Ga naar inhoud

pvn

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    38

  • Registratiedatum

  • Laatst bezocht

pvn's prestaties

Bijdrager

Bijdrager (5/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. pvn
    ok bedankt
  2. pvn
    One Note gebruik normaal allen maar voorschermafdruk bij surfen. Hierbij het log: Logfile of random's system information tool 1.10 (written by random/random) Run by Peter at 2014-07-03 21:27:11 Microsoft Windows XP Professional Service Pack 3 System drive C: has 6 GB (14%) free of 48 GB Total RAM: 2046 MB (31% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:27:16, on 3/07/2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rohos\agent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Comodo\Dragon\dragon_updater.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\iTouch\iTouch.exe C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe C:\Program Files\COMODO\COMODO Internet Security\cistray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Peter\Local Settings\Apps\2.0\HD54BB5L.9JM\KEVQ2JL9.WJ7\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Documents and Settings\Peter\Application Data\Copy\CopyAgent.exe C:\Program Files\COMODO\COMODO Internet Security\cis.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Documents and Settings\Peter\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe C:\Program Files\Microsoft Office\Office12\EXCEL.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Peter\My Documents\Downloads\RSIT.exe C:\Program Files\trend micro\Peter.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: SaveSense - {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} - C:\Program Files\SaveSense\SaveSenseIE.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Rohos] C:\Program Files\Rohos\agent.exe O4 - HKCU\..\Run: [DellSystemDetect] C:\Documents and Settings\Peter\Local Settings\Apps\2.0\HD54BB5L.9JM\KEVQ2JL9.WJ7\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Copy] "C:\Documents and Settings\Peter\Application Data\Copy\CopyAgent.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Peter\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Clip Image - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: New Note - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O15 - Trusted Zone: *.dell.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Rohos Disk service (Rohos Disk) - Tesline-Service SRL - C:\Program Files\Rohos\agent.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe -- End of file - 13639 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9} C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22} C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\User_Feed_Synchronization-{2072EA55-B9B4-4954-B93F-503F9DE86B6D}.job - C:\WINDOWS\system32\msfeedssync.exe sync =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\m4ueunkx.default "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 13.0.0.214 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.60.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin] "Description"=Nokia Suite Enabler Plugin "Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\m4ueunkx.default\extensions\ {2fab2e94-d6f9-42de-8839-3510cef6424b} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2e32cfe5-df92-4ae5-b0be-609ed0df74a6}] SaveSense - C:\Program Files\SaveSense\SaveSenseIE.dll [2013-12-06 99304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-07 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-01-28 583520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}] WOT Helper - C:\Program Files\WOT\WOT.dll [2012-08-02 1335872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}] PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17 937128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}] avast! Ad Blocker - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] {71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2012-08-02 1335872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824] "PMX Daemon"=C:\WINDOWS\system32\ICO.EXE [2006-11-08 49152] "zBrowser Launcher"=C:\Program Files\iTouch\iTouch.exe [2004-03-18 892928] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "PrivDogService"=C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [2014-06-17 662184] "Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888] "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1225944] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Rohos"=C:\Program Files\Rohos\agent.exe [2013-09-20 812640] "DellSystemDetect"=C:\Documents and Settings\Peter\Local Settings\Apps\2.0\HD54BB5L.9JM\KEVQ2JL9.WJ7\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [2014-04-01 258160] "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632] "GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2014-06-05 24474752] "Copy"=C:\Documents and Settings\Peter\Application Data\Copy\CopyAgent.exe [2014-06-17 13372416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe [2007-05-14 1191936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect] C:\Documents and Settings\Peter\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-06-13 370] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2006-10-12 102400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.0.lnk] C:\PROGRA~1\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE [2010-11-19 174064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Peter^Start Menu^Programs^Startup^Dropbox.lnk] C:\DOCUME~1\Peter\APPLIC~1\Dropbox\bin\Dropbox.exe [2014-05-20 33322312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Peter^Start