215552    ----a-w-    C:\Windows\Sysnative\ubpm.dll
2015-03-10 20:29:20    E88A78273D429554B6B2D2BDA945ED9B    1067520    ----a-w-    C:\Windows\Sysnative\msctf.dll
2015-03-10 20:28:57    3807605BDA83C0DA729A5219CEBB9041    341504    ----a-w-    C:\Windows\Sysnative\schannel.dll
2015-03-10 20:28:56    FB95F6E11AAD62F24C2DB01E6E9D7BE7    64000    ----a-w-    C:\Windows\Sysnative\auditpol.exe
2015-03-10 20:28:56    E1404987DCD392AF9D67F6A26CE21175    86528    ----a-w-    C:\Windows\Sysnative\TSpkg.dll
2015-03-10 20:28:56    DB2904A4CEBC39DF8892A613BEC71512    1461760    ----a-w-    C:\Windows\Sysnative\lsasrv.dll
2015-03-10 20:28:56    B6C7729936AAF8E0697F0A7DCA82CED8    31232    ----a-w-    C:\Windows\Sysnative\lsass.exe
2015-03-10 20:28:56    9B644AC070576AAE701910874C241DBD    210944    ----a-w-    C:\Windows\Sysnative\wdigest.dll
2015-03-10 20:28:56    92F920EE9EAF7306B4AB8124D474AB52    22016    ----a-w-    C:\Windows\Sysnative\credssp.dll
2015-03-10 20:28:56    7BC39275661EA7DEE54135AA26DF733E    136192    ----a-w-    C:\Windows\Sysnative\sspicli.dll
2015-03-10 20:28:56    6536829F6EA1149527728A210F493B79    314880    ----a-w-    C:\Windows\Sysnative\msv1_0.dll
2015-03-10 20:28:56    54CD467B3A6DA02E9449DB7FB1830612    29184    ----a-w-    C:\Windows\Sysnative\sspisrv.dll
2015-03-10 20:28:56    28CC69865D5DC458EDDCEA35F01D71DA    309760    ----a-w-    C:\Windows\Sysnative\ncrypt.dll
2015-03-10 20:28:56    1DB278E5834B08F9A184F953F2D31FF7    728064    ----a-w-    C:\Windows\Sysnative\kerberos.dll
2015-03-10 20:28:55    65CF54B1D8CB1B085B6D8BC210E2C45F    686080    ----a-w-    C:\Windows\Sysnative\adtschema.dll
2015-03-10 20:28:55    543553AD3E30CB261C8B436DF644F23E    60416    ----a-w-    C:\Windows\Sysnative\msobjs.dll
2015-03-10 20:28:55    473BCBFFC55C9FE33D502035322E759D    28160    ----a-w-    C:\Windows\Sysnative\secur32.dll
2015-03-10 20:28:55    378B175D0F0A1C38026F280BF6C8D0C6    146432    ----a-w-    C:\Windows\Sysnative\msaudite.dll
2015-03-10 20:28:38    A0DEE06D68F210CA090FD4D9A33CDC12    3204096    ----a-w-    C:\Windows\Sysnative\win32k.sys
2015-03-10 20:28:22    2CA6A98547E799812489E5ADF2774D97    114688    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2015-03-10 20:28:22    289581F0FDA6B93A0FAFE979486AD6FA    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2015-03-10 20:28:21    08892A4ED848386E6B901723C1EF611B    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2015-03-10 20:28:20    D2BF72C0A9E26BE91C1DEEACF7C430E0    34304    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2015-03-10 20:28:20    7FA2B43D940DF41E46B8049B59AB6639    718848    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2015-03-10 20:28:19    D3EA5B5E606EF17804B5BF565BEAD937    77824    ----a-w-    C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-03-10 20:28:17    585B29EFB4954902FD53C4F8F9A0D39F    389800    ----a-w-    C:\Windows\Sysnative\iedkcs32.dll
2015-03-10 20:28:16    F5E5E96E188934BAB22C0916C91F46B3    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2015-03-10 20:28:16    501A38B72FA264605123B4FACF53F057    1548288    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2015-03-10 20:28:11    132862B0FC4A1B7CB45C274DE169DBB2    968704    ----a-w-    C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-03-10 20:28:10    80B3AD73027A2CCD42C47EBF5C89124F    316928    ----a-w-    C:\Windows\Sysnative\dxtrans.dll
