Ga naar inhoud

Gerard Contant

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    101

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Gerard Contant

  1. Gerard Contant
    misschien als repeater. Voor anders heb kabels genoeg rond de router.maar welke heb je vandoen? en waar moet ik de stekker in stopcontact steken? in de keuken en living niet genoeg bereik, wel in de badkamer. Dank je om me te helpen
  2. Gerard Contant
    Heb in huis draadloos internet. Soms heb ik in de huiskamer geen voldoende sterkte om op internet te gaan. Heb deze Wifi repeater gekocht via internet maar helaas geen nederlandstalige begeleiding. Kan iemand mij helpen deze te installeren . Heb ontvangen. 1x7 w211 Wifi Repeater 1x1m. Ethernet cable with RJ45 connector 1x quick installation Guide Graag hulp Dank U
  3. Gerard Contant
    kreeg vroeger steeds de melding als ik een site aanklikte op firefox wordt geherinitialiseerd hoop dat dit nu ook verholpen is.Bedankt in ieder geval. zal markeren als opgelost en zal een kleine bijdrage overmaken. Vriendelijk dank
  4. Gerard Contant
    # AdwCleaner v3.213 - Rapport aangemaakt 27/06/2014 op 19:34:10 # Laatste Update 23/06/2014 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruikersnaam : Rita - PC-VAN-RITA # Gestart vanuit : C:\Users\Rita\Downloads\adwcleaner_3.213.exe # Optie : Verwijderen ***** [ Services ] ***** Service Verwijderd : LPTSystemUpdater ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Program Files\LPT Map Verwijderd : C:\Program Files\Uniblue Map Verwijderd : C:\Program Files\Windows Searchqu Toolbar Map Verwijderd : C:\Users\Administrator\AppData\Local\Chromatic Browser Map Verwijderd : C:\Users\Administrator\AppData\Local\torch Map Verwijderd : C:\Users\Gast\AppData\Local\Chromatic Browser Map Verwijderd : C:\Users\Gast\AppData\Local\torch Map Verwijderd : C:\Users\Rita\AppData\Local\Chromatic Browser Map Verwijderd : C:\Users\Rita\AppData\Local\torch Map Verwijderd : C:\Users\Rita\AppData\LocalLow\UtilityChest_49 Map Verwijderd : C:\Users\Rita\AppData\Roaming\SpeedMaxPc Map Verwijderd : C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser Map Verwijderd : C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\torch ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9363A209-0EAF-4041-A29E-6304C926217A} [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9363A209-0EAF-4041-A29E-6304C926217A} [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63C46CD9-D57C-43B3-A712-8F626622B222} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox Sleutel Verwijderd : HKLM\SOFTWARE\Classes\speedupmypc Sleutel Verwijderd : HKLM\SOFTWARE\Classes\tdataprotocol.CTData Sleutel Verwijderd : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\updatebho.TimerBHO Sleutel Verwijderd : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\wit4ie.WitBHO Sleutel Verwijderd : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater Sleutel Verwijderd : HKCU\Software\853dbd9e069ef15 Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-996987125 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{418D86BE-7386-4F1A-83E0-53604ADBDA74} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Sleutel Verwijderd : HKCU\Software\AVG Secure Search Sleutel Verwijderd : HKCU\Software\Blabbers Sleutel Verwijderd : HKCU\Software\Blabbers Sleutel Verwijderd : HKCU\Software\BrowserCompanion Sleutel Verwijderd : HKCU\Software\DealPlyLive Sleutel Verwijderd : HKCU\Software\delta LTD Sleutel Verwijderd : HKCU\Software\ParetoLogic Sleutel Verwijderd : HKCU\Software\RegisteredApplicationsEx Sleutel Verwijderd : HKCU\Software\SmartBar Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKCU\Software\SpeedMaxPC Sleutel Verwijderd : HKCU\Software\systweak Sleutel Verwijderd : HKCU\Software\TutoTag Sleutel Verwijderd : HKCU\Software\Uniblue Sleutel Verwijderd : HKCU\Software\WEDLMNGR Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\AVG Security Toolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\findlyrics Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Search Settings Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\UtilityChest_49 Sleutel Verwijderd : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Sleutel Verwijderd : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Sleutel Verwijderd : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Sleutel Verwijderd : HKLM\Software\Bandoo Sleutel Verwijderd : HKLM\Software\BrowserCompanion Sleutel Verwijderd : HKLM\Software\Computer Updater Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\ParetoLogic Sleutel Verwijderd : HKLM\Software\SoftwareUpdater Sleutel Verwijderd : HKLM\Software\SpeedMaxPC Sleutel Verwijderd : HKLM\Software\SupDp Sleutel Verwijderd : HKLM\Software\SupTab Sleutel Verwijderd : HKLM\Software\systweak Sleutel Verwijderd : HKLM\Software\Tarma Installer Sleutel Verwijderd : HKLM\Software\Tutorials Sleutel Verwijderd : HKLM\Software\Uniblue Sleutel Verwijderd : HKLM\Software\UtilityChest_49 Sleutel Verwijderd : HKLM\Software\webssearchesSoftware Sleutel Verwijderd : HKLM\Software\Wpm Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Computer Updater Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16555 -\\ Mozilla Firefox v30.0 (nl) [ Bestand : C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\prefs.js ] -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [12645 octets] - [27/06/2014 19:33:03] AdwCleaner[s0].txt - [12711 octets] - [27/06/2014 19:34:10] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12772 octets] ##########
  5. Gerard Contant
