Hallo annah,
ik heb jouw discussie verplaatst.
Download
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
RSIT Downloaden
RSIT Uitvoeren
- Dubbelklik op RSIT.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
- Als u RSIT de eerste keer uitvoert zal HijackThis gedownload worden als deze niet aanwezig is, sta dit vervolgens toe.
- Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" geopend.
RSIT Logbestanden plaatsen
- Post de inhoud van het logbestand met de naam Log.txt toe in uw volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\rsit")"
- Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
---------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by pcprive at 2014-08-17 09:25:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 892 GB (93%) free of 954 GB
Total RAM: 4095 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:26, on 17-8-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Program Files\trend micro\pcprive.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://nl.msn.com/?ocid=U219DHP&pc=U219
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://g.msn.com/1me10IE11NLNL/MSN_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [EMET Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9392 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\lxczcoms.exe -service
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe"
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1408
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.nationaalcomputerforum.nl/showthread.php?t=119257&goto=newpost"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1684.1919f460.529704606 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1684 "\\.\pipe\gecko-crash-server-pipe.1684" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe" --proxy-stub-channel=Flash4908.60360D80.29119 --host-broker-channel=Flash4908.60360D80.13280 --host-pid=4908 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe" --channel=4972.002AF4E4.240108393 --proxy-stub-channel=Flash4908.60360D80.29119 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\pcprive\Desktop\RSITx64.exe"
taskeng.exe {96971D09-DBF6-49E6-BC89-C811B931AECB}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\pcprive\AppData\Roaming\Mozilla\Firefox\Profiles\ki8n165y.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.nl/"
prefs.js - "keyword.URL" - ""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ABNAMRO/BECON,version=1.00]
"Description"=ABN AMRO e.dentifier2 Plug-in 1.0 for Mozilla
"Path"=C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.179 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.179 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Users\pcprive\AppData\Roaming\Mozilla\Firefox\Profiles\ki8n165y.default\extensions\
googlesharing@extension.thoughtcrime.org
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
C:\Users\pcprive\AppData\Roaming\Mozilla\Firefox\Profiles\ki8n165y.default\searchplugins\
duckduckgo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-01-25 3942216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-07-07 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-12-28 95576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [2013-10-07 367016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxczbmgr.exe]
C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [2009-04-27 74408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-07-07 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pcprive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-06 4085896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"EMET Agent"=C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [2013-11-12 78992]
C:\Users\pcprive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPath"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-08-17 09:25:15 ----D---- C:\Program Files\trend micro
2014-08-17 09:25:14 ----D---- C:\rsit
2014-08-14 17:19:24 ----D---- C:\Windows\MiniDump
2014-08-13 17:10:53 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 17:10:53 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 17:10:52 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 17:10:52 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 17:10:52 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 17:10:51 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 17:10:51 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 17:10:50 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 17:10:50 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 17:10:49 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 17:10:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 17:10:35 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 17:10:05 ----A---- C:\Windows\system32\msi.dll
2014-08-13 17:10:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 17:10:04 ----A---- C:\Windows\system32\authui.dll
2014-08-13 17:10:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 17:10:03 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 17:10:03 ----A---- C:\Windows\system32\consent.exe
2014-08-13 17:10:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 17:09:30 ----A---- C:\Windows\system32\win32k.sys
2014-08-13 17:09:30 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 17:09:29 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-13 17:09:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 17:08:14 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 17:08:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 17:07:57 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 17:07:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 17:06:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 17:06:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 17:06:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 17:06:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 17:06:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 17:06:50 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:06:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 17:06:49 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:06:49 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 17:06:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 17:06:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 17:06:46 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 17:06:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 17:06:46 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 17:06:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 17:06:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 17:06:45 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 17:06:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 17:06:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 17:06:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 17:06:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 17:06:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 17:06:42 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 17:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 17:06:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 17:06:41 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 17:06:40 