2015-03-10 20:28:10    5443F21A33DB376734DBE47F7635542C    801280    ----a-w-    C:\Windows\Sysnative\msfeeds.dll
2015-03-10 20:28:09    D0767EA3A59FA70C7ACF59EE0C8CD42A    66560    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2015-03-10 20:28:08    9E9B757A677927110393A505822D9174    800768    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2015-03-10 20:28:08    22C4867C690C38B18B2C1A0B072CD0C4    2125824    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2015-03-10 20:28:07    62269DEFF17AB006217330A24EA8577B    2886144    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2015-03-10 20:28:06    A1264D16AF506125C974775C833A063C    54784    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2015-03-10 20:28:06    1EC0BF321D3B14D02B9A8BAC134570F4    144384    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2015-03-10 20:27:57    FB8C4EE9889790466A0174923410649E    633856    ----a-w-    C:\Windows\Sysnative\ieui.dll
2015-03-10 20:27:57    76B53D2150284E138B46410EA54967FA    490496    ----a-w-    C:\Windows\Sysnative\dxtmsft.dll
2015-03-10 20:27:57    2335F6BF8A127E31EB0E2D9A82F188A0    14398976    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2015-03-10 20:27:56    D373113A84C12BA7F07CE1E9CAF4747F    92160    ----a-w-    C:\Windows\Sysnative\mshtmled.dll
2015-03-10 20:27:56    4870B24EA7D4EEF5E1C4675AC47796B8    1359360    ----a-w-    C:\Windows\Sysnative\mshtmlmedia.dll
2015-03-10 20:27:55    A9190899A35431CF8ABBEF5E1BB0C8F9    814080    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2015-03-10 20:27:55    687E11F36832BFF65EF0CD2FA3DB1966    584192    ----a-w-    C:\Windows\Sysnative\vbscript.dll
2015-03-10 20:27:55    40DF85D8B2B0171EF5F23AA1B5CD9A62    6035456    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2015-03-10 20:27:55    36F99BD8A0F09BDBB7850A138845A014    2358784    ----a-w-    C:\Windows\Sysnative\wininet.dll
2015-03-10 20:27:54    667229C8F194D619D12F05943D7F61F0    199680    ----a-w-    C:\Windows\Sysnative\msrating.dll
2015-03-10 20:27:54    1C393E42928BF55B3796E732B678CD5B    88064    ----a-w-    C:\Windows\Sysnative\MshtmlDac.dll
2015-03-10 20:27:53    1193400D8E29A5A010135FB09A4EB1E8    25021440    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2015-03-10 20:27:26    CBA2694BFC61F371181F2BE2BCD66C40    465920    ----a-w-    C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-13 21:26:58    F29E7E36F8A8A7BAC112327E842FF0B5    61712    ----a-w-    C:\Windows\Sysnative\drivers\PSKMAD.sys
2015-03-10 20:30:39    87BCD1034CBF33537D4D4C251D39BA26    94656    ----a-w-    C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-10 20:30:31    ED6E75158D28D33A2E2A020AC5B2B59D    663552    ----a-w-    C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-10 20:30:30    90C53BD47979FB8814F465A08B885102    61440    ----a-w-    C:\Windows\Sysnative\drivers\appid.sys