    Zoek.exe v5.0.0.0 Updated 22-06-2014 Tool run by Rita on vr 27/06/2014 at 16:43:59,61. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rita\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-27-103310.log 56004 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Browser companion helper"=- ==== Deleting Files \ Folders ====================== c:\program files\common files\pc utility kit not found C:\Program Files\savvee on deleted C:\Users\Rita\AppData\Roaming\PC Utility Kit deleted C:\ProgramData\2308189059 deleted C:\ProgramData\WorldAppIt deleted C:\ProgramData\savvee on deleted C:\Windows\system32\tasks\PC Utility Kit Update3_triggeronce deleted "C:\Users\Rita\Downloads\PC Utility Kit Installer.exe" deleted "C:\Windows\tasks\PC Utility Kit Update3_triggeronce.job" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03/09/2009 12:25] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181 738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash 1E5E8C84DE796A01D1D46E3A660690F1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat F055C91A961601B8D50EF2976145AEE6 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat E37EAD09D28AE19D8A39B6A95F47513A - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director B5371D2C9017EEE216B5361D600B3543 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 5174E3BE46B2CCCDAF9CEB5B622CEA9B - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll - Shockwave for Director / Shockwave for Director 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21 ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11 358878E398AB0FB8B1EE176C2E3EDF48 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll - Google Updater AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45] Skype Click to Call - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Rita\AppData\Local\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1065 folders=331 95582487 bytes) ==== Empty Temp Folders ====================== C:\Users\Rita\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Rita\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not found ==== EOF on vr 27/06/2014 at 17:03:45,75 ======================
  6. Gerard Contant
    Zoek.exe v5.0.0.0 Updated 22-06-2014 Tool run by Rita on vr 27/06/2014 at 12:07:49,52. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rita\Downloads\zoek.exe [scan all users] [Checkboxes used] ==== System Restore Info ====================== 27/06/2014 12:09:25 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ComputerUpdater Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ComputerUpdater Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\ComputerUpdater Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ComputerUpdater Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Profiles\u885219 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20142706_1220_.backup ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181 user.js not found ---- Lines snapdo removed from prefs.js ---- user_pref("browser.startup.homepage", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8 user_pref("keyword.URL", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiW ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Web Search"); user_pref("browser.search.selectedEngine", "Web Search"); ---- Lines extensions.SDID removed from prefs.js ---- user_pref("extensions.SDID.epoch", "1403937061"); user_pref("extensions.SDID.url", "http://jpiservice.info/sync2/?q=hfZ9ofq7B75MCyVUojs4rTwMg708BNmGWj8cmihGheDUojw9rdgFpjw8rHnHrchIC7n0rjnEqTs6rdgHrdwH ---- Lines extensions.WwA8VOIKu removed from prefs.js ---- user_pref("extensions.WwA8VOIKu.epoch", "1403937061"); user_pref("extensions.WwA8VOIKu.url", "http://toolkitcard.in/sync2/?q=hfZ9ofV9CShEAen0rTUGrihTB6lKDzt4oktxtNtVh7n0rjnEqTw4rjkHqdn5tMFHhd9Fqda7rTCEqTrE ---- FireFox user.js and prefs.js backups ---- prefs_20142706_1220_.backup ProfilePath: C:\Users\Rita\AppData\Roaming\Thunderbird\Profiles\u885219 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20142706_1220_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted C:\PROGRA~2\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted C:\Users\Rita\AppData\LocalLow\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted C:\PROGRA~2\Adblocker deleted C:\Program Files\Adblocker deleted C:\Program Files\GUM28E3.tmp deleted C:\Program Files\ToggleMark deleted C:\Program Files\Conduit deleted C:\Program Files\Computer Updater deleted C:\Program Files\Common Files\ParetoLogic deleted C:\Program Files\Bandoo deleted C:\Program Files\Registry Mechanic deleted C:\Program Files\RegClean Pro deleted C:\Program Files\DealPlyLive deleted C:\Program Files\Optimizer Pro deleted C:\Program Files\Yontoo deleted C:\Program Files\WinZip Registry Optimizer deleted C:\Program Files\PCDApp deleted C:\Program Files\SupTab deleted C:\Program Files\GreenTree Applications deleted C:\Program Files\globalUpdate deleted C:\Program Files\predm deleted C:\Program Files\Common Files\Spigot deleted C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Search.lnk deleted C:\Users\Rita\AppData\Roaming\Uniblue deleted C:\Users\Rita\AppData\Roaming\Smiley.ico deleted C:\Users\Rita\AppData\Roaming\dm.ini deleted C:\Users\Rita\AppData\Roaming\ParetoLogic deleted C:\Users\Rita\AppData\Roaming\DriverCure deleted C:\Users\Rita\AppData\Roaming\Babylon deleted C:\Users\Rita\AppData\Roaming\DealPly deleted C:\Users\Rita\AppData\Roaming\Systweak deleted C:\Users\Rita\AppData\Roaming\Systweak(102) deleted C:\Users\Rita\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\ezsid.dat deleted C:\PROGRA~2\Avg_Update_0414b deleted C:\PROGRA~2\IePluginServices deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\DealPlyLive deleted C:\PROGRA~2\ParetoLogic deleted C:\PROGRA~2\Uniblue\DriverScanner deleted C:\PROGRA~2\Uniblue deleted C:\PROGRA~2\InstallMate deleted C:\PROGRA~2\WindowsProtectManger deleted C:\PROGRA~2\Tarma Installer deleted C:\Users\Rita\AppData\Local\APN deleted C:\Users\Rita\AppData\Local\globalUpdate deleted C:\Users\Rita\AppData\Local\IAC deleted C:\Users\Rita\AppData\Local\DealPlyLive deleted C:\Users\Rita\AppData\Local\PackageAware deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Updater deleted C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\Tasks\Dealply.job deleted C:\Windows\System32\Tasks\DealPly deleted C:\Users\Rita\Downloads\rcpsetupapnnew_apnnew2_1367036_be.exe deleted C:\Users\Rita\Downloads\avg_free_stb_all_2013_3392_cnet.exe deleted C:\Users\Rita\Downloads\avg_free_stb_all_2014_4335_cnet.exe deleted C:\Users\Rita\Downloads\WiseConvert (1).exe deleted C:\Users\Rita\Searches deleted C:\Users\Rita\AppData\LocalLow\AVG Security Toolbar deleted C:\Users\Rita\AppData\LocalLow\bbrs_002.tb deleted C:\Users\Rita\AppData\LocalLow\searchqutb deleted C:\Users\Rita\AppData\LocalLow\IAC deleted C:\Users\Rita\AppData\LocalLow\Delta deleted C:\Users\Rita\AppData\LocalLow\Conduit deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\tasks\ParetoLogic Registration3.job deleted C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job deleted C:\Windows\tasks\ParetoLogic Update Version3.job deleted C:\END deleted C:\Windows\system32\roboot.exe deleted C:\Windows\system32\RegistryHelperLM.ocx deleted C:\Windows\system32\DiskCleanerLM.ocx deleted C:\Windows\system32\SafeAppRichList.ocx deleted C:\Windows\system32\CUUpdateComponent.ocx deleted C:\Windows\system32\ComputerUpdaterLM.ocx deleted C:\Users\Rita\Documents\Optimizer Pro deleted C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\searchplugins\trovi-search.xml deleted C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\searchplugins\Web Search.xml deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\extensions\m7-ok@djlidaqotyshl.edu deleted C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\extensions\pofck_obo@qivogotqyihx.co.uk deleted "C:\PROGRA~2\7e8bc45dba3d4128\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140619173503" deleted "C:\PROGRA~2\7e8bc45dba3d4128\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140619173444" deleted "C:\PROGRA~2\7e8bc45dba3d4128\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140619173454" deleted "C:\PROGRA~2\7e8bc45dba3d4128\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140619184033" deleted "C:\PROGRA~2\7e8bc45dba3d4128\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140619173511" deleted "C:\Program Files\BrowserCompanion\BCHelper.exe" deleted "C:\Program Files\BrowserCompanion\sqlite3.dll" deleted "C:\Program Files\BrowserCompanion\updatebhoWin32.dll" deleted "C:\Program Files\BrowserCompanion\BCHelper.exe" deleted "C:\Program Files\BrowserCompanion\sqlite3.dll" deleted "C:\Program Files\BrowserCompanion\updatebhoWin32.dll" deleted "C:\PROGRA~2\7e8bc45dba3d4128" deleted "C:\Users\Rita\AppData\Roaming\Vso" deleted "C:\Users\Rita\AppData\Roaming\iolo" deleted "C:\Program Files\BrowserCompanion" not deleted "C:\Program Files\BrowserCompanion" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Rita\AppData\Local\Temp ==== 2014-06-20 18:12:11 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s---r- C:\Users\Rita\AppData\Local\Temp\{8FCAA687-24CF-4D3D-AFD6-6CED54298471}\Setup.exe 2014-06-20 18:12:11 B8AA29E45CD392C90C828595C9CE0624 179200 --s---r- C:\Users\Rita\AppData\Local\Temp\{8FCAA687-24CF-4D3D-AFD6-6CED54298471}\_Setup.dll 2014-06-20 18:12:11 AF7CE801C8471C5CD19B366333C153C4 275552 --s---r- C:\Users\Rita\AppData\Local\Temp\TsuD9E27F37.dll 2014-06-20 18:12:11 A845E2B8AC4A41A44FB41CAE8CCD23A7 93696 --s---r- C:\Users\Rita\AppData\Local\Temp\{8FCAA687-24CF-4D3D-AFD6-6CED54298471}\Custom.dll 2014-06-19 17:42:59 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Rita\AppData\Local\Temp\OnlineBackup.exe 2014-06-19 16:18:12 66008A549F7BFC0D6AEC311DF2AB1282 6595072 ----a-w- C:\Users\Rita\AppData\Local\Temp\optprosetup.exe 2014-06-19 15:35:56 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Rita\AppData\Local\Temp\{E6BCD5AB-17E9-4741-A5AA-5FCB3D5FF75D}\x86\regsvr32.exe 2014-06-19 15:35:56 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Rita\AppData\Local\Temp\{E6BCD5AB-17E9-4741-A5AA-5FCB3D5FF75D}\x64\regsvr32.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-06-19 10:14:39 53A8AE7A38234668C4179F91130F1A4C 17184 ----a-w- C:\Windows\System32\XMLOperations.xml 2014-06-18 19:18:18 1CD930F3C01BFB77A3A138A56A668A96 16760 ------w- C:\Windows\System32\spmsg.dll 2014-06-17 11:21:05 7EAAF74C0148BBBB03965B9222005BA1 118784 ----a-w- C:\Windows\System32\ac3acm.acm 2014-06-17 11:21:05 4550F0B0220F0F29913A0379363F67DF 765952 ----a-w- C:\Windows\System32\xvidcore.dll 2014-06-17 11:21:05 2D7C5E257A7CB8D748FA4F70E840D516 1696256 ----a-w- C:\Windows\System32\wmv9vcm.dll 2014-06-17 11:21:05 00084DD7A6EB6D0C1DFD15C6E03997B5 180224 ----a-w- C:\Windows\System32\xvidvfw.dll 2014-06-17 11:21:04 B0D61070B7CF6B74A333E3016B46705D 5120 ----a-w- C:\Windows\System32\ff_vfw.dll 2014-06-17 11:21:04 AB90E3453839235FD759A854203B948E 547 ----a-w- C:\Windows\System32\ff_vfw.dll.manifest 2014-06-17 11:21:04 02CE4DF5C0ED4024775F8C908B271638 3596288 ----a-w- C:\Windows\System32\qt-dx331.dll 2014-06-17 11:21:03 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Windows\System32\msvcp71.dll ====== C:\Windows\system32\drivers ===== 2014-06-19 04:01:30 9725EF371A6E832360E110DCCC75778B 55232 ----a-w- C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gt.sys 2014-06-11 05:29:15 A4196D394207369E1431E8681B373312 915392 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-06-11 05:29:14 95389980F70FC4990A4395A0B8BBE1D6 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys ====== C:\Windows\Tasks ====== 2014-06-16 18:52:32 7B0BCACAF0D516517DBFFE88CCB87E0A 420 ----a-w- C:\Windows\Tasks\PC Utility Kit Update3_triggeronce.job 2014-06-16 18:52:32 626BE16B2A2011A8AC0BA5A6CB079EC7 2896 ----a-w- C:\Windows\system32\Tasks\PC Utility Kit Update3_triggeronce ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-26 18:06:00 -------- d-----w- C:\Program Files\trend micro 2014-06-26 13:46:55 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2014-06-22 17:35:08 -------- d-----w- C:\Program Files\WinRAR 2014-06-19 15:34:52 -------- d-----w- C:\Program Files\savvee on 2014-06-19 04:06:11 -------- d-----w- C:\Program Files\KingTranslate 2014-06-18 19:12:03 -------- d-----w- C:\Program Files\LPT 2014-06-17 11:21:03 -------- d-----w- C:\Program Files\K-Lite Codec Pack 2014-06-10 14:26:46 -------- d-----w- C:\Program Files\DVDFab 9 2014-05-31 08:04:41 -------- d-----w- C:\Program Files\iPod 2014-05-31 08:04:39 -------- d-----w- C:\Program Files\iTunes ======= C: ===== 2014-06-14 12:46:27 A6799D0F42122C0D1E28655C10DB2707 30 ----a-w- C:\AVScanner.ini ====== C:\Users\Rita\AppData\Roaming ====== 2014-06-26 12:41:29 -------- d-----w- C:\Users\Rita\AppData\Roaming\WinRAR 2014-06-22 17:35:16 -------- d-----w- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-06-19 16:11:37 -------- d-----w- C:\Users\Rita\AppData\Roaming\Media Player Classic 2014-06-19 15:34:52 -------- d-----w- C:\Users\Rita\AppData\Locallow\{75D03C7E-ECC0-B6DE-C7FE-53037C9D0AE2} 2014-06-19 15:34:43 -------- d-----w- C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Torch 