Ga naar inhoud

Redirect virus

MissBourix
 Delen

Aanbevolen berichten

MissBourix Leerling

MissBourix

Geplaatst:
Geplaatst:

Hallo,

 

Mijn laptop is getroffen door een redirect virus, namelijk stamplive.com. Hoe kan ik deze verwijderen?
Via Rsit heb ik al een log gemaakt, zie hieronder of bijlage.

 

Groeten,
Ingrid

 

 

-------------------------------------------------------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ingr at 2015-04-06 17:45:15
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 32 GB (7%) free of 456 GB
Total RAM: 5611 MB (52% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:47:26, on 6-4-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
 
Running processes:
C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ingr.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 216.239.32.20 google.com www.google.com
O1 - Hosts: 216.239.32.20 google.com www.google.ad
O1 - Hosts: 216.239.32.20 google.com www.google.ae
O1 - Hosts: 216.239.32.20 google.com www.google.com.af
O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
O1 - Hosts: 216.239.32.20 google.com www.google.al
O1 - Hosts: 216.239.32.20 google.com www.google.am
O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
O1 - Hosts: 216.239.32.20 google.com www.google.as
O1 - Hosts: 216.239.32.20 google.com www.google.at
O1 - Hosts: 216.239.32.20 google.com www.google.com.au
O1 - Hosts: 216.239.32.20 google.com www.google.az
O1 - Hosts: 216.239.32.20 google.com www.google.ba
O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
O1 - Hosts: 216.239.32.20 google.com www.google.be
O1 - Hosts: 216.239.32.20 google.com www.google.bf
O1 - Hosts: 216.239.32.20 google.com www.google.bg
O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
O1 - Hosts: 216.239.32.20 google.com www.google.bi
O1 - Hosts: 216.239.32.20 google.com www.google.bj
O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
O1 - Hosts: 216.239.32.20 google.com www.google.com.br
O1 - Hosts: 216.239.32.20 google.com www.google.bs
O1 - Hosts: 216.239.32.20 google.com www.google.bt
O1 - Hosts: 216.239.32.20 google.com www.google.co.bw
O1 - Hosts: 216.239.32.20 google.com www.google.by
O1 - Hosts: 216.239.32.20 google.com www.google.com.bz
O1 - Hosts: 216.239.32.20 google.com www.google.ca
O1 - Hosts: 216.239.32.20 google.com www.google.cd
O1 - Hosts: 216.239.32.20 google.com www.google.cf
O1 - Hosts: 216.239.32.20 google.com www.google.cg
O1 - Hosts: 216.239.32.20 google.com www.google.ch
O1 - Hosts: 216.239.32.20 google.com www.google.ci
O1 - Hosts: 216.239.32.20 google.com www.google.co.ck
O1 - Hosts: 216.239.32.20 google.com www.google.cl
O1 - Hosts: 216.239.32.20 google.com www.google.cm
O1 - Hosts: 216.239.32.20 google.com www.google.cn
O1 - Hosts: 216.239.32.20 google.com www.google.com.co
O1 - Hosts: 216.239.32.20 google.com www.google.co.cr
O1 - Hosts: 216.239.32.20 google.com www.google.com.cu
O1 - Hosts: 216.239.32.20 google.com www.google.cv
O1 - Hosts: 216.239.32.20 google.com www.google.com.cy
