Jump to content

ekock76

Members
  • Posts

    16
  • Joined

  • Last visited

Everything posted by ekock76

  1. Im on holiday now. Will do al the last steps next week when i am back. and will let you know if I can run malwarebytes. thnx so far.
  2. Results of screen317's Security Check version 0.99.86 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` McAfee Antivirus en antispyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Duplicate Cleaner Pro 3.2.3 Java 7 Update 60 Java version out of Date! Adobe Flash Player 14.0.0.145 Adobe Reader XI Mozilla Firefox 29.0.1 Firefox out of Date! Google Chrome 35.0.1916.153 Google Chrome 36.0.1985.125 ````````Process Check: objlist.exe by Laurent```````` Symantec Norton Online Backup NOBuAgent.exe McAfee Online Backup MOBKbackup.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Home Premium x64Ran by ekock on ma 21-07-2014 at 10:16:30,96~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on ma 21-07-2014 at 10:23:43,51End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  4. # AdwCleaner v3.216 - Rapport aangemaakt 21/07/2014 op 10:10:32 # Laatste Update 17/07/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : ekock - EKOCK-PC-OFFICE # Gestart vanuit : C:\Users\ekock\Desktop\adwcleaner_3.216.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\eSafe Map Verwijderd : C:\Program Files (x86)\Common Files\337 Bestand Verwijderd : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser ***** [ Snelkoppelingen ] ***** Snelkoppeling Gedesinfecteerd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk Snelkoppeling Gedesinfecteerd : C:\Users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Snelkoppeling Gedesinfecteerd : C:\Users\ekock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Snelkoppeling Gedesinfecteerd : C:\Users\ekock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : HKCU\Software\Myfree Codec Sleutel Verwijderd : HKCU\Software\powerpack Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKLM\Software\Desksvc Sleutel Verwijderd : HKLM\Software\hdcode Sleutel Verwijderd : HKLM\Software\Myfree Codec Sleutel Verwijderd : HKLM\Software\portaldositesSoftware Sleutel Verwijderd : HKLM\Software\V9 Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Description ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] -\\ Mozilla Firefox v29.0.1 (nl) [ Bestand : C:\Users\ekock\AppData\Roaming\Mozilla\Firefox\Profiles\81niafhp.default-1379351311305\prefs.js ] -\\ Google Chrome v36.0.1985.125 [ Bestand : C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF ************************* AdwCleaner[R0].txt - [5582 octets] - [21/07/2014 10:08:41] AdwCleaner[s0].txt - [4383 octets] - [21/07/2014 10:10:32] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4443 octets] ##########
  5. eset logfile C:\Users\ekock\Downloads\ccsetup403.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\ekock\Downloads\ccsetup407.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\ekock\Downloads\ccsetup408.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationE:\Downloads Spotnet\Downloads\_UNPACK_CCleaner Professional + Business Edition v4084428 Incl Crack\CCleaner_4.08\ccsetup408.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75\Templates\Icetheme\Community (Joomla 2.5)\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75\Templates\Icetheme\Community (Joomla 2.5)\templates\it_community\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75\Templates\Icetheme\Motor (Joomla 2.5)\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75\Templates\Icetheme\Motor (Joomla 2.5)\templates\it_motor\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75_1\Templates\Icetheme\Community (Joomla 2.5)\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75_1\Templates\Icetheme\Community (Joomla 2.5)\templates\it_community\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75_1\Templates\Icetheme\Motor (Joomla 2.5)\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationE:\Downloads Spotnet\Uitgepakt\Software\Joomla Add-on Pack 75_1\Templates\Icetheme\Motor (Joomla 2.5)\templates\it_motor\icetools\default.php PHP/Obfuscated.F potentially unwanted applicationK:\Elements HD\SOFTWARE\Branden\SetupImgBurn_2.5.6.0.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe applicationK:\Elements HD\SOFTWARE\Branden\Ashampoo-Burning-Studio-10.10.0.1\Ashampoo Burning Studio 10.10.0.1\ashampoo_burning_studio_10_10.0.1_sm.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationK:\Elements HD\SOFTWARE\Branden\DVDFab_Platinum_5.0.7.5_-_Final\universal.dvdfab.platinum.5-patch.2.0.exe a variant of Win32/HackTool.Patcher.A potentially unsafe applicationK:\Elements HD\SOFTWARE\Grafische vormgeving & Foto\Photo_Collage_Creator_Versie_2.25\Photo Collage Creator Versie 2.25\setup.exe Win32/Induc virusK:\Elements HD\SOFTWARE\Muziek & Video\7mediaplayers\Gomplayerensetup.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe applicationK:\Elements HD\SOFTWARE\Muziek & Video\limewire\LimeWireProWin_v5.4.8.exe multiple threatsK:\Elements HD\SOFTWARE\Muziek & Video\limewire\LimeWireWin_v5.4.7.exe multiple threatsK:\Elements HD\SOFTWARE\Muziek & Video\limewire\LimeWire.Pro.v5.4.8.Multilingual.Retail-EAT\LimeWireProWin_v5.4.8.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe applicationK:\Elements HD\SOFTWARE\Muziek & Video\Magic Video Converter 8.0.2.18\Magic Video Converter 8.0.2.18\MagicVideoConverter.exe a variant of Win32/TrojanDownloader.Small.OOT trojanK:\Elements HD\SOFTWARE\Uitzoeken\cavebox.com_Web_Palette_Pro_v4.0.2.0\Web_Palette_Pro_v4.0.2.0\Web Palette Pro v4.0.2.0\KG\Keygen.exe a variant of Win32/Keygen.AS potentially unsafe applicationK:\Elements HD\SOFTWARE\Webdesign\Swish\SwishmaxAdd-ons\Swishmax Add-ons\guestbooks\Mogelijkheden\03\upload\gbook.php PHP/Obfuscated.F potentially unwanted application
  6. ComboFix 14-07-14.01 - ekock 15-07-2014 8:35.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6127.3114 [GMT 2:00] Gestart vanuit: c:\users\ekock\Desktop\Malwarebytes probleem\ComboFix.exe AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\2d223c37245f292b443c32293b3a2d_c C:\Thumbs.db c:\users\ekock\AppData\Local\Temp\7zS50F6\HPSLPSVC64.DLL c:\users\ekock\Documents\DAVA370.tmp c:\users\ekock\Documents\DAVE226.tmp c:\users\ekock\Documents\DAVF88B.tmp c:\users\ekock\Documents\DAVFBEE.tmp c:\windows\security\Database\tmp.edb K:\Autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_HPSLPSVC . . (((((((((((((((((((( Bestanden Gemaakt van 2014-06-15 to 2014-07-15 )))))))))))))))))))))))))))))) . . 2014-07-15 06:43 . 2014-07-15 06:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-07-14 08:35 . 2014-07-14 08:35 -------- d-----w- c:\program files (x86)\Common Files\Java 2014-07-14 08:35 . 2014-07-14 08:35 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-07-14 07:32 . 2014-07-14 08:34 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-07-14 07:32 . 2014-07-14 07:32 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-07-09 06:36 . 2014-06-20 20:14 810160 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2014-06-26 19:30 . 2014-07-08 07:57 -------- d-----w- C:\FRST 2014-06-26 19:22 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-06-26 19:22 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-06-26 19:22 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-06-19 05:10 . 2014-06-20 10:15 -------- d-----w- c:\users\ekock\AppData\Local\Adobe 2014-06-18 20:30 . 2014-06-18 20:30 -------- d-----w- c:\users\ekock\AppData\Local\Macromedia . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-07-10 01:02 . 2013-06-06 14:36 96441528 ----a-w- c:\windows\system32\MRT.exe 2014-07-09 13:25 . 2013-07-05 05:19 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-07-09 13:25 . 2013-07-05 05:19 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-06-03 08:41 . 2013-06-06 16:27 589008 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe 2014-05-29 23:07 . 2014-06-04 07:11 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2014-05-29 23:07 . 2013-11-01 09:27 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-05-29 23:07 . 2014-06-04 07:11 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll 2014-05-29 23:07 . 2013-11-01 09:27 1279480 ----a-w- c:\windows\system32\nvspcap64.dll 2014-05-20 02:44 . 2014-06-02 08:12 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-05-20 02:44 . 2014-06-02 08:12 895776 ----a-w- c:\windows\system32\NvIFR64.dll 2014-05-20 02:44 . 2014-06-02 08:12 892704 ----a-w- c:\windows\system32\NvFBC64.dll 2014-05-20 02:44 . 2014-06-02 08:12 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll 2014-05-20 02:44 . 2014-06-02 08:12 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll 2014-05-20 02:44 . 2014-06-02 08:12 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2014-05-20 02:44 . 2014-06-02 08:12 354016 ----a-w- c:\windows\system32\nvoglshim64.dll 2014-05-20 02:44 . 2014-06-02 08:12 31387936 ----a-w- c:\windows\system32\nvoglv64.dll 2014-05-20 02:44 . 2014-06-02 08:12 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll 2014-05-20 02:44 . 2014-06-02 08:12 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2014-05-20 02:44 . 2014-06-02 08:12 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll 2014-05-20 02:44 . 2014-06-02 08:12 166568 ----a-w- c:\windows\system32\nvinitx.dll 2014-05-20 02:44 . 2014-06-02 08:12 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll 2014-05-20 02:44 . 2014-06-02 08:12 146480 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-05-20 02:44 . 2014-06-02 08:12 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2014-05-20 02:44 . 2014-06-02 08:12 11599072 ----a-w- c:\windows\system32\nvopencl.dll 2014-05-20 02:44 . 