2014-06-19 15:34:43 -------- d-----w- C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser 2014-06-19 15:34:43 -------- d-----w- C:\Users\Rita\AppData\Local\Torch 2014-06-19 15:34:43 -------- d-----w- C:\Users\Rita\AppData\Local\Chromatic Browser 2014-06-19 15:34:43 -------- d-----w- C:\Users\Gast\AppData\Local\Torch 2014-06-19 15:34:43 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser 2014-06-19 15:34:43 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-06-19 15:34:43 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-06-19 15:34:42 -------- d-----w- C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google 2014-06-19 15:34:42 -------- d-----w- C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Comodo 2014-06-19 15:34:42 -------- d-----w- C:\Users\Rita\AppData\Local\Comodo 2014-06-19 15:34:42 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-06-19 15:34:42 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-06-19 15:34:42 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-06-19 15:34:42 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-06-19 04:06:48 -------- d-----w- C:\Users\Rita\AppData\Roaming\KingTranslate 2014-06-18 19:18:37 F020B16BFECCB1E3FDC61796E5EF2F3B 410380 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-S-1-5-21-2182270979-176586014-2115481790-1001-12288.dat 2014-06-18 19:11:51 -------- d-----w- C:\Users\Rita\AppData\Local\com 2014-06-16 18:52:42 -------- d-----w- C:\Users\Rita\AppData\Roaming\PC Utility Kit 2014-06-14 19:22:27 -------- d-----w- C:\Users\Rita\AppData\Local\Adobe 2014-06-10 14:43:31 -------- d-----w- C:\Users\Rita\AppData\Roaming\27946 2014-06-06 11:55:29 -------- d-----w- C:\Users\Rita\AppData\Roaming\DVDVideoSoft ====== C:\Users\Rita ====== 2014-06-26 18:05:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Rita\Downloads\RSIT.exe 2014-06-26 12:42:40 BA40A3A0D88D3DF31E74D4BA7ED5E387 868376 ----a-w- C:\Users\Rita\Downloads\mssstool32(1).exe 2014-06-26 12:36:19 BA40A3A0D88D3DF31E74D4BA7ED5E387 868376 ----a-w- C:\Users\Rita\Downloads\mssstool32.exe 2014-06-22 17:35:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-06-22 17:34:43 9F723F2B405424867475568208B4C893 2139696 ----a-w- C:\Users\Rita\Downloads\wrar501nl.exe 2014-06-19 18:15:45 A24E0C5F3198EB9C203FC371BA2528BC 326264 ----a-w- C:\Users\Rita\Downloads\Download(1).exe 2014-06-19 17:52:58 46E00BE59F9B1E627F8CFF2E6F34D538 284192 ----a-w- C:\Users\Rita\Downloads\Firefox Setup Stub 30.0 (1).exe 2014-06-19 17:37:57 46E00BE59F9B1E627F8CFF2E6F34D538 284192 ----a-w- C:\Users\Rita\Downloads\Firefox Setup Stub 30.0.exe 2014-06-19 17:25:50 FADA8DFD4EBD4DD5A0FE8B2CE8F876D5 104499448 ----a-w- C:\Users\Rita\Downloads\msert (1).exe 2014-06-19 16:22:49 -------- d-----w- C:\ProgramData\2308189059 2014-06-19 15:35:37 -------- d-----w- C:\ProgramData\WorldAppIt 2014-06-19 15:34:52 -------- d-----w- C:\ProgramData\savvee on 2014-06-19 15:34:42 -------- d-----w- C:\Users\Gast\AppData 2014-06-19 15:34:42 -------- d-----w- C:\Users\Administrator\AppData 2014-06-18 19:09:25 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-06-17 17:42:30 A5BEFFA0AF16E48CDD5CDE6B74A796FB 11267408 ----a-w- C:\Users\Rita\Downloads\mseinstall(2).exe 2014-06-17 14:50:38 A9D4AD464ED3DDB051FB8ED87740B6B7 10837520 ----a-w- C:\Users\Rita\Downloads\MPC-HC.1.7.5.195.x86.exe 2014-06-17 14:00:54 4DE1334140C4CA80FC1BB0E65C975DBA 801168 ----a-w- C:\Users\Rita\Downloads\Setup(4).exe 2014-06-17 11:21:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-06-17 11:17:47 A85245FBD4BD814C1EC1D9330BA8D6B9 16771520 ----a-w- C:\Users\Rita\Downloads\klcodec281f.exe 2014-06-16 18:52:28 -------- d-----w- C:\ProgramData\PC Utility Kit 2014-06-16 18:51:27 1FC1971D215C8338F863F886C1C72AB6 6210936 ----a-w- C:\Users\Rita\Downloads\PC Utility Kit Installer.exe 2014-06-16 17:56:38 960BD732B4764A9096D54DBB11076ECB 511776 ----a-w- C:\Users\Rita\Downloads\Windows%20Media%20Player%2011.exe 2014-06-16 11:00:06 983A62A7393398D3BCA5E3E6CC1F7D02 1245584 ----a-w- C:\Users\Rita\Downloads\Setup(3).exe 2014-05-31 08:05:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-31 08:04:39 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ====== C: exe-files == 2014-06-26 18:06:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rita.exe 2014-06-26 18:05:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Rita\Downloads\RSIT.exe 2014-06-26 13:46:56 E91A0DAA685E8AB41F8EC1039D996E43 109886 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2014-06-26 13:46:55 26EA1DAD601EE3ACAC301D66F07BA219 119408 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2014-06-26 13:44:59 46E00BE59F9B1E627F8CFF2E6F34D538 284192 ----a-w- C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANNMM7Z\Firefox Setup Stub 30.0.exe 2014-06-26 12:42:40 BA40A3A0D88D3DF31E74D4BA7ED5E387 868376 ----a-w- C:\Users\Rita\Downloads\mssstool32(1).exe 2014-06-26 12:36:19 BA40A3A0D88D3DF31E74D4BA7ED5E387 868376 ----a-w- C:\Users\Rita\Downloads\mssstool32.exe 2014-06-22 17:35:09 F99C56B59CE8C30F4B299812A77E1E58 490072 ----a-w- C:\Program Files\WinRAR\Rar.exe 2014-06-22 17:35:09 CEE4F0AC1087543056A07EE8C6F0D06A 136792 ----a-w- C:\Program Files\WinRAR\Uninstall.exe 2014-06-22 17:35:09 BAF91D94848FA72B9DB58CAAE044A5B2 1239640 ----a-w- C:\Program Files\WinRAR\WinRAR.exe 2014-06-22 17:35:09 2CA040EDEA081336FBC95DBCE1A7C71F 306776 ----a-w- C:\Program Files\WinRAR\UnRAR.exe 2014-06-22 17:34:43 9F723F2B405424867475568208B4C893 2139696 ----a-w- C:\Users\Rita\Downloads\wrar501nl.exe 2014-06-20 18:12:11 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s---r- C:\Users\Rita\AppData\Local\Temp\{8FCAA687-24CF-4D3D-AFD6-6CED54298471}\Setup.exe === C: other files == 2014-06-27 08:29:48 803C1FE1AE7605C66F7B2C101E20EC11 120 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\common files\nero\lib\nmbgmonitor.exe" "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU C:\Windows\TEMP\E_SEE83.tmp /EF HKCU" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" "Browser companion helper"="C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej" "Adobe Photo Downloader"="c:\program files\adobe\photoshop elements 5.0\apdproxy.exe" "Skytel"="Skytel.