O1 - Hosts: 216.239.32.20 google.com www.google.cz
O1 - Hosts: 216.239.32.20 google.com www.google.de
O1 - Hosts: 216.239.32.20 google.com www.google.dj
O1 - Hosts: 216.239.32.20 google.com www.google.dk
O1 - Hosts: 216.239.32.20 google.com www.google.dm
O1 - Hosts: 216.239.32.20 google.com www.google.com.do
O1 - Hosts: 216.239.32.20 google.com www.google.dz
O1 - Hosts: 216.239.32.20 google.com www.google.com.ec
O1 - Hosts: 216.239.32.20 google.com www.google.ee
O1 - Hosts: 216.239.32.20 google.com www.google.com.eg
O1 - Hosts: 216.239.32.20 google.com www.google.es
O1 - Hosts: 216.239.32.20 google.com www.google.com.et
O1 - Hosts: 216.239.32.20 google.com www.google.fi
O1 - Hosts: 216.239.32.20 google.com www.google.com.fj
O1 - Hosts: 216.239.32.20 google.com www.google.fm
O1 - Hosts: 216.239.32.20 google.com www.google.fr
O1 - Hosts: 216.239.32.20 google.com www.google.ga
O1 - Hosts: 216.239.32.20 google.com www.google.ge
O1 - Hosts: 216.239.32.20 google.com www.google.gg
O1 - Hosts: 216.239.32.20 google.com www.google.com.gh
O1 - Hosts: 216.239.32.20 google.com www.google.com.gi
O1 - Hosts: 216.239.32.20 google.com www.google.gl
O1 - Hosts: 216.239.32.20 google.com www.google.gm
O1 - Hosts: 216.239.32.20 google.com www.google.gp
O1 - Hosts: 216.239.32.20 google.com www.google.gr
O1 - Hosts: 216.239.32.20 google.com www.google.com.gt
O1 - Hosts: 216.239.32.20 google.com www.google.gy
O1 - Hosts: 216.239.32.20 google.com www.google.com.hk
O1 - Hosts: 216.239.32.20 google.com www.google.hn
O1 - Hosts: 216.239.32.20 google.com www.google.hr
O1 - Hosts: 216.239.32.20 google.com www.google.ht
O1 - Hosts: 216.239.32.20 google.com www.google.hu
O1 - Hosts: 216.239.32.20 google.com www.google.co.id
O1 - Hosts: 216.239.32.20 google.com www.google.ie
O1 - Hosts: 216.239.32.20 google.com www.google.co.il
O1 - Hosts: 216.239.32.20 google.com www.google.im
O1 - Hosts: 216.239.32.20 google.com www.google.co.in
O1 - Hosts: 216.239.32.20 google.com www.google.iq
O1 - Hosts: 216.239.32.20 google.com www.google.is
O1 - Hosts: 216.239.32.20 google.com www.google.it
O1 - Hosts: 216.239.32.20 google.com www.google.je
O1 - Hosts: 216.239.32.20 google.com www.google.com.jm
O1 - Hosts: 216.239.32.20 google.com www.google.jo
O1 - Hosts: 216.239.32.20 google.com www.google.co.jp
O1 - Hosts: 216.239.32.20 google.com www.google.co.ke
O1 - Hosts: 216.239.32.20 google.com www.google.com.kh
O1 - Hosts: 216.239.32.20 google.com www.google.ki
O1 - Hosts: 216.239.32.20 google.com www.google.kg
O1 - Hosts: 216.239.32.20 google.com www.google.co.kr
O1 - Hosts: 216.239.32.20 google.com www.google.com.kw
O1 - Hosts: 216.239.32.20 google.com www.google.kz
O1 - Hosts: 216.239.32.20 google.com www.google.la
O1 - Hosts: 216.239.32.20 google.com www.google.com.lb
O1 - Hosts: 216.239.32.20 google.com www.google.li
O1 - Hosts: 216.239.32.20 google.com www.google.lk
O1 - Hosts: 216.239.32.20 google.com www.google.co.ls
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 20150 bytes
 