Menu^Programs^Startup^EvernoteClipper.lnk] C:\PROGRA~1\Evernote\Evernote\EVERNO~2.EXE [2014-01-28 1104736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Skype C2C Service"=2 "W32Time"=2 "WmiApSrv"=3 "SENS"=2 "SCardSvr"=3 "ShellHWDetection"=2 "LanmanServer"=2 "wscsvc"=2 "RemoteRegistry"=3 "RDSessMgr"=3 "RSVP"=3 "SysmonLog"=3 "mnmsrvc"=3 "Messenger"=3 "cisvc"=3 "helpsvc"=2 "FastUserSwitchingCompatibility"=3 "ERSvc"=2 "TrkWks"=2 C:\Documents and Settings\All Users\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Documents and Settings\Peter\Start Menu\Programs\Startup Dropbox.lnk - C:\Documents and Settings\Peter\Application Data\Dropbox\bin\Dropbox.exe OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-05-23 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard" "C:\Documents and Settings\Peter\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Peter\Application Data\Spotify\spotify.exe:*:Enabled:Spotify" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Documents and Settings\Peter\Desktop\VIRUS\solutoinstaller.exe"="C:\Documents and Settings\Peter\Desktop\VIRUS\solutoinstaller.exe:*:Enabled:SolutoInstaller" "C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\AVTJVEJ4\solutoinstaller[2].exe"="C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\AVTJVEJ4\solutoinstaller[2].exe:*:Enabled:SolutoInstaller" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App" "C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\OC0924GY\solutoinstaller-s68om51nq74i[1].exe"="C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\OC0924GY\solutoinstaller-s68om51nq74i[1].exe:*:Enabled:SolutoInstaller" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype " "C:\Program Files\Comodo\cCloud\cCloud.exe"="C:\Program Files\Comodo\cCloud\cCloud.exe:*:Enabled:cCloud.exe" "C:\Documents and Settings\Peter\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Peter\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Documents and Settings\Peter\My Documents\Downloads\solutoinstaller-p53az92sd78e.exe"="C:\Documents and Settings\Peter\My Documents\Downloads\solutoinstaller-p53az92sd78e.exe:*:Enabled:SolutoInstaller" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-07-03 21:24:32 ----D---- C:\rsit 2014-07-03 20:54:09 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT 2014-06-20 02:12:56 ----D---- C:\Documents and Settings\Peter\Application Data\Copy 2014-06-12 01:25:36 ----SHD---- C:\Documents and Settings\Peter\Application Data\wyUpdate AU 2014-06-05 10:40:23 ----D---- C:\Program Files\MSECache 2014-06-05 10:11:16 ----D---- C:\Program Files\Common Files\Java 2014-06-05 10:11:03 ----A---- C:\WINDOWS\system32\javaws.exe 2014-06-05 10:10:50 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-06-05 10:10:50 ----A---- C:\WINDOWS\system32\javaw.exe 2014-06-05 10:10:50 ----A---- C:\WINDOWS\system32\java.exe 2014-06-05 09:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$ 2014-06-05 09:25:58 ----D---- C:\Program Files\Common Files\DESIGNER ======List of files/folders modified in the last 1 month====== 2014-07-03 21:27:14 ----D---- C:\Program Files\trend micro 2014-07-03 21:24:43 ----D---- C:\WINDOWS\Temp 2014-07-03 21:11:49 ----A---- C:\WINDOWS\iTouch.ini 2014-07-03 21:10:44 ----D---- C:\Documents and Settings\Peter\Application Data\Dropbox 2014-07-03 21:10:36 ----D---- C:\Documents and Settings\Peter\Application Data\DropboxMaster 2014-07-03 21:09:27 ----D---- C:\WINDOWS 2014-07-03 21:04:28 ----D---- C:\WINDOWS\Prefetch 2014-07-03 20:59:54 ----D---- C:\WINDOWS\system32\CatRoot2 2014-07-03 20:58:29 ----D---- C:\WINDOWS\system32\inetsrv 2014-07-03 20:54:43 ----A---- C:\WINDOWS\ModemLog_PC Connectivity Bluetooth Modem.txt 2014-07-03 20:54:43 ----A---- C:\WINDOWS\ModemLog_Nokia N73 Bluetooth Modem.txt 2014-07-03 20:54:37 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt 2014-07-03 20:54:09 ----D---- C:\WINDOWS\system32 2014-07-03 20:54:06 ----D---- C:\Config.Msi 2014-07-03 19:00:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-07-03 18:48:54 ----D---- C:\WINDOWS\CCleaner Back Up 2014-07-03 18:38:16 ----D---- C:\Program Files\CCleaner 2014-07-03 03:03:47 ----RD---- C:\Program Files 2014-07-03 03:03:44 ----SHD---- C:\WINDOWS\Installer 2014-07-03 03:02:31 ----D---- C:\Program Files\Google 2014-07-02 16:11:48 ----RSD---- C:\WINDOWS\assembly 2014-07-02 16:09:54 ----RSD---- C:\WINDOWS\Fonts 2014-07-02 16:09:54 ----D---- C:\Program Files\OpenOffice 4 2014-07-02 14:36:40 ----D---- C:\WINDOWS\WinSxS 2014-07-01 18:25:04 ----D---- C:\Program Files\Rohos 2014-07-01 13:43:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-06-20 16:26:43 ----D---- C:\Program Files\Duplicate Cleaner 2014-06-20 16:04:14 ----D---- C:\WINDOWS\Minidump 2014-06-20 16:04:14 ----D---- C:\WINDOWS\Debug 2014-06-20 15:52:13 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-06-20 15:31:31 ----D---- C:\Documents and Settings\Peter\Application Data\Nokia 2014-06-20 14:27:32 ----D---- C:\Documents and Settings\Peter\Application Data\PC Suite 2014-06-20 14:12:27 ----D---- C:\WINDOWS\system32\drivers\UMDF 2014-06-20 12:50:52 ----D---- C:\WINDOWS\system32\drivers 2014-06-20 02:13:49 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin 2014-06-19 23:49:25 ----D---- C:\Program Files\Mozilla Firefox 2014-06-19 01:20:45 ----D---- C:\Documents and Settings\Peter\Application Data\Spotify 2014-06-19 01:17:51 ----D---- C:\MDT 2014-06-12 08:57:07 ----HD---- C:\WINDOWS\inf 2014-06-11 00:47:15 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-06-11 00:46:09 ----D---- C:\WINDOWS\system32\MRT 2014-06-11 00:35:38 ----A---- C:\WINDOWS\system32\MRT.exe 