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\common files\nero\lib\nmbgmonitor.exe" "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU C:\Windows\TEMP\E_SEE83.tmp /EF HKCU" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "PlayMovie"="\"C:\\Program Files\\HomeCinema\\PlayMovie\\PMVService.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Google Updater"="\"C:\\Program Files\\Google\\Google Updater\\GoogleUpdater.exe\" -check_deprecation" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/06/2014 08:24] C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [21/08/2012 21:10] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\PC Utility Kit Update3_triggeronce.job --a------ C:\program files\common files\pc utility kit\uus3\Update3.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Google Software Updater" [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] "C:\Windows\system32\tasks\Google-online actualiseringsprogramma" [C:\Program Files\Google\Google Updater\GoogleUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\PC Utility Kit Update3_triggeronce" [c:\program files\common files\pc utility kit\uus3\Update3.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{59764F5F-5693-4385-A689-B49B2588BBDC}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{A89772D1-9FC2-4855-8263-ACFE4F21610B}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\NCH Software\videopadShakeIcon" [C:\Program Files\NCH Software\VideoPad\videopad.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03/09/2009 12:25] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181 738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash 1E5E8C84DE796A01D1D46E3A660690F1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat F055C91A961601B8D50EF2976145AEE6 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat E37EAD09D28AE19D8A39B6A95F47513A - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director B5371D2C9017EEE216B5361D600B3543 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 5174E3BE46B2CCCDAF9CEB5B622CEA9B - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll - Shockwave for Director / Shockwave for Director 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21 ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11 358878E398AB0FB8B1EE176C2E3EDF48 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll - Google Updater AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files\BrowserCompanion\blabbers-ch.crx[] gaiilaahiahdejapggenmdmafpmbipje - No path found[] hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.3.crx[] pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gaiilaahiahdejapggenmdmafpmbipje - No path found[] Saove onn - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Administrator\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Administrator\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Gast\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Gast\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Browser Companion Helper - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej Google Search - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Saove onn - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Skype Click to Call - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Gmail - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Adblocker - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - Rita\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - Rita\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - Rita\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk Saove onn - UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm Asana Extension for Chrome - UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk Adblocker - UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk ==== Chrome Fix ====================== C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Rita\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\pphegojllgjcnaeihehjphincngbldnk deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Rita\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\finlaojpejabjdnelgnpcbaomlfjinfm deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\Rita\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Chromatic Browser\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Torch\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35YIGmHSDebhxtrlG5QDqL6rTx81KRfb9-m4sKpcWHnppBQLEgD0dAIRi4asZEcI" "Search Page"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" "Search Bar"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms}" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms}" "Search Bar"="http://www.mirarsearch.com/?useie5=1&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://home.microsoft.com/access/autosearch.asp?p=%s" "Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" "Default_Search_URL"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted successfully HKEY_USERS\S-1-5-21-2182270979-176586014-2115481790-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted successfully HKEY_CLASSES_ROOT\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_CLASSES_ROOT\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEF92E19-B3C1-244E-A785-8D4DF3495826} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\5d568c54-4006-4467-80d6-a05bf8e52410 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Computer Updater deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Rita\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Rita\AppData\Local\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1061 folders=323 89367513 bytes) ==== Empty Temp Folders ====================== C:\Users\Rita\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser.PC-van-Rita\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Rita\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Rita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not found "C:\Program Files\BrowserCompanion" not found "C:\Program Files\BrowserCompanion" not found ==== EOF on vr 27/06/2014 at 12:33:10,06 ======================
  7. Gerard Contant