======Listing Processes======
 
 
 
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-ab63-b85620afb22b /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {96F3EFE9-8FAC-4FD8-A89D-ECBB0764FFCE}
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" 
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" 
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" 
"C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" 
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" 
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe" 
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe" -background
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe" 
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2372.0.1719499913\828605344" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.901.3.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe" -service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.4.1832351587\453347081" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.12.1493708910\1804757682" /prefetch:673131151
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe"  /TRAYONLY /updatefinished
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="2372.31.611250766\1675117403" --lang=nl /prefetch:845217598
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.32.87259391\980058636" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.39.1904724029\756691287" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.40.99795365\693649935" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.45.58936102\792587801" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.49.278475027\1135821459" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.50.1131135097\2137312385" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.52.2011330899\1053985987" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.53.1452417381\470784427" /prefetch:673131151
 
C:\Windows\system32\msiexec.exe /V
"C:\Users\Ingr\Downloads\RSITx64 (1).exe" 
C:\Windows\splwow64.exe 8192
C:\Windows\system32\PrintIsolationHost.exe -Embedding
 
======Scheduled tasks folder======
 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\Open Chrome.job - c:\program files (x86)\Google\Chrome\Application\chrome.exe  --new-window http://toolbar.avg.com/almost-done?pid=safeguard〈=nl 
C:\Windows\tasks\SK.Enabler-S-1495795506.job - c:\programdata\quickset\sk.enabler\SK.Enabler.exe  /schedule /profile "c:\programdata\quickset\sk.enabler\1495795506.ini" 
 
=========Mozilla firefox=========
 
ProfilePath - C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default
 
prefs.js - "browser.search.useDBForOrder" -  true
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
 
 
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
 
C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\
e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com
TTSD90021300@PYDKGV101145942.com
{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 881880]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-11-12 2588968]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-28 11786344]
"Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2011-08-02 1831016]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-27 1374032]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-02-19 26232152]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2015-02-03 127304]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files (x86)\NTI\NTI Digital Flix 2.5\MediaDetector.exe [2007-12-01 282624]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2014-02-14 450560]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Event Monitor]
C:\Windows\system32\iprntlgn.exe []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Tray]
C:\Windows\system32\iprntctl.exe TRAY_ICON []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lync]
C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [2015-02-10 19105944]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Ingr\AppData\Roaming\Spotify\Spotify.exe [2015-03-20 6701624]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Ingr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-03-20 1964088]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-27 1374032]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload]
C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [2014-07-12 36864]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk]
C:\PROGRA~2\MICROS~1\Office15\ONENOTEM.EXE [2014-09-16 194728]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^the-island-dut-3304158.lnk]
C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8}\the-island-dut-3304158.exe []
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-12 343168]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
"mbot_nl_202"= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-02-03 1533728]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"vidc.XVID"=xvidvfw.dll
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2015-04-06 17:45:15 ----D---- C:\rsit
2015-04-06 17:45:15 ----D---- C:\Program Files\trend micro
2015-03-25 08:52:59 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 08:52:59 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 08:52:59 ----A---- C:\Windows\system32\acmigration.dll
2015-03-25 08:52:58 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 08:52:58 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 08:52:58 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 08:52:58 ----A---- C:\Windows\system32\aepdu.dll
2015-03-25 08:52:58 ----A---- C:\Windows\system32\aeinv.dll
2015-03-24 15:56:57 ----D---- C:\Program Files (x86)\Seagate File Recovery for Windows
2015-03-24 15:35:08 ----D---- C:\Program Files (x86)\Seagate
2015-03-24 15:34:09 ----D---- C:\Users\Ingr\AppData\Roaming\Seagate
2015-03-24 15:32:52 ----D---- C:\Users\Ingr\AppData\Roaming\Leadertech
2015-03-19 11:14:05 ----D---- C:\ProgramData\BlockIt Ad remover
2015-03-19 09:09:00 ----D---- C:\Program Files (x86)\SystemPromote
2015-03-17 17:07:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-14 18:13:36 ----D---- C:\Program Files (x86)\Plus500
2015-03-11 09:44:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 09:44:32 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 09:44:31 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 09:44:31 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 09:44:31 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 09:44:31 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 09:44:14 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 09:44:14 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 09:44:13 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 09:44:12 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 09:44:11 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 09:44:08 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 09:44:08 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 09:44:08 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 09:44:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 09:44:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 09:44:03 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 09:44:03 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 09:44:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 09:44:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 09:44:01 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 09:44:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 09:44:00 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 09:44:00 ----A---- C:\Windows\system32\evr.dll
2015-03-11 09:43:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 09:43:58 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 09:43:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 09:43:57 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 09:43:57 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 09:43:57 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 09:43:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 09:43:56 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 09:43:56 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 09:43:55 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 09:43:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 09:43:55 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 09:43:54 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 09:43:54 ----A---- C:\Windows\system32\mf.dll
2015-03-11 09:43:52 ----A---- C:\Windows\system32\winload.exe
2015-03-11 09:43:51 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 09:43:51 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 09:43:51 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 09:43:51 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 09:43:51 ----A---- C:\Windows\system32\ci.dll
2015-03-11 09:43:51 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 09:43:51 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 09:43:50 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 09:43:50 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 09:43:50 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 09:43:49 ----A---- C:\Windows\system32\smss.exe
2015-03-11 09:43:49 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 09:43:49 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 09:43:49 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 09:43:49 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 09:43:48 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 09:43:48 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 09:43:48 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 09:43:47 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 09:43:47 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 09:43:46 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 09:43:46 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 09:43:10 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 09:43:09 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 09:43:08 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:42:21 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 09:42:21 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 09:42:18 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 09:42:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 09:42:06 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 09:42:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 09:42:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 09:42:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 09:42:04 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 09:42:04 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 09:42:04 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 09:42:04 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 09:41:09 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 09:41:09 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 09:41:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 09:41:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 09:40:57 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 09:40:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 09:40:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 09:40:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 09:40:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:40:51 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 09:40:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 09:40:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 09:40:48 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 09:40:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 09:40:48 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 09:40:47 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:40:47 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 09:40:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 09:40:46 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 09:40:46 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 09:40:45 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 09:40:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 09:40:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 09:40:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 09:40:42 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 09:40:42 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 09:40:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 09:40:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 09:40:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 09:40:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 09:40:41 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 09:40:40 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 09:40:40 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 09:40:39 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 09:40:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 09:40:39 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 09:37:26 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 09:37:25 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-09 13:51:47 ----D---- C:\Program Files (x86)\GPLGS
2015-03-09 13:51:29 ----A---- C:\Windows\system32\cpwmon64.dll
2015-03-09 13:51:28 ----D---- C:\Program Files (x86)\Acro Software
 