2014-06-10 15:13:08 ----AD---- C:\.Trash-1000 2014-06-05 22:34:12 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-06-05 10:44:27 ----SD---- C:\Documents and Settings\Peter\Application Data\Microsoft 2014-06-05 10:40:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2014-06-05 10:11:16 ----D---- C:\Program Files\Common Files 2014-06-05 10:10:48 ----D---- C:\Program Files\Java 2014-06-05 09:22:50 ----D---- C:\Program Files\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-02-08 245048] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-02-08 39224] R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-07-21 99176] R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-07-19 13560] R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2014-04-16 104920] R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-07-24 36528] R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128] R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840] R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2014-04-16 15704] R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2014-04-16 607448] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2014-04-16 29912] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920] R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880] R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-06-12 21361] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472] R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544] R2 RHDISK;RHDISK; \??\C:\Program Files\Rohos\RHDISK.SYS [] R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256] R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376] R2 s24trans;WLAN-transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288] R2 XAudio;XAudio; C:\WINDOWS\system32\DRIVERS\xaudio.sys [2006-08-04 8192] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-23 1578496] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568] R3 btaudio;Bluetooth-audioapparaat; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-24 328237] R3 BTDriver;Bluetooth virtuele-communicatiestuurprogramma; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-24 30427] R3 BTKRNL;Bluetooth bus-enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-24 851434] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-24 66488] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752] R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2005-05-25 158464] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960] R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512] R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953] R3 LCcfltr;Logitech USB Filter Driver; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [2004-03-03 14095] R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2004-03-03 37887] R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2006-01-04 1389056] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NETw4x32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872] R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696] R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904] S0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-02-08 96568] S0 cerc6;cerc6; C:\WINDOWS\system32\drivers\cerc6.sys [] S1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-02-08 170808] S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-24 148900] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 cpuz136;cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x32.sys [] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-12-20 27008] S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-12-20 36736] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-12-20 69376] S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560] S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560] S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2013-01-23 137600] S3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-03-27 74752] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072] S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904] S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-23 409600] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-24 266295] R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 5306504] R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-05-21 2135232] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360] R2 Iprip;RIP Listener; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-05-07 182696] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 Rohos Disk;Rohos Disk service; C:\Program Files\Rohos\agent.exe [2013-09-20 812640] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744] R2 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360] R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280] R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360] R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-10-08 356352] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26 116648] S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [2006-08-04 386560] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-26 257712] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 1663192] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-02 119408] S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640] S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208] -----------------EOF-----------------
  3. pvn
    Ja, je begrijpt het goed, die bestanden komen overal voor, zowel op C, mijn documenten, willekeurige onderliggende mappen, usb stick als gdrive. In totaal ongeveer 500. Geen idee waar ze voor staan...