    Logfile of random's system information tool 1.10 (written by random/random) Run by Rita at 2014-06-26 20:06:00 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 342 GB (77%) free of 447 GB Total RAM: 2045 MB (28% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:06:49, on 26/06/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16555) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\BrowserCompanion\BCHelper.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\mobsync.exe C:\Program Files\LPT\srptm.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskeng.exe C:\Users\Rita\Downloads\RSIT.exe C:\Program Files\trend micro\Rita.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402941451&from=slbnew&uid=ST3500830AS_9QG5XYBSXXXX9QG5XYBS&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll O2 - BHO: BestShoppingTipsProgram - {4E3A97D3-9F15-4067-D0F9-241CC9CC9541} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Adblocker - {BEF92E19-B3C1-244E-A785-8D4DF3495826} - C:\Program Files\Adblocker\qBPWcT9.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Mirar - {7397EFD0-F3A7-482A-AF7F-B3FB66C400CD} - (no file) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [Adobe Photo Downloader] c:\program files\adobe\photoshop elements 5.0\apdproxy.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] c:\program files\common files\nero\lib\nmbgmonitor.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_SEE83.tmp" /EF "HKCU" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file) O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ComputerUpdater Service - SafeApp Software, LLC - C:\Program Files\Computer Updater\ComputerUp-daterService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files\LPT\srpts.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12906 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\Dealply.job - C:\Users\Rita\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Utility Kit Update3_triggeronce.job - c:\program files\common files\pc utility kit\uus3\Update3.exe =========Mozilla firefox========= ProfilePath - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181 prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35YIGmHSDebhxtrlG5QDqL6rTx81KRfb9-m4sKpcWHnppBQLEgD0dAIRi4asZEcI" prefs.js - "keyword.URL" - "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_gBTMti9ujU-zgsyD7GICW6eUCVtlC-iWLOZg8cXFwGpd0eibiWHgx_UHbHMaJaMLLCZjqvx3iMOX35q3gyodEAFFnktnFkwAqcLWMzw6ozKxazU9a_5ik9fblRY7MJgi1UTnqNKoOas9&q=" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.125 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14] "Description"=Google Updater "Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\extensions\ m7-ok@djlidaqotyshl.edu pofck_obo@qivogotqyihx.co.uk C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\lw9sm6ab.default-1403185096181\searchplugins\ trovi-search.xml Web Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}] Chatvibes Browser Helper - C:\Program Files\BrowserCompanion\jsloader.dll [2011-10-27 225584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E3A97D3-9F15-4067-D0F9-241CC9CC9541}] BestShoppingTipsProgram [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-02 462752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}] Chatvibes Browser Helper Verifier - C:\Program Files\BrowserCompanion\updatebhoWin32.dll [2011-10-27 141104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEF92E19-B3C1-244E-A785-8D4DF3495826}] Adblocker - C:\Program Files\Adblocker\qBPWcT9.dll [2014-06-19 423936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-02 171424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {7397EFD0-F3A7-482A-AF7F-B3FB66C400CD} - {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-17 4702208] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-09 178712] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] "toolbar_eula_launcher"=C:\Program Files\GoogleEULA\EULALauncher.exe [2007-02-09 16896] "Browser companion helper"=C:\Program Files\BrowserCompanion\BCHelper.exe [2011-12-16 187696] "Adobe Photo Downloader"=c:\program files\adobe\photoshop elements 5.0\apdproxy.exe [2006-09-14 61440] "Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-05-26 152392] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576] "fst_be_44"= [] "t4pc_en_6"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-06 39408] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=c:\program files\common files\nero\lib\nmbgmonitor.exe [2007-10-15 202024] "EPSON Stylus DX8400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272] "iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-10-31 59720] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "VIDC.XVID"=xvidvfw.dll "msacm.ac3acm"=ac3acm.acm "VIDC.wmv3"=wmv9vcm.dll "VIDC.FFDS"=ff_vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-06-26 20:06:00 ----D---- C:\rsit 2014-06-26 20:06:00 ----D---- C:\Program Files\trend micro 2014-06-26 15:46:55 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-06-26 14:41:29 ----D---- C:\Users\Rita\AppData\Roaming\WinRAR 2014-06-22 19:35:08 ----D---- C:\Program Files\WinRAR 2014-06-19 18:22:49 ----D---- C:\ProgramData\2308189059 2014-06-19 18:18:18 ----D---- C:\Program Files\Optimizer Pro 2014-06-19 18:16:12 ----D---- C:\Users\Rita\AppData\Roaming\OpenCandy 2014-06-19 18:11:37 ----D---- C:\Users\Rita\AppData\Roaming\Media Player Classic 2014-06-19 17:35:37 ----D---- C:\ProgramData\WorldAppIt 2014-06-19 17:35:02 ----D---- C:\ProgramData\Adblocker 2014-06-19 17:35:02 ----D---- C:\Program Files\Adblocker 2014-06-19 17:34:52 ----D---- C:\ProgramData\savvee on 2014-06-19 17:34:52 ----D---- C:\Program Files\savvee on 2014-06-19 17:34:44 ----D---- C:\ProgramData\7e8bc45dba3d4128 2014-06-19 17:34:24 ----D---- C:\ProgramData\InstallMate 2014-06-19 06:06:48 ----D---- C:\Users\Rita\AppData\Roaming\KingTranslate 2014-06-19 06:06:11 ----D---- C:\Program Files\KingTranslate 2014-06-19 06:01:30 ----A---- C:\Windows\system32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gt.sys 2014-06-18 21:42:23 ----D---- C:\Program Files\predm 2014-06-18 21:42:21 ----D---- C:\Program Files\ToggleMark 2014-06-18 21:18:18 ----N---- C:\Windows\system32\spmsg.dll 2014-06-18 21:18:15 ----HDC---- C:\Windows\$NtUninstallKB2845142_WM64$ 2014-06-18 21:12:03 ----D---- C:\Program Files\LPT 2014-06-18 21:09:34 ----D---- C:\Program Files\globalUpdate 2014-06-18 20:29:25 ----D---- C:\Program Files\Mozilla Firefox 2014-06-17 19:43:34 ----D---- C:\Program Files\Microsoft