======List of files/folders modified in the last 1 month======
 
2015-04-06 17:47:27 ----D---- C:\Windows\Temp
2015-04-06 17:46:05 ----D---- C:\Users\Ingr\AppData\Roaming\uTorrent
2015-04-06 17:45:15 ----RD---- C:\Program Files
2015-04-06 17:29:24 ----SHD---- C:\Windows\Installer
2015-04-06 17:29:15 ----RD---- C:\Program Files (x86)
2015-04-06 17:27:30 ----SHD---- C:\System Volume Information
2015-04-06 17:25:39 ----D---- C:\Windows
2015-04-06 17:25:03 ----D---- C:\Program Files (x86)\Personal Video Database
2015-04-06 17:24:28 ----D---- C:\CSD
2015-04-06 17:24:01 ----AD---- C:\ProgramData\Temp
2015-04-06 17:17:28 ----D---- C:\Windows\system32\config
2015-04-06 17:00:42 ----D---- C:\Windows\Prefetch
2015-04-06 16:45:40 ----D---- C:\ProgramData\MFAData
2015-04-03 07:00:36 ----D---- C:\Windows\System32
2015-04-03 07:00:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-03 07:00:35 ----D---- C:\Windows\inf
2015-03-27 09:28:15 ----D---- C:\Windows\pss
2015-03-27 09:19:06 ----D---- C:\Windows\Logs
2015-03-27 09:09:32 ----D---- C:\Users\Ingr\AppData\Roaming\Spotify
2015-03-26 09:22:28 ----D---- C:\Windows\winsxs
2015-03-26 09:19:46 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 09:19:45 ----D---- C:\Windows\system32\wbem
2015-03-26 09:19:45 ----D---- C:\Windows\system32\appraiser
2015-03-26 09:19:45 ----D---- C:\Windows\AppPatch
2015-03-25 22:02:03 ----D---- C:\Aldfaer
2015-03-24 15:38:43 ----D---- C:\Users\Ingr\AppData\Roaming\Nero
2015-03-24 15:38:37 ----D---- C:\Windows\system32\Tasks
2015-03-24 15:35:33 ----D---- C:\ProgramData\Package Cache
2015-03-24 15:35:11 ----D---- C:\ProgramData\Nero
2015-03-24 14:26:46 ----D---- C:\Program Files\Bonjour
2015-03-24 14:26:46 ----D---- C:\Program Files (x86)\Bonjour
2015-03-24 14:26:45 ----D---- C:\Windows\SysWOW64
2015-03-24 13:44:34 ----D---- C:\Users\Ingr\AppData\Roaming\Kodi
2015-03-24 09:10:58 ----D---- C:\Windows\system32\drivers
2015-03-24 09:10:43 ----D---- C:\Windows\system32\DriverStore
2015-03-24 09:08:33 ----D---- C:\Program Files\Common Files\System
2015-03-24 09:06:34 ----D---- C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8}
2015-03-24 08:27:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 09:19:29 ----D---- C:\Users\Ingr\AppData\Roaming\3EB11C59-1424695033-E111-9ED5-DC0EA1B82B45
2015-03-19 11:14:05 ----HD---- C:\ProgramData
2015-03-18 19:30:15 ----D---- C:\Windows\MiniDump
2015-03-15 19:00:09 ----D---- C:\Windows\debug
2015-03-14 18:06:43 ----D---- C:\AdwCleaner
2015-03-14 17:59:01 ----D---- C:\Program Files (x86)\QuickTime
2015-03-14 17:56:21 ----D---- C:\Program Files (x86)\Astonsoft
2015-03-14 12:47:11 ----D---- C:\ProgramData\CanonIJPLM
2015-03-13 09:01:41 ----D---- C:\ProgramData\Microsoft Help
2015-03-12 21:37:47 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-03-12 21:37:47 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-12 21:37:47 ----D---- C:\Program Files\Windows Media Player
2015-03-12 21:37:47 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 21:37:46 ----D---- C:\Windows\system32\nl-NL
2015-03-12 21:37:46 ----D---- C:\Windows\system32\Dism
2015-03-12 21:37:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 21:37:45 ----D---- C:\Windows\system32\Boot
2015-03-12 21:37:41 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-12 21:37:41 ----D---- C:\Windows\system32\en-US
2015-03-12 21:37:41 ----D---- C:\Program Files\Internet Explorer
2015-03-12 21:37:40 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-12 09:48:50 ----RSD---- C:\Windows\assembly
2015-03-12 09:44:36 ----A---- C:\Windows\win.ini
2015-03-12 09:44:28 ----D---- C:\Windows\system32\MRT
2015-03-12 09:28:56 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 10:56:05 ----D---- C:\Windows\Microsoft.NET
2015-03-11 09:36:53 ----D---- C:\Windows\system32\catroot2
2015-03-11 09:12:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-03-09 10:52:13 ----D---- C:\Users\Ingr\AppData\Roaming\DVD Flick
2015-03-09 10:21:01 ----D---- C:\ProgramData\NtiDvdCopy
2015-03-09 09:49:22 ----D---- C:\ProgramData\ALLPlayer
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2013-06-18 82048]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2013-06-18 35456]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-14 50976]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-12 10207232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-12 317952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-05-04 60928]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-05-04 13312]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-09-13 88616]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-06 2826984]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 455888]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-03-26 18432]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-04-18 82816]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-06-18 2609784]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-16 16896]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-08-17 53376]
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2014-03-19 76496]
S3 gmhidlow;HID Mouse Lower Filter; C:\Windows\system32\DRIVERS\gmhidlow.sys [2013-06-18 14720]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-12 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BroadCamService;BroadCam Video Streaming Server; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2013-06-12 2591304]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-05-30 36456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe [2007-10-12 71096]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-13 144640]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-12-21 390672]
R2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2015-02-03 16216]
R2 Seagate MobileBackup Service;Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2015-02-03 157992]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2014-07-12 49152]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 a1851772;System Booster; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-17 148080]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-24 50432]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-27 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
 