2014-06-02 08:12 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll 2014-05-20 02:44 . 2014-06-02 08:12 3141976 ----a-w- c:\windows\system32\nvcuvid.dll 2014-05-20 02:44 . 2014-06-02 08:12 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2014-05-20 02:44 . 2014-06-02 08:12 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll 2014-05-20 02:44 . 2014-06-02 08:12 25256224 ----a-w- c:\windows\system32\nvcompiler.dll 2014-05-20 02:44 . 2014-06-02 08:12 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2014-05-20 02:44 . 2014-06-02 08:12 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2014-05-20 02:44 . 2014-06-02 08:12 11644928 ----a-w- c:\windows\system32\nvcuda.dll 2014-05-20 02:44 . 2014-03-11 09:00 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2014-05-20 02:44 . 2013-07-02 10:47 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll 2014-05-20 02:44 . 2013-06-10 07:08 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-05-20 02:44 . 2013-06-10 07:08 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-05-20 02:44 . 2013-02-25 22:32 3109248 ----a-w- c:\windows\system32\nvapi64.dll 2014-05-20 02:44 . 2013-02-25 22:32 952952 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-05-20 02:44 . 2013-02-25 22:32 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-05-20 01:25 . 2010-08-09 06:12 6769096 ----a-w- c:\windows\system32\nvcpl.dll 2014-05-20 01:25 . 2010-08-09 06:12 3514144 ----a-w- c:\windows\system32\nvsvc64.dll 2014-05-20 01:25 . 2010-08-09 06:12 927520 ----a-w- c:\windows\system32\nvvsvc.exe 2014-05-20 01:25 . 2010-08-09 06:12 62808 ----a-w- c:\windows\system32\nvshext.dll 2014-05-20 01:25 . 2010-08-09 06:12 387528 ----a-w- c:\windows\system32\nvmctray.dll 2014-05-20 01:25 . 2010-08-09 06:12 2560968 ----a-w- c:\windows\system32\nvsvcr.dll 2014-05-19 23:10 . 2014-06-02 08:20 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-05-14 23:49 . 2013-06-06 13:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin 2014-05-08 09:32 . 2014-06-12 08:53 3178496 ----a-w- c:\windows\system32\rdpcorets.dll 2014-05-08 09:32 . 2014-06-12 08:53 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2014-04-25 02:34 . 2014-06-12 08:53 801280 ----a-w- c:\windows\system32\usp10.dll 2014-04-25 02:06 . 2014-06-12 08:53 626688 ----a-w- c:\windows\SysWow64\usp10.dll 2014-04-22 13:10 . 2014-04-22 13:10 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys 2014-04-22 13:10 . 2014-04-22 13:10 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys 2014-04-22 13:10 . 2014-04-22 13:10 970336 ----a-w- c:\windows\system32\drivers\timntr.sys 2014-04-22 13:10 . 2014-04-22 13:10 277088 ----a-w- c:\windows\system32\drivers\snapman.sys 2014-04-22 13:08 . 2014-04-22 13:08 86016 ----a-r- c:\users\ekock\AppData\Roaming\Microsoft\Installer\{58053C71-35D9-4F16-9E5A-50C97504B2D0}\Seagate_NAS_Discov_25095144CDA545069117E7B7657B7840.exe 2014-04-22 13:08 . 2014-04-22 13:08 86016 ----a-r- c:\users\ekock\AppData\Roaming\Microsoft\Installer\{58053C71-35D9-4F16-9E5A-50C97504B2D0}\BlackArmor_Discove_90FF9289A03D4ED88DE6D3E499E65F57_1.exe 2014-04-22 13:08 . 2014-04-22 13:08 86016 ----a-r- c:\users\ekock\AppData\Roaming\Microsoft\Installer\{58053C71-35D9-4F16-9E5A-50C97504B2D0}\ARPPRODUCTICON.exe 2014-04-21 07:26 . 2014-04-21 07:26 119512 ----a-w- c:\windows\system32\drivers\48230029.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2014-06-10 08:39 1730264 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2014-06-10 08:39 1730264 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2014-06-10 08:39 1730264 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify"="c:\users\ekock\AppData\Roaming\Spotify\Spotify.exe" [2014-07-10 6162488] "Spotify Web Helper"="c:\users\ekock\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-10 1178168] "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-06-09 122200] "HP Officejet Pro 8600 (NET)"="c:\program files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416] "Wunderlist"="c:\program files (x86)\Wunderlist2\Wunderlist.exe" [2013-12-02 13021792] "GoogleChromeAutoLaunch_449783D3B0AA6CBEBA9A499D6CC0B0E0"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-06-05 860488] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600] "HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2014-05-08 41336] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-05-08 840568] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208] "BlackArmorBackupMonitor.exe"="c:\program files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe" [2012-10-31 5547704] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-05-28 310064] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-06-09 122200] . c:\users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\ekock\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/03/29 22:42;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer888RCIR_64.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x] S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x] S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x] S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x] S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x] S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x] S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x] S2 MOBKbackup;1%;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [x] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 sfcdpsrv;Seagate Nonstop Backup-service ;c:\program files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [x] S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x] S3 AVer7231_x64;AVerMedia 7231 capture service;c:\windows\system32\DRIVERS\AVer7231_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer7231_x64.sys [x] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech HD Pro Webcam C920(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x] S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_C6F09094 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-06-12 19:40 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-05 13:25] . 2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13 05:03] . 2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf27458081f822.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13 05:03] . 2014-07-14 c:\windows\Tasks\HPCeeScheduleForEKOCK-PC-OFFICE$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2014-07-14 c:\windows\Tasks\HPCeeScheduleForekock.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2014-06-10 10:07 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2014-06-10 10:07 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2014-06-10 10:07 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\ekock\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-13 18:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-13 18:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-13 18:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072] "Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2012-10-31 395320] . ------- Bijkomende Scan ------- . uStart Page = about:Tabs uLocal Page = c:\windows\system32\blank.htm mDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.10.1 FF - ProfilePath - c:\users\ekock\AppData\Roaming\Mozilla\Firefox\Profiles\81niafhp.default-1379351311305\ . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe c:\users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Officejet Pro 8600 (netwerk).lnk - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.14" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\windows\SysWOW64\rundll32.exe c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe c:\program files (x86)\TeamViewer\Version9\tv_w32.exe c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2014-07-15 08:52:59 - machine werd herstart ComboFix-quarantined-files.txt 2014-07-15 06:52 . Pre-Run: 845.602.017.280 bytes beschikbaar Post-Run: 845.294.407.680 bytes beschikbaar . - - End Of File - - BB8F592440FA292B25D6D29677E9F0EE
  7. Still i cannot run malwarebytes anti malware
  8. I did the scan and it says no malware found. ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1012 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17207 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, H:\ DRIVE_FIXED, K:\ DRIVE_FIXEDCPU speed: 3.392000 GHzMemory total: 6424133632, free: 2481565696 Could not load protection driverDownloaded database version: v2014.07.13.07Downloaded database version: v2014.07.09.01Initializing...======================------------ Kernel report ------------ 07/14/2014 09:32:49------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\system32\drivers\mfehidk.sys\SystemRoot\System32\Drivers\PxHlpa64.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\mfewfpk.sys\SystemRoot\system32\DRIVERS\timntr.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\system32\DRIVERS\tdrpm273.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\system32\DRIVERS\snapman.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\DRIVERS\disk.sys\SystemRoot\system32\DRIVERS\CLASSPNP.SYS\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\MOBK.sys\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\drivers\termdd.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\drivers\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\drivers\HDAudBus.sys\SystemRoot\system32\DRIVERS\HECIx64.sys\SystemRoot\system32\drivers\usbehci.sys\SystemRoot\system32\drivers\USBPORT.SYS\SystemRoot\system32\DRIVERS\AVer7231_x64.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\BdaSup.SYS\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\DRIVERS\nusb3xhc.