Security Client 2014-06-17 13:21:05 ----A---- C:\Windows\system32\xvidvfw.dll 2014-06-17 13:21:05 ----A---- C:\Windows\system32\xvidcore.dll 2014-06-17 13:21:05 ----A---- C:\Windows\system32\wmv9vcm.dll 2014-06-17 13:21:04 ----A---- C:\Windows\system32\qt-dx331.dll 2014-06-17 13:21:04 ----A---- C:\Windows\system32\ff_vfw.dll 2014-06-17 13:21:03 ----D---- C:\Program Files\K-Lite Codec Pack 2014-06-17 13:21:03 ----A---- C:\Windows\system32\msvcp71.dll 2014-06-16 20:52:42 ----D---- C:\Users\Rita\AppData\Roaming\PC Utility Kit 2014-06-16 20:52:28 ----D---- C:\ProgramData\PC Utility Kit 2014-06-16 19:58:14 ----D---- C:\ProgramData\WindowsProtectManger 2014-06-16 19:58:14 ----D---- C:\ProgramData\IePluginServices 2014-06-16 19:58:12 ----D---- C:\Program Files\SupTab 2014-06-16 19:57:50 ----A---- C:\Windows\system32\roboot.exe 2014-06-16 19:57:42 ----D---- C:\Program Files\PCDApp 2014-06-15 12:44:01 ----D---- C:\Program Files\GreenTree Applications 2014-06-14 14:46:27 ----A---- C:\AVScanner.ini 2014-06-11 07:29:16 ----A---- C:\Windows\system32\usp10.dll 2014-06-11 07:29:15 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-11 07:29:14 ----A---- C:\Windows\system32\drivers\tcpipreg.sys 2014-06-11 07:29:10 ----A---- C:\Windows\system32\msxml6.dll 2014-06-11 07:29:10 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 07:29:08 ----A---- C:\Windows\system32\urlmon.dll 2014-06-11 07:29:08 ----A---- C:\Windows\system32\mshta.exe 2014-06-11 07:29:08 ----A---- C:\Windows\system32\msfeedssync.exe 2014-06-11 07:29:07 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 07:29:07 ----A---- C:\Windows\system32\url.dll 2014-06-11 07:29:07 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-06-11 07:29:07 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-11 07:29:07 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-11 07:29:07 ----A---- C:\Windows\system32\iertutil.dll 2014-06-11 07:29:05 ----A---- C:\Windows\system32\wininet.dll 2014-06-11 07:29:05 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-11 07:29:05 ----A---- C:\Windows\system32\jscript9.dll 2014-06-11 07:29:05 ----A---- C:\Windows\system32\jscript.dll 2014-06-11 07:29:05 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-11 07:29:03 ----A---- C:\Windows\system32\ieui.dll 2014-06-11 07:29:03 ----A---- C:\Windows\system32\ieframe.dll 2014-06-11 07:29:03 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-11 07:29:02 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-11 07:29:01 ----A---- C:\Windows\system32\mshtml.dll 2014-06-10 16:43:31 ----D---- C:\Users\Rita\AppData\Roaming\27946 2014-06-10 16:26:46 ----D---- C:\Program Files\DVDFab 9 2014-06-06 13:55:29 ----D---- C:\Users\Rita\AppData\Roaming\DVDVideoSoft 2014-05-31 10:04:41 ----D---- C:\Program Files\iPod 2014-05-31 10:04:39 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-05-31 10:04:39 ----D---- C:\Program Files\iTunes ======List of files/folders modified in the last 1 month====== 2014-06-26 20:06:38 ----D---- C:\Windows\Temp 2014-06-26 20:06:00 ----D---- C:\Program Files 2014-06-26 19:28:17 ----D---- C:\Users\Rita\AppData\Roaming\Skype 2014-06-26 15:40:11 ----D---- C:\Windows\tracing 2014-06-26 15:37:47 ----D---- C:\Windows\Prefetch 2014-06-26 14:55:07 ----D---- C:\Windows 2014-06-26 14:36:39 ----SD---- C:\ProgramData\Microsoft 2014-06-26 11:46:15 ----SHD---- C:\System Volume Information 2014-06-21 13:16:18 ----D---- C:\Windows\inf 2014-06-20 15:10:58 ----D---- C:\Windows\System32 2014-06-20 15:10:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-20 14:40:10 ----D---- C:\Windows\Debug 2014-06-20 13:48:27 ----D---- C:\Program Files\CCleaner 2014-06-20 12:56:36 ----D---- C:\Windows\system32\catroot2 2014-06-20 12:55:28 ----SHD---- C:\Config.Msi 2014-06-20 12:47:46 ----SHD---- C:\Windows\Installer 2014-06-20 12:47:46 ----SD---- C:\Users\Rita\AppData\Roaming\Microsoft 2014-06-20 12:44:13 ----D---- C:\Program Files\Common Files 2014-06-20 12:43:48 ----RSD---- C:\Windows\assembly 2014-06-20 12:38:53 ----D---- C:\Windows\Tasks 2014-06-20 12:38:50 ----D---- C:\Program Files\RegClean Pro 2014-06-20 12:38:48 ----D---- C:\Users\Rita\AppData\Roaming\Systweak 2014-06-20 12:38:20 ----D---- C:\ProgramData 2014-06-20 12:32:14 ----D---- C:\Windows\system32\Tasks 2014-06-19 17:34:43 ----D---- C:\Program Files\Google 2014-06-19 17:34:42 ----RD---- C:\Users 2014-06-19 13:14:48 ----D---- C:\Program Files\DealPlyLive 2014-06-19 13:07:02 ----A---- C:\Windows\win.ini 2014-06-19 06:01:31 ----D---- C:\Windows\system32\drivers 2014-06-18 21:40:34 ----D---- C:\Users\Rita\AppData\Roaming\Uniblue 2014-06-18 21:40:29 ----D---- C:\Program Files\Uniblue 2014-06-18 21:18:20 ----D---- C:\Windows\system32\catroot 2014-06-17 19:36:51 ----D---- C:\ProgramData\MFAData 2014-06-17 19:36:51 ----D---- C:\ProgramData\AVG2014 2014-06-17 19:34:10 ----HD---- C:\$AVG 2014-06-16 19:55:21 ----D---- C:\Users\Rita\AppData\Roaming\U3 2014-06-15 15:11:19 ----D---- C:\Program Files\Common Files\Nero 2014-06-15 15:11:10 ----D---- C:\Program Files\Nero 2014-06-15 15:10:08 ----D---- C:\ProgramData\Nero 2014-06-15 14:58:56 ----D---- C:\Users\Rita\AppData\Roaming\Nero 2014-06-13 08:24:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-06-13 08:23:37 ----D---- C:\ProgramData\Adobe 2014-06-11 08:08:14 ----D---- C:\Windows\system32\migration 2014-06-11 08:08:12 ----D---- C:\Program Files\Internet Explorer 2014-06-11 08:06:11 ----D---- C:\Windows\winsxs 2014-06-11 07:38:55 ----D---- C:\ProgramData\Microsoft Help 2014-06-11 07:37:29 ----D---- C:\Windows\system32\MRT 2014-06-11 07:34:10 ----A---- C:\Windows\system32\mrt.exe 2014-06-10 15:52:49 ----D---- C:\Users\Rita\AppData\Roaming\Vso 2014-06-10 15:52:48 ----A---- C:\Users\Rita\AppData\Roaming\inst.exe 2014-05-31 10:04:41 ----D---- C:\Program Files\Common Files\Apple ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-10-09 306200] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-12-25 20640] R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gt;{af16abf4-eac1-49b4-93fc-58f6ca799135}Gt; C:\Windows\system32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gt.sys [2014-06-09 55232] R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\ElRawDsk.sys [2012-12-07 26248] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\HomeCinema\PlayMovie\000.fcl [2007-10-11 41456] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\HomeCinema\PowerDVD\000.fcl [2007-10-09 41456] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264] R3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-08-22 1242976] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-06-19 229248] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-22 1950552] R3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-10 8944416] R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\rt2870.sys [2013-02-06 1690784] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976] R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416] S1 MpKsldcd4bcf8;MpKsldcd4bcf8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{79178087-2F3D-4E7D-AE5F-99BB54B20CC8}\MpKsldcd4bcf8.