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 17:06:40 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 17:06:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 17:06:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 17:06:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 17:06:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 17:06:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 17:06:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 17:06:37 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 17:06:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 17:06:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 17:06:34 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 17:06:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 17:06:33 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 17:06:33 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 17:06:33 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 17:06:32 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 17:06:32 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 17:06:32 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 17:06:31 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 17:06:31 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 17:06:31 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 17:06:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 17:06:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 17:06:29 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 17:06:28 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 12:09:06 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 12:09:05 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 12:09:05 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 12:09:05 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 12:08:55 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 12:08:54 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 12:07:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 12:07:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-06 15:24:32 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-06 15:24:20 ----A---- C:\Windows\avastSS.scr
2014-08-04 15:27:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-08-02 08:06:43 ----A---- C:\Windows\system32\wups2.dll
2014-08-02 08:06:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-02 08:06:42 ----A---- C:\Windows\system32\wucltux.dll
2014-08-02 08:06:42 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-02 08:06:28 ----A---- C:\Windows\system32\wups.dll
2014-08-02 08:06:28 ----A---- C:\Windows\system32\wudriver.dll
2014-08-02 08:06:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-02 08:06:27 ----A---- C:\Windows\system32\wuapi.dll
2014-08-02 08:06:25 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-02 08:06:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-02 08:06:13 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-02 08:06:12 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-02 08:06:12 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-02 08:06:12 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2014-08-17 09:25:24 ----D---- C:\Windows\temp
2014-08-17 09:25:15 ----D---- C:\Program Files
2014-08-17 09:22:20 ----D---- C:\Windows\system32\config
2014-08-16 18:48:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-16 18:36:51 ----D---- C:\Windows\Microsoft.NET
2014-08-16 18:36:30 ----RSD---- C:\Windows\assembly
2014-08-16 17:50:31 ----D---- C:\Windows\inf
2014-08-16 09:35:27 ----D---- C:\Windows\CryptoGuard
2014-08-15 12:31:15 ----SHD---- C:\Windows\Installer
2014-08-15 12:31:13 ----D---- C:\Config.Msi
2014-08-15 12:30:13 ----D---- C:\Windows\SysWOW64
2014-08-14 18:13:33 ----D---- C:\Windows\Prefetch
2014-08-14 17:19:24 ----D---- C:\Windows
2014-08-13 18:40:43 ----D---- C:\Windows\winsxs
2014-08-13 18:37:52 ----D---- C:\Windows\ehome
2014-08-13 18:37:51 ----RSD---- C:\Windows\Fonts
2014-08-13 18:37:51 ----D---- C:\Windows\System32
2014-08-13 18:37:41 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-08-13 18:37:41 ----D---- C:\Windows\system32\nl-NL
2014-08-13 18:37:40 ----D---- C:\Windows\system32\drivers
2014-08-13 18:37:40 ----D---- C:\Program Files\Internet Explorer
2014-08-13 18:37:38 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 18:37:37 ----D---- C:\Windows\system32\en-US
2014-08-13 18:37:37 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 18:37:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-13 18:15:19 ----D---- C:\ProgramData\Microsoft Help
2014-08-13 18:12:12 ----D---- C:\Windows\system32\catroot2
2014-08-13 18:12:12 ----D---- C:\Windows\system32\catroot
2014-08-13 17:43:30 ----SHD---- C:\System Volume Information
2014-08-13 17:11:53 ----D---- C:\Windows\system32\MRT
2014-08-13 17:07:39 ----D---- C:\Windows\debug
2014-08-13 17:07:34 ----A---- C:\Windows\system32\MRT.exe
2014-08-06 15:24:38 ----D---- C:\Windows\system32\Tasks
2014-08-06 15:24:22 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-05 07:44:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-04 17:15:55 ----RD---- C:\Program Files (x86)
2014-07-24 07:12:12 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 07:12:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-06 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-06 224896]
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2014-07-10 358616]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-06 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-06 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-06 427360]
R1 RapportCerberus_69875;RapportCerberus_69875; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys [2014-07-21 631128]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-07-10 299736]
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-07-10 414296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-06 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-06 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-06 92008]
R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2014-04-11 93144]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64-stuurprogramma; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\USERS\PCPRIVE\DESKTOP\RUN\a2ddax64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cleanhlp;cleanhlp; \??\C:\Users\pcprive\Desktop\Run\cleanhlp64.sys []
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-10-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-10-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-10-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-10-04 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-06 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-04-11 1876816]
R2 lxcz_device;lxcz_device; C:\Windows\system32\lxczcoms.exe [2007-04-19 566192]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-01-25 3051848]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-07-10 1886488]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16 262320]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-07-07 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-04 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-01 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------