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\Rt64win7.sys\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\drivers\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\drivers\kbdclass.sys\SystemRoot\system32\drivers\mouclass.sys\SystemRoot\system32\drivers\serscan.sys\SystemRoot\system32\drivers\swenum.sys\SystemRoot\system32\DRIVERS\circlass.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\drivers\nvvad64v.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\system32\DRIVERS\nusb3hub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\nvhda64v.sys\SystemRoot\system32\DRIVERS\stwrt64.sys\SystemRoot\system32\DRIVERS\hidir.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\drivers\kbdhid.sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\drivers\mfeavfk.sys\SystemRoot\system32\drivers\mfefirek.sys\SystemRoot\system32\DRIVERS\mfencbdc.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\DRIVERS\lvuvc64.sys\SystemRoot\system32\drivers\usbaudio.sys\SystemRoot\system32\DRIVERS\lvrs64.sys\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\system32\drivers\hidusb.sys\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\??\C:\Windows\system32\Drivers\rikvm_C6F09094.sys\SystemRoot\system32\drivers\McPvDrv.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\system32\DRIVERS\udfs.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\system32\drivers\mfeapfk.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\DRIVERS\afcdp.sys\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\SystemRoot\system32\drivers\cfwids.sys\SystemRoot\system32\DRIVERS\asyncmac.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\lpk.dll\Windows\System32\iertutil.dll\Windows\System32\ws2_32.dll\Windows\System32\msctf.dll\Windows\System32\wininet.dll\Windows\System32\clbcatq.dll\Windows\System32\kernel32.dll\Windows\System32\shlwapi.dll\Windows\System32\Wldap32.dll\Windows\System32\sechost.dll\Windows\System32\urlmon.dll\Windows\System32\rpcrt4.dll\Windows\System32\msvcrt.dll\Windows\System32\advapi32.dll\Windows\System32\user32.dll\Windows\System32\ole32.dll\Windows\System32\normaliz.dll\Windows\System32\imm32.dll\Windows\System32\setupapi.dll\Windows\System32\usp10.dll\Windows\System32\gdi32.dll\Windows\System32\difxapi.dll\Windows\System32\comdlg32.dll\Windows\System32\imagehlp.dll\Windows\System32\shell32.dll\Windows\System32\psapi.dll\Windows\System32\oleaut32.dll\Windows\System32\nsi.dll\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll\Windows\System32\devobj.dll\Windows\System32\KernelBase.dll\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll\Windows\System32\userenv.dll\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll\Windows\System32\crypt32.dll\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll\Windows\System32\comctl32.dll\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll\Windows\System32\wintrust.dll\Windows\System32\cfgmgr32.dll\Windows\System32\msasn1.dll\Windows\System32\profapi.dll\Windows\SysWOW64\normaliz.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk7\DR7Upper Device Object: 0xfffffa8009c2c790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\000000a9\Lower Device Object: 0xfffffa80096f7b60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk6\DR6Upper Device Object: 0xfffffa8009be0790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\000000a7\Lower Device Object: 0xfffffa8009bd2060Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk5\DR5Upper Device Object: 0xfffffa8009bdd060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\000000a6\Lower Device Object: 0xfffffa8009bd0b60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk4\DR4Upper Device Object: 0xfffffa8009bd8060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\000000a5\Lower Device Object: 0xfffffa8009bd2b60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xfffffa8009bcd060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\000000a4\Lower Device Object: 0xfffffa8009b94990Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xfffffa800888a440Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000097\Lower Device Object: 0xfffffa8009753b60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa8007bdc060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-2\Lower Device Object: 0xfffffa80068db050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa8007bdb060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xfffffa80068d9050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa8007bdb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8007a2f910, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8007a2e980, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8007a2eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8007bdbe30, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8007bdb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa80068d9050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\snapman\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...Done!Drive 0This is a System driveScanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 108F921B Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 1925345729 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 1925552577 Numsec = 27967488 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa8007bdc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8007a38940, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8007a37980, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8007a37b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8007a33900, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8007bdc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa80068db050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\snapman\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: 90767101 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 1953519616 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytesSector size: 512 bytes Done!Physical Sector Size: 512Drive: 2, DevicePointer: 0xfffffa800888a440, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa80099c3e30, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa80096f9e30, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa80097a4b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800996da50, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa800888a440, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009753b60, DeviceName: \Device\00000097\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\snapman\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 2Scanning MBR on drive 2...Inspecting partition table:MBR Signature: 55AADisk Signature: 195159 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 3907027120 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytesSector size: 512 bytes Done!Physical Sector Size: 0Drive: 3, DevicePointer: 0xfffffa8009bcd060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8009bcd940, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bd6650, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8009bd5310, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009bd2720, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bcd060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009b94990, DeviceName: \Device\000000a4\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 4, DevicePointer: 0xfffffa8009bd8060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8009bdcc30, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bdae30, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8009bd9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009bd6e30, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bd8060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009bd2b60, DeviceName: \Device\000000a5\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 5, DevicePointer: 0xfffffa8009bdd060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8009bd5830, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bde4a0, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8009bdd940, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009bda730, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009bdd060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009bd0b60, DeviceName: \Device\000000a6\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 6, DevicePointer: 0xfffffa8009be0790, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8009be1040, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009be0560, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8009be3040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009be18b0, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009be0790, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009bd2060, DeviceName: \Device\000000a7\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 512Drive: 7, DevicePointer: 0xfffffa8009c2c790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8009bebc60, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009c2db10, DeviceName: Unknown, DriverName: \Driver\snapman\DevicePointer: 0xfffffa8009c686a0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009c4dd90, DeviceName: Unknown, DriverName: \Driver\tdrpman273\DevicePointer: 0xfffffa8009c2c790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa80096f7b60, DeviceName: \Device\000000a9\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\snapman\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 7Scanning MBR on drive 7...Inspecting partition table:MBR Signature: 55AADisk Signature: 791E6 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 1463773184 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 749452918784 bytesSector size: 512 bytes Done!Scan finished