  4. pvn
    Dag Clarkie, De bestanden komen voor in de meeste mappen, er zijn er wel 500. Mvg Peter Als ik er op click opent ONE NOTE zich met volgend bericht: Eens geopend verdwijnen ze weer en staan ze niet meer in de initiële map. De vraag is eigenlijk of ik ze via “zoeken” allen in eens kan verwijderen.
  5. pvn
    Goede middag, is het veilig om honderden bestanden "Microsoft Office OneNote Table Of Contents" te verwijderen. Waarvoor dienen die bestanden? Met Dank.
  6. pvn

    OneNoteg,

    pvn plaatste een topic in Archief OneNote

    Goede Midd OneNote-inhoudsopgave.onetoc2 (Microsoft Office OneNote Table Of Contents) - - - Updated - - - Even opnieuw, kan iemand me vertellen of het veilig is om honderden OneNote-inhoudsopgave.onetoc2 (Microsoft Office OneNote Table Of Contents) te verwijderen. Met dank
  7. pvn
    Kape, Update is niet mogelijk gezien ik met xp pro zit....
  8. pvn
    Kape, Werkt al een stuk beter. Pagina MSN.fr kon ik via SOLUDO veranderen. Wat nog altijd niet werkt is INTERNET OPTIONS (ook niet via controle panel) Als ik erop klik flits het menu even op en verdwijnt dan weer. Kan dit verholpen worden? Avast weer gewisseld voor Comodo. Mvg, Peter
  9. pvn
    Kape, Werkt al een stuk beter. Pagina MSN.fr kon ik via SOLUDO veranderen. Wat nog altijd niet werkt is INTERNET OPTIONS (ook niet via controle panel) Als ik erop klik flits het menu even op en verdwijnt dan weer. Kan dit verholpen worden? Avast weer gewisseld voor Comodo. Mvg, Peter
  10. pvn
    Bedankt Kape, Hierbij het log: Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by JULIE on 29/11/2013 at 9:34:46,62. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\JULIE\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 29/11/2013 09:51:25 Zoek.exe System Restore Point Created Succesfully. ==== Possible Rootkit Infection ====================== C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Desktop\Install ==== Empty Folders Check ====================== C:\Program Files\Acro Software deleted successfully C:\Program Files\File Type Assistant deleted successfully C:\Program Files\Free PDF to Word Doc Converter deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NirSoft deleted successfully C:\Program Files\Common Files\PDF Architect deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\Free PDF to Word Doc Converter deleted successfully C:\Documents and Settings\All Users\Application Data\Musicnotes deleted successfully C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} deleted successfully C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} deleted successfully C:\Documents and Settings\GX620\Application Data\Media Player Classic deleted successfully C:\Documents and Settings\JULIE\Application Data\Sweetpacks deleted successfully C:\Documents and Settings\JULIE\Application Data\uTorrent deleted successfully C:\Documents and Settings\JULIE\Local Settings\Application Data\Avg2013 deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js: Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js: user_pref("browser.startup.homepage", "Yahoo France"); user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("keyword.URL", "Yahoo Search - Recherche Web="); Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} not found C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} not found C:\Documents and Settings\JULIE\usrusmt2.tmp deleted C:\Documents and Settings\All Users\Application Data\InstallMate deleted C:\Documents and Settings\All Users\Application Data\Package Cache deleted C:\Documents and Settings\GX620\Local Settings\Application Data\BearShare deleted C:\Documents and Settings\JULIE\Local Settings\Application Data\Software deleted C:\Documents and Settings\LocalService\Local Settings\Application Data\Software deleted C:\user.js deleted "C:\WINDOWS\tasks\AVG_REG_0913b.job" deleted "C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job" deleted "C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55.ico" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-11-25 14:18:33 D0FBC21805855396820D9C8A6A082A6A 43152 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\DOCUME~1\JULIE\LOCALS~1\Temp ==== 2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe ====== Java Cache ===== 2013-11-27 19:33:17 76C8396B8DFA77938A919B13CA2BF6D9 10061 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\5b00f142-48058456 2013-11-27 19:33:16 3AA71F6D0F3B0DA12034611B9FCB104F 79 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\5b8942b5-6.0.lap ====== C:\WINDOWS\system32 ===== 2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\System32\aswBoot.exe 2013-11-24 11:17:54 B01416804D89B5EC1D206E6DF542DFAB 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\System32\javaws.exe 2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\System32\javaw.exe 2013-11-24 11:17:39 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\System32\java.exe ====== C:\WINDOWS\system32\drivers ===== 2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys 2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys 2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys 2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\System32\drivers\aswsp.sys 2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys 2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys 2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys 2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys ====== C:\WINDOWS\Tasks ====== 2013-11-25 14:26:21 13CE73B8A40032AED2EAD066F5072FDD 