-----------------EOF-----------------
 
Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
C:\Program Files (x86)\Common Files\DVDVideoSoft;fs
C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com;fs
C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\TTSD90021300@PYDKGV101145942.com;fs
C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3};fs
Resethosts;
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
""=-;r64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive];r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"mbot_nl_202"=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8};fs
C:\Users\Ingr\AppData\Roaming\3EB11C59-1424695033-E111-9ED5-DC0EA1B82B45;fs
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download malwarebytes_anti_malware.pngMalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

  • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Klik vervolgens bovenin het scherm op Scan.
  • Kies vervolgens de Aangepaste scan en klik op Scan nu.
    • Plaats vervolgens een vinkje bij de optie Scan naar rootkits.
    • Selecteer in het rechter venster alle aanwezige harde schijven en partities.

    [*]Klik vervolgens op de knop Start scan om de aangepaste uit te voeren.

    [*]Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.

    [*]De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

    [*]Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.

    • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
    • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
    • Dit bestand zal standaard op uw bureaublad worden opgeslagen.

MBAM-Scan.png

MalwareBytes' Anti-Malware logbestand plaatsen

  • Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
  • Plaats de inhoud van dit logbestand in het volgende bericht.

Wil je meer uitleg - in beeld en geluid - over de werking van Malwarebytes, bekijk dan onze eigen PCH-video hier.

Link naar reactie
Delen op andere sites
  • 2 weken later...
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.