  9. Hi there, i selected yes. then i tried to run a scan, but halfway the programm stops running.
  10. When i try to run aswMBR i ghet the following pop-up. see attachment. What do i need to answer: yes or no?
  11. As i could not start up malware anymore i started a topic elswehere in this forum. They looked at it and redirected me to here cause my pc is infected. Enclosed the FRST.txt and Addition.txt I am a premium user of malwarebytes andf have a license key Addition.txt FRST.txt
  12. Enclosed my logfiles. thembam.exe doesn't run properly. i do not get a logfile from that Addition.txt FRST.txt
  13. Hi, I did what you asked me, but still i do not get malwarebytes to run.
  14. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014 Ran by ekock at 2014-06-26 21:31:49 Running from C:\Users\ekock\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: McAfee Antivirus en antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AS: McAfee Antivirus en antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== Administratieve software van Davilex (HKLM-x32\...\InstallShield_{E475F460-DA74-4E7E-9941-64E5856F4214}) (Version: 9.4.2.1104 - Davilex) Administratieve software van Davilex (x32 Version: 9.4.2.1104 - Davilex) Hidden Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 3 Design Premium (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 3 Design Premium toevoegen of verwijderen (HKLM-x32\...\Adobe_4f447996d55a2562c006714721fae31) (Version: 1.0 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Illustrator CS3 (x32 Version: 13.0.1 - Adobe Systems Incorporated) Hidden Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Boekhouden Totaal 12 (HKCU\...\2fa915bd2ae699ba) (Version: 12.5.0.5 - Osirius bv) Boekhouden Totaal 13 (HKCU\...\d116d35e1ead10fb) (Version: 13.0.2.113 - Osirius bv) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) CutePDF Professional 3.6 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.6.4.0 - Acro Software Inc.) CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - ) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.) CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.) Duplicate Cleaner Pro 3.2.3 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 3.2.3 - DigitalVolcano Software Ltd) DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse) Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NT 2008 (HKLM-x32\...\{1E105942-593C-4C48-AB3D-BEC2124F5FCE}) (Version: 10.0.0.1 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NT 2012.10 Update (HKLM-x32\...\{41A00174-B4EA-4E79-9CAF-DC118A878B92}) (Version: 15.10.0.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NT 2014.10 Update (HKLM-x32\...\{5AFFBD70-E969-41D6-80F6-CD85C0F0A0F0}) (Version: 17.10.0.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NT 2014.40 Update (HKLM-x32\...\{45734B7D-FC19-4C0A-997F-6AFF6E1D29F8}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard) HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard) HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard) HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard) HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Officejet Pro 8600 Basissoftware van het apparaat (HKLM\...\{A2518197-0768-4AF0-BFE5-C2965A812F9A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Help (HKLM-x32\...\{7788947C-D122-4E93-9F7D-52624FD8C10D}) (Version: 28.0.0 - Hewlett Packard) HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP) HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard) HP Remote Solution (x32 Version: 1.1.14.0 - Hewlett-Packard) Hidden HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6302.0 - IDT) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.) Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden Light Image Resizer 4.4.4.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.4.4.0 - ObviousIdea) LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe) Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..) Logitech-webcamsoftware (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.) LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.40.835.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.40.845.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.40.836.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.40.844.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.40.844.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.5.4000 - Maxthon International Limited) McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden McAfee Total Protection (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 15.0.4623.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 (x32 Version: - Microsoft Corporation) Hidden Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 RsFx Driver (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden Mozilla Firefox 29.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 nl)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Opera Stable 22.0.1471.70 (HKCU\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.) PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server) QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink) Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate) Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate) Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM-x32\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB) Spotnet (HKLM-x32\...\{12947715-B6F0-4597-816F-5E13FB647921}_is1) (Version: 1.8.1 - Spotnet) Spotnet Improver Local v2.0-rc1 (HKLM-x32\...\Spotnet Improver Local_is1) (Version: 2.0-rc1 - Ps3udO) SQL Server 2008 R2 SP1 Common Files (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP1 Database Engine Services (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP1 Database Engine Shared (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WhoCrashed 4.02 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Wunderlist (HKLM-x32\...\{1ca68332-4ba1-4943-9010-eaa1aa45b492}) (Version: 2.3.0.31 - 6 Wunderkinder GmbH) Wunderlist (x32 Version: 2.3.0.31 - 6 Wunderkinder GmbH) Hidden ==================== Restore Points ========================= 12-06-2014 20:55:05 Windows Update 13-06-2014 07:38:34 Garmin Express 13-06-2014 07:41:42 Garmin Express 20-06-2014 04:21:17 McAfee Vulnerability Scanner ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0237BD34-9B88-4B44-8A9B-96C3D9BA06E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {047E5203-55BB-4A1F-B65A-6A1AD36DCE15} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION Task: {09571E06-32D4-4F0A-BD03-1340F061273D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {0DC5ED7D-AF4A-46CC-9390-36EA09D16AC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {178D16D4-97CB-4836-9D57-0AD177464038} - System32\Tasks\GoogleUpdateTaskMachineUA1cf27458081f822 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.) Task: {237E416C-903F-4EED-AD06-5C0A9B996E9D} - System32\Tasks\HPCeeScheduleForEKOCK-PC-OFFICE$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {23B64F26-977F-429B-9C41-C2624C60D687} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.) Task: {2407851E-A87F-4637-A946-18DBD3730828} - System32\Tasks\Opera scheduled Autoupdate 1379060559 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software) Task: {3D1915BA-FE5D-400C-9EFB-B5D241B64B38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN359B3GWP => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {4E2E8B66-4839-423B-81F5-9535381ACEEB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ekock-PC-office-ekock ekock-PC-office => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-10] (Microsoft Corporation) Task: {52E09262-94EC-4A3E-AFB5-1A5C4366786A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-06-10] (Microsoft Corporation) Task: {583600D2-8068-4AE6-AFE0-5B3643709455} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-06-10] (Microsoft) Task: {79D8CCB4-FC12-45D3-88DF-B918C8075178} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation) Task: {7FA0DBA9-55C8-40D4-B7B2-F17E8138BADF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-20] (Adobe Systems Incorporated) Task: {A1F1E8B1-DE37-49ED-A3F1-2EFBBE89D767} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] () Task: {C779641E-B5AA-4D5D-9DAD-4A8DA4848A86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {D1A3FA1A-42FF-41F4-A3B0-893E8C1E21E8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-06-03] (Maxthon International ltd.) Task: {D4B9EBB4-29E9-4DBB-B3A7-5DE0E2BD235B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D5C35B79-F877-4BFB-A9E7-FF3E066B6EE7} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [2009-02-28] () Task: {DE1C48CA-0FFA-467B-9977-8D68799C035F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {E7F9F1F7-EF5A-468D-A972-279F02FE998A} - System32\Tasks\HPCeeScheduleForekock => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {EB6B17DE-2513-40A6-84D0-E9D6A34B186B} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] () Task: {FA03BE87-1C62-43C9-AB88-B495ADA85A17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-06-10] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf27458081f822.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForEKOCK-PC-OFFICE$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForekock.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-11 16:52 - 2010-03-11 14:25 - 00085496 _____ () C:\Windows\System32\cpwmon64.dll 2013-06-06 15:49 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-03-23 12:20 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2011-03-30 07:44 - 2009-02-28 04:13 - 00053248 _____ () C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe 2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2010-09-15 19:31 - 2010-09-15 19:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 2014-02-14 11:20 - 2014-02-14 11:20 - 01672704 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\ReactiveUI\ca4c6374d6c12d92c7d96680bb7328d4\ReactiveUI.ni.dll 2014-02-14 11:21 - 2014-02-14 11:21 - 00035328 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinde6f42a4a9#\a03d5c47c984346008ba13e9c563a958\Wunderkinder.Wunderlist.Data.Realtime.ni.dll 2014-02-14 11:20 - 2014-02-14 11:20 - 00529408 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Akavache.Portable\b1e3a440491d3e92a6e969fc4bbf1e85\Akavache.Portable.ni.dll 2014-02-14 11:20 - 2014-02-14 11:20 - 00050176 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinded9c6edae#\cbfdefb9fa17cd72c7f6dc58e6ad53dd\Wunderkinder.Wunderlist.Presentation.ni.dll 2014-02-14 11:20 - 2014-02-14 11:20 - 00910336 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\AutoMapper\26f8d37c719a62bfb151ae71a71f06a7\AutoMapper.ni.dll 2013-10-01 14:33 - 2013-10-01 14:33 - 00028160 _____ () C:\Program Files (x86)\Wunderlist2\AutoMapper.Net4.dll 2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe 2013-09-24 11:05 - 2014-06-26 18:09 - 00598072 _____ () C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyHelper.exe 2010-04-13 20:11 - 2010-04-13 20:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-06-10 17:43 - 2014-06-26 18:09 - 36966968 _____ () C:\Users\ekock\AppData\Roaming\Spotify\Data\libcef.dll 2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2014-06-26 21:20 - 2014-06-26 21:20 - 00043008 _____ () c:\users\ekock\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcxm_jt.dll 2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\ekock\AppData\Roaming\Dropbox\bin\libcef.dll 2011-11-11 14:08 - 2011-11-11 14:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2011-11-11 14:08 - 2011-11-11 14:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2011-11-11 14:08 - 2011-11-11 14:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2011-11-11 14:08 - 2011-11-11 14:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2011-11-11 14:08 - 2011-11-11 14:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2014-06-12 21:42 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-12 21:42 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll 2011-12-12 15:44 - 2011-12-12 15:44 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2011-03-30 07:44 - 2009-02-20 02:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL 2014-06-12 21:42 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-12 21:42 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-12 21:42 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll 2014-06-10 21:32 - 2014-06-10 21:32 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2013-09-24 11:05 - 2014-06-26 18:09 - 00886840 _____ () C:\Users\ekock\AppData\Roaming\Spotify\Data\libglesv2.dll 2013-09-24 11:05 - 2014-06-26 18:09 - 00108600 _____ () C:\Users\ekock\AppData\Roaming\Spotify\Data\libegl.dll 2014-06-10 21:32 - 2014-06-10 21:32 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2014-06-10 21:32 - 2014-06-10 21:32 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll 2013-11-13 10:47 - 2013-11-13 10:47 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: 802.11n Wireless LAN Card Description: 802.11n Wireless LAN Card Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WD SES Device USB Device Description: WD SES Device USB Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Officejet Pro 8600 Description: Officejet Pro 8600 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Officejet Pro 8600 Description: Officejet Pro 8600 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/26/2014 09:22:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x132c Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:21:37 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {63147ca2-44a9-4be6-b9f1-8578c32148f3} Error: (06/26/2014 09:16:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x23d4 Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:14:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x22cc Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:13:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x21fc Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:12:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x6d8 Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:10:10 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {cddde139-554c-4ef5-9790-2cb571af70e2} Error: (06/26/2014 09:09:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x21d4 Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:01:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel: 0x53518532 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x1f80 Starttijd van toepassing met fout: 0xmbam.exe0 Pad naar toepassing met fout: mbam.exe1 Pad naar module met fout: mbam.exe2 Rapport-id: mbam.exe3 Error: (06/26/2014 09:00:20 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {7392859b-ac23-4178-a23b-0bde1c23e538} System errors: ============= Error: (06/26/2014 09:11:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Easybits Services for Windows-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/26/2014 08:58:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De MBAMService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/26/2014 08:57:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De MBAMScheduler-service kan vanwege de volgende fout niet worden gestart: %%1053 Error: (06/26/2014 08:57:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: MBAMScheduler. Error: (06/26/2014 08:56:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De PnP-X IP Bus Enumerator-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart: %%1068 Error: (06/26/2014 08:56:19 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F} Error: (06/26/2014 08:56:19 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF} Error: (06/26/2014 08:55:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De Computer Browser-service is afhankelijk van de Server-service, die vanwege de volgende fout niet kan worden gestart: %%1068 Error: (06/26/2014 08:55:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De Computer Browser-service is afhankelijk van de Server-service, die vanwege de volgende fout niet kan worden gestart: %%1068 Error: (06/26/2014 08:55:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De Computer Browser-service is afhankelijk van de Server-service, die vanwege de volgende fout niet kan worden gestart: %%1068 Microsoft Office Sessions: ========================= Error: (06/26/2014 09:22:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd132c01cf917403768e13C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll41e51be3-fd67-11e3-94ef-e069954d1502 Error: (06/26/2014 09:21:37 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Toegang geweigerd. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {63147ca2-44a9-4be6-b9f1-8578c32148f3} Error: (06/26/2014 09:16:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd23d401cf91731cf44598C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll5b6c225b-fd66-11e3-b1de-e069954d1502 Error: (06/26/2014 09:14:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd22cc01cf9172cce4b6fdC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll0aabdeca-fd66-11e3-b1de-e069954d1502 Error: (06/26/2014 09:13:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd21fc01cf9172b2e1b41cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllf0a3d2c6-fd65-11e3-b1de-e069954d1502 Error: (06/26/2014 09:12:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6d801cf917295354a92C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlld36a02d9-fd65-11e3-b1de-e069954d1502 Error: (06/26/2014 09:10:10 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Toegang geweigerd. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {cddde139-554c-4ef5-9790-2cb571af70e2} Error: (06/26/2014 09:09:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd21d401cf91721e74b00fC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll5d259f08-fd65-11e3-b1de-e069954d1502 Error: (06/26/2014 09:01:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1f8001cf917103be17beC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll41c1fb4e-fd64-11e3-a345-e069954d1502 Error: (06/26/2014 09:00:20 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Toegang geweigerd. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {7392859b-ac23-4178-a23b-0bde1c23e538} ==================== Memory info =========================== Percentage of memory in use: 52% Total physical RAM: 6126.53 MB Available physical RAM: 2906.85 MB Total Pagefile: 12251.24 MB Available Pagefile: 8350.64 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:918.08 GB) (Free:791.73 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:13.34 GB) (Free:1.64 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: (DATA_DRIVE_1) (Fixed) (Total:931.51 GB) (Free:562.37 GB) NTFS Drive g: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF Drive h: (My Pasport) (Fixed) (Total:697.98 GB) (Free:364.26 GB) NTFS Drive k: (Elements) (Fixed) (Total:1863.02 GB) (Free:1194.64 GB) NTFS Drive w: (Data EM-studios) (Network) (Total:631.41 GB) (Free:630.01 GB) NTFS Drive x: (Data Privé) (Network) (Total:260.1 GB) (Free:135.99 GB) NTFS Drive y: (Data EM-studios) (Network) (Total:631.41 GB) (Free:630.01 GB) NTFS Drive z: (Data The Guide) (Network) (Total:465.76 GB) (Free:196.59 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 108F921B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 90767101) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00195159) Partition 1: (Not Active) - (Size=-198625370112) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 698 GB) (Disk ID: 000791E6) Partition 1: (Not Active) - (Size=698 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  15. I tried the cleaning tool and the reinstall, but that didn't work (a lot of runtime errors). So underneath muy logfiles (mbam.check did not give me a logfile): Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014Ran by ekock (administrator) on EKOCK-PC-OFFICE on 26-06-2014 21:30:28Running from C:\Users\ekock\DesktopPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe(Acronis) C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe(Spotify Ltd) C:\Users\ekock\AppData\Roaming\Spotify\spotify.exe(Spotify Ltd) C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Dropbox, Inc.) C:\Users\ekock\AppData\Roaming\Dropbox\bin\Dropbox.