364 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job 2013-11-22 09:14:55 171E719A8FE7755ADD232C0C0A18AF87 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-11-28 23:45:49 -------- d-----w- C:\Program Files\trend micro 2013-11-28 11:25:11 -------- d-----w- C:\Program Files\Adblock Plus for IE 2013-11-28 10:55:09 -------- d-----w- C:\Program Files\Dropbox 2013-11-28 10:52:40 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe ======= C: ===== 2013-11-29 08:52:31 37D44C9BDE58E6C9BE5B1EE3AC4EC8F4 90 ----a-w- C:\folders.txt ====== C:\Documents and Settings\JULIE\Application Data ====== 2013-11-28 11:26:57 -------- d-----w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Adblock Plus for IE 2013-11-28 11:25:13 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE 2013-11-28 10:54:49 -------- d-----w- C:\Documents and Settings\JULIE\Start Menu\Programs\Dropbox 2013-11-28 10:53:56 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Dropbox 2013-11-25 14:11:26 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013 ====== C:\Documents and Settings\JULIE ====== 2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe 2013-11-28 20:25:56 -------- d--h--r- C:\Documents and Settings\JULIE\Recent ====== C: exe-files == 2013-11-29 08:25:23 18386D0E20887CE1868638511220014D 1272832 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc1.exe 2013-11-28 23:45:51 FAAE6704627CE37C8E0FB59341604BC5 64467 ----a-w- C:\Program Files\trend micro\JULIE.exe 2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe 2013-11-28 10:55:09 495402813BAC6E506F17306373878F5B 29770248 ----a-w- C:\Program Files\Dropbox\DropboxProxy.exe 2013-11-28 10:52:40 D59FF1C6B3E970350F5B29BF53E16AE5 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe 2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\system32\aswBoot.exe 2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\system32\javaws.exe 2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\system32\javaw.exe 2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\system32\java.exe 2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe 2013-11-22 15:17:34 2A6BE138266B9C6A76BEAF931C725EB4 469072 ----a-w- C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe 2013-11-22 09:14:55 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-11-22 09:14:55 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-11-22 09:14:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe 2013-11-22 09:14:54 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-11-22 09:14:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-11-22 09:14:42 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-11-22 09:14:42 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler64.exe === C: other files == 2013-11-29 08:25:22 BC7ACE2C646A01D194CBBD8B43CAD4DA 1398596 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc2.com 2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys 2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys 2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys 2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\system32\drivers\aswsp.sys 2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys 2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys 2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="C:\program files\real\realplayer\update\realsched.exe -osboot" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bubble Dock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LBubble Dock" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\GX620\\Application Data\\Nosibay\\Bubble Dock\\LBubble Dock.exe\" /winstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON BX300F Series] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="E_SBA" "hkey"="HKCU" "command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEJE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_SBA.tmp\" /EF \"HKCU\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Language" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OPTENET_GUI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="optgui" "hkey"="HKLM" "command"="C:\\PROGRA~1\\CONTRO~1\\bin\\optgui.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2std] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vsnp2std" "hkey"="HKLM" "command"="C:\\WINDOWS\\vsnp2std.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAXPnP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="smax4pnp" "hkey"="HKLM" "command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tisapeksyrte] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="tisapeksyrte" "hkey"="HKCU" "command"="C:\\Documents and Settings\\JULIE\\tisapeksyrte.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk" "backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup" "command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE " "item"="McAfee Security Scan Plus" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" ==== Startup Folders ====================== 2013-11-28 13:49:53 1024 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\Dropbox.lnk 2013-06-29 14:33:27 695 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02/09/2012 10:25] C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job --a------ [undetermined Task] C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job --a------ C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22/11/2013 16:17] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [11/11/2012 14:11] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default