2015-03-10 20:28:56    8BA90F480705D7153AD0060CCA62222A    155576    ----a-w-    C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-10 20:28:56    56ED3EE5FED6BF2FC1305CF872042868    95680    ----a-w-    C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-10 20:28:56    27667A788130A7F7A5858DE27572E6D7    459336    ----a-w-    C:\Windows\Sysnative\drivers\cng.sys
2015-02-25 19:03:25    8654C41241D78E82A7ED06CB93979578    107792    ----a-w-    C:\Windows\Sysnative\drivers\PSINReg.sys
2015-02-25 19:03:24    DC0689626D73EDDBF2C5C9EE3FD5F43D    133904    ----a-w-    C:\Windows\Sysnative\drivers\PSINProt.sys
2015-02-25 19:03:24    DB31C96C3A95E42366F9C4552F262A9C    197392    ----a-w-    C:\Windows\Sysnative\drivers\PSINKNC.sys
2015-02-25 19:03:24    4A8D1170BB6ED097CAC6802CF6D8BB96    124176    ----a-w-    C:\Windows\Sysnative\drivers\PSINProc.sys
2015-02-25 19:03:23    7D2D3E766EEB6F234931D46B99BDBF75    121616    ----a-w-    C:\Windows\Sysnative\drivers\PSINFile.sys
2015-02-25 19:03:23    7634AD77547B9B3E6C772956CBCF15CF    163088    ----a-w-    C:\Windows\Sysnative\drivers\PSINAflt.sys
====== C:\Windows\Tasks ======
2015-03-19 12:15:09    F58F9E2151BE1C14D3E9C5B5FB780CA7    3104    ----a-w-    C:\Windows\Sysnative\Tasks\{F5D719B3-39ED-448E-9BB1-029DCA22BA77}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-03-19 12:18:05    --------    d-----w-    C:\PROGRA~2\Mozilla Maintenance Service
2015-03-19 11:54:32    --------    d-----w-    C:\PROGRA~2\COMMON~1\Java
2015-03-09 18:32:22    --------    d-----w-    C:\PROGRA~2\Sonoris
======= C: =====
====== C:\Users\Yasser\AppData\Roaming ======
2015-03-18 07:53:27    --------    d-----w-    C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten
2015-03-09 18:32:54    --------    d-----w-    C:\Users\Yasser\AppData\Roaming\License_Activator
2015-03-09 18:32:28    --------    d-----w-    C:\Users\Yasser\AppData\Roaming\DDP_Player
2015-03-09 18:32:23    --------    d-----w-    C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sonoris
====== C:\Users\Yasser ======
2015-03-19 12:17:12    993CD4272B70D53FA21FE6829EEF92F2    243416    ----a-w-    C:\Users\Yasser\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-19 12:01:38    --------    d-----w-    C:\ProgramData\Lavasoft
2015-03-19 11:57:20    45A11C9C96AB08DDEA7172C53452E447    561064    ----a-w-    C:\Users\Yasser\Downloads\jxpiinstall(1).exe
2015-03-19 11:53:49    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-19 11:53:35    --------    d-----w-    C:\ProgramData\Oracle
2015-03-19 11:52:09    45A11C9C96AB08DDEA7172C53452E447    561064    ----a-w-    C:\Users\Yasser\Downloads\jxpiinstall.exe
2015-03-18 08:14:00    8045ABB21A3BDD66A48E1ED5C0F0EF6A    1222144    ----a-w-    C:\Users\Yasser\Downloads\RSITx64.exe
2015-03-13 21:25:56    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-03-13 21:24:24    467908252DBC23E1539A382C532675C3    59793408    ----a-w-    C:\Users\Yasser\Downloads\FREEAV.exe
2015-03-13 21:21:51    C8A6B75E72DF96DEC9B71498849B7590    532480    ----a-w-    C:\Users\Yasser\Downloads\cwshredder.exe
2015-03-12 19:14:01    1B9F05E1C6FD84C13F703DA569136418    2057008    ----a-w-    C:\Users\Yasser\Downloads\Adaware_Installer(1).exe
2015-03-12 18:18:00    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2015-03-12 18:18:00    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs

====== C: exe-files ==
2015-03-19 12:18:08    799AA84868568B45F6D16B51E9F69F51    103588    ----a-w-    C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2015-03-19 12:18:05    81E8AF6407EC3F41908FE37F054353EA    148080    ----a-w-    C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2015-03-19 12:17:12    993CD4272B70D53FA21FE6829EEF92F2    243416    ----a-w-    C:\Documents and Settings\Yasser\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-19 12:15:33    2E8A5736739C6D23F5CBAE22973A1E3A    6553144    ----a-w-    C:\Documents and Settings\Yasser\AppData\Local\Temp\SpotifyUninstall.exe
2015-03-19 11:57:20    45A11C9C96AB08DDEA7172C53452E447    561064    ----a-w-    C:\Documents and Settings\Yasser\Downloads\jxpiinstall(1).exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaws.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\javaw.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:49    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath\java.exe
2015-03-19 11:53:42    F95C5163F6D8955BEF59A896C7F7112D    159656    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-03-19 11:53:42    DFB1F31DD4A08FA5892886DC7117064A    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-03-19 11:53:42    A29B7A1BAD1A1EB608ACF7684F1F1E37    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-03-19 11:53:42    7833052815087E5BF9346AC78FDCED68    51112    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-03-19 11:53:42    751E8649890CC42727D80F8D6DE1F1CB    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-03-19 11:53:42    689916BDF4F58C7F7AD25F8B3ABB783A    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-03-19 11:53:41    AF28DAA2B4EB3AD87203202264A2491C    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-03-19 11:53:41    A07427A93E1133A7F0F4691CC54B9294    272296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-03-19 11:53:41    946FD6292EAE3FBB93CC3BB01BA8763D    76712    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-03-19 11:53:41    94017ABBDE345580542D8301793EFF7A    191400    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-03-19 11:53:41    79B6403F5BD398BB9880F00FAF7C69DA    68520    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-03-19 11:53:41    7162180C98D1BE5D1315FC05B3C91E9D    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-03-19 11:53:41    6031BACB59D93E5ECB4ACDE6E12565EA    30632    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-03-19 11:53:41    3DB4CD42B36FD2C98E9B51E3CBC1670E    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-03-19 11:53:41    32700B34EE49959FAF64EC46D96B3630    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-03-19 11:53:41    30E9397C2F0C8FF128219D6A25E172BB    190888    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-03-19 11:53:41    2794D464D89260B0316C16A9FE24C660    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-03-19 11:53:41    1FA2D0F07730F502A857BFC63DA6C193    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-03-19 11:53:41    0A9C7408BADBA5D2C841817C22ACBF07    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-03-19 11:53:41    08363434BEC1B0AE6420C77820BC12E9    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-03-19 11:53:41    042B789E469D238D5FA9DEC4241CE3FD    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-03-19 11:52:09    45A11C9C96AB08DDEA7172C53452E447    561064    ----a-w-    C:\Documents and Settings\Yasser\Downloads\jxpiinstall.exe
2015-03-18 08:14:00    8045ABB21A3BDD66A48E1ED5C0F0EF6A    1222144    ----a-w-    C:\Documents and Settings\Yasser\Downloads\RSITx64.exe
2015-03-13 21:24:24    467908252DBC23E1539A382C532675C3    59793408    ----a-w-    C:\Documents and Settings\Yasser\Downloads\FREEAV.exe
2015-03-13 21:21:51    C8A6B75E72DF96DEC9B71498849B7590    532480    ----a-w-    C:\Documents and Settings\Yasser\Downloads\cwshredder.exe
2015-03-12 21:10:30    7DF547F2E361A6ADC8DFAF9544C6A283    10033232    ----a-w-    C:\Program Files (x86)\Google\Update\Install\{B9C0E166-9EED-448A-88F5-616BD65F77DF}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-12 21:10:30    7DF547F2E361A6ADC8DFAF9544C6A283    10033232    ----a-w-    C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-12 19:14:01    1B9F05E1C6FD84C13F703DA569136418    2057008    ----a-w-    C:\Documents and Settings\Yasser\Downloads\Adaware_Installer(1).exe
2015-03-12 18:18:00    F5E7368C1E11579CEF3244370AF7D670    671808    ----a-w-    C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.76.exe
2015-03-12 18:17:58    6336F7C1EA8A1FD24521B11429B9ECDA    1596480    ----a-w-    C:\Program Files (x86)\NCH Software\Switch\switch.exe
2015-03-12 18:17:58    403DA8628C89287DE1EEE4BF5CD2C582    122880    ----a-w-    C:\Program Files (x86)\NCH Software\Switch\mp3el.exe
2015-03-12 17:18:21    F5E7368C1E11579CEF3244370AF7D670    671808    ----a-w-    C:\Documents and Settings\Yasser\Downloads\Programma's\switchsetup(4).exe
=== C: other files ==
2015-03-19 11:53:42    9DCBFF045A2A43212A4763C3461A50B9    14130    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip