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Seagate) C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE() C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)HKLM\...\Run: [seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395320 2012-10-31] (Seagate)HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)HKLM-x32\...\Run: [bATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-09] (Hewlett-Packard)HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-04] (Hewlett-Packard)HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exeHKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [blackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5547704 2012-10-31] (Seagate)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-10] (Hewlett-Packard)HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-06] (Microsoft Corporation)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [spotify] => C:\Users\ekock\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-26] (Spotify Ltd)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [spotify Web Helper] => C:\Users\ekock\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-26] (Spotify Ltd)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [Wunderlist] => C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\Run: [GoogleChromeAutoLaunch_449783D3B0AA6CBEBA9A499D6CC0B0E0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)HKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\MountPoints2: L - L:\LaunchU3.exe -aHKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\MountPoints2: {0f760b99-a611-11e3-b14d-e069954d1502} - G:\LaunchU3.exe -aHKU\S-1-5-21-3834244815-3693570720-351012370-1001\...\MountPoints2: {6e5fe735-e743-11e2-926a-e069954d1502} - "G:\WD SmartWare.exe" autoplay=trueStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnkShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)Startup: C:\Users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\ekock\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Officejet Pro 8600 (netwerk).lnkShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: MOBK -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)ShellIconOverlayIdentifiers: MOBK2 -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)ShellIconOverlayIdentifiers: MOBK3 -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:TabsStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/1346-111086-4124-0/4?satitle={searchTerms}&mfe=DesktopsSearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/1346-111086-4124-0/4?satitle={searchTerms}&mfe=DesktopsSearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/1346-111086-4124-0/4?satitle={searchTerms}&mfe=DesktopsBHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: CutePDF Form Filler Helper - {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileToolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 FireFox:========FF ProfilePath: C:\Users\ekock\AppData\Roaming\Mozilla\Firefox\Profiles\81niafhp.default-1379351311305FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xmlFF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-06]FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-07-13]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-06] Chrome: =======CHR HomePage: hxxp://www.em-studios.nl/CHR Plugin: (Widevine Content Decryption Module) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No FileCHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()CHR Plugin: (McAfee SiteAdvisor) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1291_0\McChPlg.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No FileCHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll No FileCHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No FileCHR Extension: (Google Documenten) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-21]CHR Extension: (Google Drive) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-21]CHR Extension: (YouTube) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-21]CHR Extension: (Google Zoeken) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-21]CHR Extension: (SiteAdvisor) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-21]CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2013-11-12]CHR Extension: (Google Wallet) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]CHR Extension: (Gmail) - C:\Users\ekock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-21] ==================== Services (Whitelisted) ================= R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-26] (CyberLink)R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-06-06] (Macrovision Europe Ltd.) [File not signed]R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]R2 HPSLPSVC; C:\Users\ekock\AppData\Local\Temp\7zS50F6\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [File not signed]R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-03] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)R2 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-04-22] (Acronis)S4 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)S3 CXCIR; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [39936 2009-11-14] (AVerMedia TECHNOLOGIES, Inc.)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-26 21:30 - 2014-06-26 21:31 - 00037602 _____ () C:\Users\ekock\Desktop\FRST.txt2014-06-26 21:30 - 2014-06-26 21:30 - 01673896 _____ (Malwarebytes Corporation) C:\Users\ekock\Desktop\mbam-check-2.1.0.0002.exe2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____D () C:\FRST2014-06-26 21:29 - 2014-06-26 21:29 - 02082816 _____ (Farbar) C:\Users\ekock\Desktop\FRST64.exe2014-06-26 21:22 - 2014-06-26 21:22 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-26 21:22 - 2014-06-26 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-26 21:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-26 21:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-26 21:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-26 21:21 - 2014-06-26 21:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ekock\Desktop\mbam-setup-2.0.2.1012.exe2014-06-26 21:17 - 2014-06-26 21:17 - 00315392 _____ (Malwarebytes Corporation) C:\Users\ekock\Desktop\mbam-clean-2.0.2.0.exe2014-06-26 21:11 - 2014-06-26 21:15 - 00002360 _____ () C:\Users\ekock\Desktop\Rkill.txt2014-06-26 21:11 - 2014-06-26 21:11 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\ekock\Desktop\rkill.exe2014-06-26 20:53 - 2014-06-26 20:56 - 00000000 ____D () C:\Windows\pss2014-06-24 09:58 - 2014-06-26 21:18 - 00009066 _____ () C:\Windows\PFRO.log2014-06-20 15:10 - 2014-06-20 15:10 - 00000000 ____D () C:\Users\ekock\Desktop\smartprintserver2014-06-20 06:22 - 2014-06-20 06:22 - 00004052 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 13790605592014-06-19 07:10 - 2014-06-20 12:15 - 00000000 ____D () C:\Users\ekock\AppData\Local\Adobe2014-06-18 22:30 - 2014-06-18 22:30 - 00000000 ____D () C:\Users\ekock\AppData\Local\Macromedia2014-06-13 09:05 - 2014-06-26 21:18 - 00006422 _____ () C:\Windows\setupact.log2014-06-13 09:05 - 2014-06-13 09:05 - 00000000 _____ () C:\Windows\setuperr.log2014-06-12 10:53 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-06-12 10:53 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-06-12 10:53 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-06-12 10:53 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-06-12 10:53 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-06-12 10:53 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-06-12 10:53 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-06-12 10:53 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-06-12 10:53 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-06-12 10:53 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-06-12 10:53 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-06-12 10:53 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-06-12 10:53 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-06-12 10:53 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-06-12 10:53 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-06-12 10:53 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-06-12 10:53 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-06-12 10:53 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-06-12 10:53 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-06-12 10:53 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-06-12 10:53 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-06-12 10:53 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-06-12 10:53 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-06-12 10:53 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-06-12 10:53 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-06-12 10:53 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-12 10:53 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-06-12 10:53 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-06-12 10:53 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-06-12 10:53 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-06-12 10:53 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-06-12 10:53 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-06-12 10:53 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-06-12 10:53 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-06-12 10:53 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-06-12 10:53 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-06-12 10:53 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-06-12 10:53 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-06-12 