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver-service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 IntelDH;IntelDH Driver; C:\Windows\System32\Drivers\IntelDH.sys [2007-10-24 5632] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496] S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-06-19 47360] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 vmcam325av;Vimicro USB2.0 PC Camera(VC0323); C:\Windows\System32\Drivers\vmcam323av.sys [] S3 vvftav323;vvftav323; C:\Windows\system32\drivers\vvftav323.sys [] S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-09-14 102400] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 ComputerUpdater Service;ComputerUpdater Service; C:\Program Files\Computer Updater\ComputerUp-daterService.exe [2010-03-05 87424] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-09 358936] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-05-08 704112] R2 LPTSystemUpdater;LPT System Updater Service; C:\Program Files\LPT\srpts.exe [2014-06-10 34336] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-10 634144] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [2012-11-12 1270376] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 553288] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-15 382248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13 262320] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- log.txt
  8. Gerard Contant
    telkens ik op internet kom verschijnt heel veel reklame heb daar niet om gevraagd; wat kan ik den om dit te verwijderen
  9. Gerard Contant
    muziekclip is te zien in media player maar wil het niet afspelen , weet iemand raad?
  10. Gerard Contant
    Is mij gelukt om weer op internet te geraken door middel van resetten I pad Vriendelijk dank voor de hulp
  11. Gerard Contant
    mijn I pad is opgeladen voor 64 % als ik op safari druk dan is die maar 10% opgeladen en kan geen webpagina's openen is vastgelopen er is een hokje verschenen met daarop annuleer of ok, maar als ik daarop duw reageert er niks. help me dank U
  12. Gerard Contant
    Deze zal ik dan maar wegdoen en omschrijven als opgelost.
  13. Gerard Contant
    Krijg geen beeld meer op mijn Ipad 1 maar heb hem opgeladen en kan hem bekijken via pc. Weet iemand raad?
  14. Gerard Contant
    krijg het niet voor mekaar om mijn email in te stellen kan iemand mij helpen ik ben bij Telenet.
  15. Gerard Contant
    Bedankt is me eindelijk gelukt Back up staat onder Mobiel\Syn. Ik zie ze staan maar zelf kan ik daar niets van maken he Ik wou namelijk zien of de bankzaken verwijderd waren maar heb op de I pad aangeklikt naar fabrieksinstellingen terugzetten maar dat wilt hij niet meer. misschien als het lukt kan ik proberen terug te zetten naar mijn allereerste back up ik kan die datum opzoeken en dan gewoon op terugzetten klikken of wat. Misschien heb je gezien heb mijn 2de I pad uitgehaald.
  16. Gerard Contant
    Heb een andere I pad 1 moet hem nog instellen voor het eerste gebruik,weet niet hoe te beginnen
  17. Gerard Contant
    ik heb dit allemaal ingetikt op de C eenmaal met roaming ertussen en de andere keer roaming weggelaten maar er verschijnt kan niet vinden controleer de spelling en probeer opnieuw.
  18. Gerard Contant
    Dat was zogezegt een knipsel van wat ik kon zien van I pad maar is mislukt weet niet juist meer hoe dit moet Je schrijft kijk bij gebruikersnaam,ik snap het niet moet ik mijn gebruikersnaam intikken en ook de rest? of waar staat mijn gebruikersnaam. Sorry ben ik nu zo dom?
  19. Gerard Contant
    mijn pc heeft besturingssysteem windows vista
  20. Gerard Contant
    ik zie een gekleurd scherm met daarop de verschillende instellingen die op de I pad aanwezig waren van in het begin, zoals berichten agenda notities enz. Mijn agenda staat wel op de 17de Naast deze Ipad zie ik nog eens dezelfde ipad maar dan met zwart scherm en terug erop berichten agenda en notities enz. dan nogmaals een zwart scherm met daarop de apps; als ik op de apps klik verschijnt de x om te verwijderen dus ik kan de app niet gebruiken. ik heb gezocht naar mijn reservekopie zoals je mij zei maar voorlopig vind ik die niet groeten
  21. Gerard Contant
    heb op de app kunnen klikken en er verscheen een Xtekenen door daarop te klikken werd de app verwijderd heb dan opnieuw gesynchroniseerd maar waar kan ik nu de reservekopie bekijken?
  22. Gerard Contant
    omdat ik hem niet meer aankrijg en vooraleer eventueel terug te doen voor reparatie wil ik niet dat mijn foto's en ik doe ook mijn bankzaken daar nog op staan.
  23. Gerard Contant
    Als ik I tunes open zie ik staan I pad en als ik daarop klik zie ik mijn I pad met zijn gegevens staan met daaronder een hok met de vermelding reservekopieen en daaronder nog een hok met de vermelding opties
  24. Gerard Contant
    Sorry zie apparaten niet staan zie wel verschijnen bovenaan I pad synchroniseren en naar Itunes store zie ik staan Ipad als ik daarop klik is alles weg wat doe ik fout? en waar moet ik apparaten zien staan onder verkenner staat I pad als ik daarop klik dan verschijnt Internal storage, dan DCIM en dan 8600KMZO
  25. Gerard Contant
    heb zojuist nogmaals I pad aangesloten op PC en ineens zag ik onder verkenner mijn I pad verschijnen.mijn Ipad zelf wil nog niets doen. of kan ik dit niet via pc? Om die te ledigen wat moet ik doen, of kan ik dat niet via pc? help aub.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.