 

Link naar reactie
Delen op andere sites

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2615218092-1894063395-1112891428-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
"Google Update"="C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
"Google Update"="C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdAwareTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.4.6792.0\\AdAwareTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Yasser\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Yasser\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google+ Auto Backup"
"hkey"="HKCU"
"command"="\"C:\\Users\\Yasser\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SetDefault]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SetDefault"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Yasser\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Yasser\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""


==== Startup Folders ======================

2014-07-24 08:55:58    270336    ----a-w-    C:\Users\Yasser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
2014-11-09 20:20:20    836    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2014-11-09 20:20:20    2099    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2014-11-09 20:20:19    1999    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job --a------ C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2014 18:36]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job --a------ C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2014 18:36]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2014 21:55]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2014 21:55]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c.job --a------ C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe [11/08/2014 21:52]
C:\Windows\tasks\HPCeeScheduleForYasser.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 04:43]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Yasser-HP-Yasser" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core" [C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA" [C:\Users\Yasser\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001Core" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2615218092-1894063395-1112891428-1001UA1d0418737fd270c" [C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForYasser" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{58F01F79-5EB5-4F40-8B15-76F83F9FE17E}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F7BE2FF6-EA48-4207-8E52-5C2588BAADA7}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\NCH Software\SwitchSevenDays" [C:\Program Files (x86)\NCH Software\Switch\Switch.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default
user_pref("browser.startup.homepage", "http://www.google.be/");
user_pref("keyword.URL", "");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/10/2013 18:14]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default
- Afmelden voor advertentiecookie - %ProfilePath%\extensions\optout@google.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\1sxd1l5p.default
2EE9DCAE1D70ABF4D058688DE35F8221    - C:\Windows\SysWOW64\npDeployJava1.dll -    Java Deployment Toolkit 7.0.250.16
F556A64AB2DB1BD834E7C89CE211516B    - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll -    Shockwave for Director / Shockwave for Director
6846D2CA7E1D5937AEE3F99BB7F5464B    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll -    Shockwave for Director / Shockwave for Director
43583AB4DFD406F4C188342F41B1F91C    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll -    Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0    - C:\Users\Yasser\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -    VASCO Card Reader Plugin
98137411B9C632095F919E2CE70B288A    - C:\Users\Yasser\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll -    Google Update
3CD19649B2C3023D65E67C056457A2BC    - C:\Users\Yasser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -    Facebook Video Calling Plugin
1CDD28B47D8198F868349BDFBCD1281B    - C:\Users\Yasser\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -    VASCO Card Reader Plugin
15E298B5EC5B89C5994A59863969D9FF    - C:\Windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
debkinhcgejcbfgjiaalomcmkedjmiaa - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx[25/08/2011 04:41]

Google Docs - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Cast - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecastâ„¢ - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
Google Search - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Website Logon - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa
LocalChromecast Player - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp
Google Wallet - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Yasser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.be/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.be/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{07F202EA-A471-44A9-AC55-B3C726D27203} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Yasser\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hpqtra08.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F0AAF4C-7CC8-4DCB-A974-317DD5592029}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F86CB3-0265-4ED7-95DC-FDA91028DE28}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0833E06-D174-4DC7-812B-6EEA9F9E1AF5}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA064087-7215-4BC6-A4D8-030EC90A85FE}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{2513A2C7-1B96-47A4-A4AB-84888DE040F2}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Yasser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Yasser\AppData\Local\Mozilla\Firefox\Profiles\1sxd1l5p.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Yasser\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=250 folders=35 404380965 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Yasser\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Yasser\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Yasser\AppData\Roaming\Dropbox"  not found

==== EOF on do 19/03/2015 at 13:52:48,17 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.png AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).
 

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Voeg dit logje toe aan je volgend bericht.
Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

Link naar reactie
Delen op andere sites

# AdwCleaner v4.112 - Logbestand aangemaakt 21/03/2015 op 15:17:12
# Laatste update 09/03/2015 door Xplode
# Database : 2015-03-15.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Yasser - YASSER-HP
# Gestart vanuit : C:\Users\Yasser\Desktop\adwcleaner_4.112.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\adawarebp
Sleutel Verwijderd : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Sleutel Verwijderd : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.1 (x86 nl)


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [1791 bytes] - [12/04/2014 13:58:05]
AdwCleaner[R1].txt - [9706 bytes] - [06/11/2014 18:14:19]
AdwCleaner[R2].txt - [6728 bytes] - [06/11/2014 18:27:05]
AdwCleaner[R3].txt - [1401 bytes] - [11/12/2014 19:42:43]
AdwCleaner[R4].txt - [1711 bytes] - [21/03/2015 11:42:53]
AdwCleaner[s0].txt - [1635 bytes] - [12/04/2014 13:59:01]
AdwCleaner[s1].txt - [4733 bytes] - [11/11/2014 13:14:40]
AdwCleaner[s2].txt - [1725 bytes] - [28/11/2014 21:00:40]
AdwCleaner[s3].txt - [1473 bytes] - [11/12/2014 19:45:55]
AdwCleaner[s4].txt - [1649 bytes] - [21/03/2015 15:17:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1708  bytes] ##########
 

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
lavasoft;z
lavasoft;a
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

 

Voeg het logje toe als bijlage aan je bericht.

Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.