10:53 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-06-12 10:53 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2014-06-12 10:53 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-06-12 10:53 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-06-12 10:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-06-12 10:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-06-12 10:53 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-06-12 10:53 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-06-12 10:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-06-12 10:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-06-12 10:53 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-06-12 10:53 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-06-12 10:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-06-12 10:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-06-12 10:52 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-12 10:52 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-12 10:52 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-06-12 10:52 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-06-12 10:52 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-06-12 10:52 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-06-12 10:52 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-06-12 10:52 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-06-12 10:52 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-06-12 10:52 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-06-12 10:52 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-06-12 10:52 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-06-12 10:52 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-06-12 10:52 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-06-12 10:52 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-06-12 10:52 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-06-07 16:29 - 2014-04-11 10:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys2014-06-07 16:29 - 2014-04-11 10:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys2014-06-04 09:11 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-06-04 09:11 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-06-03 09:50 - 2014-06-03 09:50 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-06-03 09:50 - 2014-06-03 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-06-03 09:49 - 2014-06-03 09:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-06-03 09:49 - 2014-06-03 09:50 - 00000000 ____D () C:\Program Files\iTunes2014-06-03 09:49 - 2014-06-03 09:50 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-06-03 09:49 - 2014-06-03 09:49 - 00000000 ____D () C:\Program Files\iPod2014-06-02 11:35 - 2014-06-02 11:35 - 00001962 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk2014-06-02 11:33 - 2014-06-02 11:33 - 04996210 _____ (Tim Kosse) C:\Users\ekock\Downloads\FileZilla_3.8.1_win32-setup.exe2014-06-02 10:20 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-06-02 10:12 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-06-02 10:12 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-06-02 10:12 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-06-02 10:12 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-06-02 10:12 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-06-02 10:12 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-06-02 10:12 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-06-02 10:12 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-06-02 10:12 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-06-02 10:12 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-06-02 10:12 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-06-02 10:12 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-06-02 10:12 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-06-02 10:12 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll2014-06-02 10:12 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-06-02 10:12 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-06-02 10:05 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2014-06-02 10:05 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll ==================== One Month Modified Files and Folders ======= 2014-06-26 21:31 - 2014-06-26 21:30 - 00037602 _____ () C:\Users\ekock\Desktop\FRST.txt2014-06-26 21:30 - 2014-06-26 21:30 - 01673896 _____ (Malwarebytes Corporation) C:\Users\ekock\Desktop\mbam-check-2.1.0.0002.exe2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____D () C:\FRST2014-06-26 21:30 - 2013-06-10 17:43 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Spotify2014-06-26 21:29 - 2014-06-26 21:29 - 02082816 _____ (Farbar) C:\Users\ekock\Desktop\FRST64.exe2014-06-26 21:26 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-06-26 21:26 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-06-26 21:25 - 2013-07-05 07:19 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-06-26 21:23 - 2013-06-06 16:08 - 00001846 _____ () C:\Users\Public\Desktop\McAfee Total Protection.lnk2014-06-26 21:23 - 2013-06-06 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-06-26 21:23 - 2011-03-30 07:35 - 01465013 _____ () C:\Windows\WindowsUpdate.log2014-06-26 21:22 - 2014-06-26 21:22 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-26 21:22 - 2014-06-26 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-26 21:22 - 2014-04-11 10:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-26 21:22 - 2013-06-11 00:00 - 00000000 ____D () C:\Users\ekock\AppData\Local\CrashDumps2014-06-26 21:22 - 2013-06-06 19:05 - 00005078 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ekock-PC-office-ekock ekock-PC-office2014-06-26 21:22 - 2013-06-06 18:39 - 00000000 ____D () C:\Users\ekock\Documents\Outlook-bestanden2014-06-26 21:21 - 2014-06-26 21:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ekock\Desktop\mbam-setup-2.0.2.1012.exe2014-06-26 21:21 - 2013-06-06 16:07 - 00000000 __RSD () C:\Users\ekock\Documents\McAfee Kluizen2014-06-26 21:20 - 2014-05-16 09:09 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\DropboxMaster2014-06-26 21:20 - 2013-06-10 13:37 - 00000000 ___RD () C:\Users\ekock\Dropbox2014-06-26 21:20 - 2013-06-10 13:35 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Dropbox2014-06-26 21:19 - 2013-07-13 07:03 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-26 21:18 - 2014-06-24 09:58 - 00009066 _____ () C:\Windows\PFRO.log2014-06-26 21:18 - 2014-06-13 09:05 - 00006422 _____ () C:\Windows\setupact.log2014-06-26 21:18 - 2011-03-30 07:31 - 00000000 ____D () C:\ProgramData\NVIDIA2014-06-26 21:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-26 21:17 - 2014-06-26 21:17 - 00315392 _____ (Malwarebytes Corporation) C:\Users\ekock\Desktop\mbam-clean-2.0.2.0.exe2014-06-26 21:15 - 2014-06-26 21:11 - 00002360 _____ () C:\Users\ekock\Desktop\Rkill.txt2014-06-26 21:11 - 2014-06-26 21:11 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\ekock\Desktop\rkill.exe2014-06-26 20:56 - 2014-06-26 20:53 - 00000000 ____D () C:\Windows\pss2014-06-26 20:44 - 2014-02-11 18:22 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf27458081f822.job2014-06-26 18:28 - 2013-06-06 16:07 - 00000000 ____D () C:\Program Files (x86)\McAfee2014-06-26 18:14 - 2013-06-10 12:00 - 00000000 ___HD () C:\ProgramData\OsiriusSafetyBackup2014-06-26 18:14 - 2013-06-06 18:17 - 00000000 ____D () C:\Users\ekock\AppData\Local\Deployment2014-06-26 18:07 - 2011-03-30 08:14 - 00839966 _____ () C:\Windows\system32\perfh013.dat2014-06-26 18:07 - 2011-03-30 08:14 - 00186600 _____ () C:\Windows\system32\perfc013.dat2014-06-26 18:07 - 2009-07-14 07:13 - 01908418 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-24 14:31 - 2013-09-05 08:31 - 00003232 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForEKOCK-PC-OFFICE$2014-06-24 14:31 - 2013-09-05 08:31 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForEKOCK-PC-OFFICE$.job2014-06-24 14:28 - 2014-02-08 05:01 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForekock2014-06-24 14:28 - 2014-02-08 05:01 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForekock.job2014-06-23 19:16 - 2011-03-30 07:44 - 00000000 ____D () C:\ProgramData\PDFC2014-06-23 18:39 - 2014-02-11 18:22 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf27458081f8222014-06-23 18:39 - 2013-07-13 07:03 - 00003798 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-23 18:31 - 2013-12-17 13:32 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk2014-06-23 18:31 - 2013-12-17 13:32 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk2014-06-23 18:18 - 2013-06-10 17:43 - 00000000 ____D () C:\Users\ekock\AppData\Local\Spotify2014-06-21 01:39 - 2013-07-13 07:13 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\vlc2014-06-21 00:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF2014-06-20 23:57 - 2013-07-02 15:51 - 00000000 ____D () C:\Program Files\WinRAR2014-06-20 16:35 - 2013-07-17 10:04 - 00000000 ____D () C:\Users\ekock\AppData\Local\CutePDF Writer2014-06-20 15:10 - 2014-06-20 15:10 - 00000000 ____D () C:\Users\ekock\Desktop\smartprintserver2014-06-20 14:27 - 2013-07-01 12:53 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2014-06-20 14:27 - 2013-06-07 14:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log2014-06-20 14:26 - 2013-06-07 14:54 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\HpUpdate2014-06-20 14:26 - 2013-06-07 14:54 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\HP Support Assistant2014-06-20 12:15 - 2014-06-19 07:10 - 00000000 ____D () C:\Users\ekock\AppData\Local\Adobe2014-06-20 06:23 - 2013-07-05 07:19 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-06-20 06:23 - 2013-07-05 07:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-06-20 06:23 - 2013-07-05 07:19 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-06-20 06:23 - 2013-07-02 15:51 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2014-06-20 06:23 - 2013-07-02 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR2014-06-20 06:23 - 2013-06-06 18:18 - 00000000 ____D () C:\Program Files (x86)\Opera2014-06-20 06:22 - 2014-06-20 06:22 - 00004052 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 13790605592014-06-19 08:46 - 2013-11-17 16:22 - 00000000 ____D () C:\Users\ekock\AppData\Local\QuickPar2014-06-18 23:33 - 2013-07-05 09:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-06-18 22:30 - 2014-06-18 22:30 - 00000000 ____D () C:\Users\ekock\AppData\Local\Macromedia2014-06-18 22:29 - 2013-07-05 09:14 - 00000000 ____D () C:\Users\ekock\AppData\Local\Mozilla2014-06-18 13:34 - 2013-06-07 11:37 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\FileZilla2014-06-17 17:04 - 2013-06-06 18:49 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Skype2014-06-16 13:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache2014-06-13 09:41 - 2013-08-01 12:27 - 00000000 ____D () C:\ProgramData\Package Cache2014-06-13 09:40 - 2014-04-20 18:24 - 00003554 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask2014-06-13 09:40 - 2013-08-01 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin2014-06-13 09:40 - 2013-08-01 12:27 - 00000000 ____D () C:\ProgramData\Garmin2014-06-13 09:40 - 2013-08-01 12:12 - 00000000 ____D () C:\Program Files (x86)\Garmin2014-06-13 09:08 - 2009-07-14 07:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-06-13 09:05 - 2014-06-13 09:05 - 00000000 _____ () C:\Windows\setuperr.log2014-06-12 22:59 - 2013-07-12 07:11 - 00000000 ____D () C:\Windows\system32\MRT2014-06-12 22:56 - 2013-06-06 16:36 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-06-12 22:55 - 2014-05-06 22:26 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-06-12 11:44 - 2014-05-21 22:04 - 00000000 ____D () C:\Windows\Minidump2014-06-12 11:41 - 2013-07-13 01:44 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-06-12 11:41 - 2013-07-13 01:44 - 00000000 ____D () C:\Program Files\CCleaner2014-06-11 12:25 - 2013-07-19 15:53 - 00001456 _____ () C:\Users\ekock\AppData\Local\Adobe Save for Web 13.0 Prefs2014-06-10 21:33 - 2013-06-06 18:25 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-06-09 01:58 - 2013-07-13 07:18 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\dvdcss2014-06-08 19:28 - 2013-09-16 17:55 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\ObviousIdea2014-06-08 11:13 - 2014-06-12 10:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-08 11:08 - 2014-06-12 10:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-07 16:36 - 2014-01-05 02:52 - 00000000 ____D () C:\Users\ekock\Documents\SelfMV2014-06-07 16:30 - 2013-07-18 14:05 - 00001954 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk2014-06-07 16:30 - 2013-07-18 14:05 - 00000000 ____D () C:\Users\ekock\AppData\Local\Samsung2014-06-07 16:26 - 2013-07-18 13:42 - 00000000 ____D () C:\ProgramData\Samsung2014-06-07 16:25 - 2013-07-18 14:05 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Samsung2014-06-07 16:24 - 2013-07-18 13:41 - 00000000 ____D () C:\Users\ekock\AppData\Local\Downloaded Installations2014-06-04 09:10 - 2011-03-30 07:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation2014-06-03 13:23 - 2014-01-05 02:52 - 00001931 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk2014-06-03 11:48 - 2013-06-06 15:57 - 00000000 ____D () C:\Program Files\Common Files\McAfee2014-06-03 09:50 - 2014-06-03 09:50 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-06-03 09:50 - 2014-06-03 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-06-03 09:50 - 2014-06-03 09:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-06-03 09:50 - 2014-06-03 09:49 - 00000000 ____D () C:\Program Files\iTunes2014-06-03 09:50 - 2014-06-03 09:49 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-06-03 09:49 - 2014-06-03 09:49 - 00000000 ____D () C:\Program Files\iPod2014-06-03 09:30 - 2013-06-06 18:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-06-02 11:35 - 2014-06-02 11:35 - 00001962 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk2014-06-02 11:35 - 2013-06-07 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client2014-06-02 11:35 - 2013-06-07 11:37 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client2014-06-02 11:33 - 2014-06-02 11:33 - 04996210 _____ (Tim Kosse) C:\Users\ekock\Downloads\FileZilla_3.8.1_win32-setup.exe2014-06-02 10:20 - 2013-06-06 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2014-06-02 10:20 - 2011-03-30 07:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-02 09:45 - 2013-06-10 13:36 - 00000000 ____D () C:\Users\ekock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-06-02 09:45 - 2013-06-06 18:49 - 00000000 ____D () C:\ProgramData\Skype2014-06-02 09:43 - 2014-02-28 10:35 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-06-02 09:41 - 2013-06-06 18:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-06-02 09:41 - 2013-06-06 18:18 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk2014-05-30 12:21 - 2014-06-12 10:52 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-30 12:02 - 2014-06-12 10:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-30 12:02 - 2014-06-12 10:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-30 11:45 - 2014-06-12 10:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-30 11:39 - 2014-06-12 10:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-30 11:39 - 2014-06-12 10:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-30 11:38 - 2014-06-12 10:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-30 11:28 - 2014-06-12 10:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-30 11:27 - 2014-06-12 10:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-30 11:24 - 2014-06-12 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-30 11:21 - 2014-06-12 10:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-30 11:21 - 2014-06-12 10:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-30 11:20 - 2014-06-12 10:52 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-30 11:18 - 2014-06-12 10:53 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-30 11:11 - 2014-06-12 10:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-30 11:08 - 2014-06-12 10:52 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-30 11:06 - 2014-06-12 10:53 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-30 11:02 - 2014-06-12 10:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-30 10:55 - 2014-06-12 10:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-30 10:49 - 2014-06-12 10:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-30 10:46 - 2014-06-12 10:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-30 10:44 - 2014-06-12 10:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-30 10:44 - 2014-06-12 10:52 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-30 10:43 - 2014-06-12 10:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-30 10:42 - 2014-06-12 10:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-30 10:38 - 2014-06-12 10:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-30 10:35 - 2014-06-12 10:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-30 10:34 - 2014-06-12 10:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-30 10:33 - 2014-06-12 10:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-30 10:30 - 2014-06-12 10:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-30 10:29 - 2014-06-12 10:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-30 10:28 - 2014-06-12 10:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-30 10:27 - 2014-06-12 10:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-30 10:24 - 2014-06-12 10:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-05-30 10:23 - 2014-06-12 10:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-30 10:16 - 2014-06-12 10:53 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-30 10:10 - 2014-06-12 10:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-30 10:06 - 2014-06-12 10:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-30 10:04 - 2014-06-12 10:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-30 10:02 - 2014-06-12 10:53 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-30 09:56 - 2014-06-12 10:53 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-30 09:56 - 2014-06-12 10:52 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-30 09:54 - 2014-06-12 10:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-30 09:50 - 2014-06-12 10:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-05-30 09:49 - 2014-06-12 10:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-30 09:43 - 2014-06-12 10:52 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-30 09:40 - 2014-06-12 10:53 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-30 09:30 - 2014-06-12 10:53 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-30 09:21 - 2014-06-12 10:53 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-30 09:15 - 2014-06-12 10:53 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-30 09:13 - 2014-06-12 10:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-30 09:13 - 2014-06-12 10:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-30 01:07 - 2014-06-04 09:11 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-05-30 01:07 - 2014-06-04 09:11 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-05-30 01:07 - 2013-11-01 11:27 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2014-05-30 01:07 - 2013-11-01 11:27 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll Some content of TEMP:====================C:\Users\ekock\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcxm_jt.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-18 12:14 ==================== End Of Log ============================
  16. Everytime when i want to run malwarebytes it doesn't start. I have bought a consumer license in february 2012. It worked gr8 till now. so i do not have live scanning anymore also. Please help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.