E5AF72B7353FF8D431A7C463A4229524 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 4469481C70FB8FF1A85064DDCE03BF49 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.2 951D672F07618CB0783D57EBD65A6EEC - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.2 D53B3F53C1D01D340E9172CC6F2D6385 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.2 B96B53C659E607F7C1E0AD61D8BD57EB - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.2 B6EF669108C9904ACB9933D836733EBA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.2 3565E1D67807EC10A1E26ED42B42B8F2 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.2 652F8CCB343D0CC33D44146CB2948C0D - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.2 256C847CD03160C9088FB440DB929448 - c:\program files\real\realplayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin 555E65306A5D3A5978BE74E1DD62CDD9 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit) E32771B0AE3F18CEFFC12D682025238A - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit) 2DC6257A367A6182E40F748D0396AAF9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) 1E3AA02F2C91A2B25EFB4E355160CDCA - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0 begin_of_the_skype_highlighting 5.1.10411.0 FREE end_of_the_skype_highlighting\npctrl.dll - Silverlight Plug-In 1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat B0753E73FF63F485521A9DDEB7DE91EB - C:\Program Files\Musicnotes\npmusicn.dll - Musicnotes 0DD1E0A385B888107A1F9206189596CF - C:\Program Files\Musicnotes\NPSibelius.dll - ScorchPlugin AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0 begin_of_the_skype_highlighting 5.1.10411.0 FREE end_of_the_skype_highlighting\npctrlui.dll - Microsoft® Silverlight 68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions algijfiaiapkekcjonmjfiniajogplli - C:\Documents and Settings\All Users\Application Data\Bcool\algijfiaiapkekcjonmjfiniajogplli.crx[] jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[11/11/2012 14:11] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 09:59] nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[] RealPlayer HTML5Video Downloader Extension - GX620 - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk ==== Chrome Fix ====================== C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail" "Default_page_url"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_page_url"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{71047469-F76E-4705-8116-96756417035D}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {21219173-FB2A-4E4B-81DF-CF52DE0AC492} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {71047469-F76E-4705-8116-96756417035D} Google Url="{searchTerms} - Google Search?}" ==== Reset Google Chrome ====================== C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{21219173-FB2A-4E4B-81DF-CF52DE0AC492} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\algijfiaiapkekcjonmjfiniajogplli deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\GX620\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\GX620\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\JULIE\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Fingers for Windows" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Recuva" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Reflex'English Cambridge" not deleted ==== EOF on 29/11/2013 at 10:11:53,17 ======================
  11. pvn
    Bedankt Kape, Hierbij het log: Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by JULIE on 29/11/2013 at 9:34:46,62. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\JULIE\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 29/11/2013 09:51:25 Zoek.exe System Restore Point Created Succesfully. ==== Possible Rootkit Infection ====================== C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Desktop\Install ==== Empty Folders Check ====================== C:\Program Files\Acro Software deleted successfully C:\Program Files\File Type Assistant deleted successfully C:\Program Files\Free PDF to Word Doc Converter deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NirSoft deleted successfully C:\Program Files\Common Files\PDF Architect deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\Free PDF to Word Doc Converter deleted successfully C:\Documents and Settings\All Users\Application Data\Musicnotes deleted successfully C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} deleted successfully C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} deleted successfully C:\Documents and Settings\GX620\Application Data\Media Player Classic deleted successfully C:\Documents and Settings\JULIE\Application Data\Sweetpacks deleted successfully C:\Documents and Settings\JULIE\Application Data\uTorrent deleted successfully C:\Documents and Settings\JULIE\Local Settings\Application Data\Avg2013 deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js: Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js: user_pref("browser.startup.homepage", "Yahoo France"); user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("keyword.URL", "Yahoo Search - Recherche Web="); Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} not found C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} not found C:\Documents and Settings\JULIE\usrusmt2.tmp deleted C:\Documents and Settings\All Users\Application Data\InstallMate deleted C:\Documents and Settings\All Users\Application Data\Package Cache deleted C:\Documents and Settings\GX620\Local Settings\Application Data\BearShare deleted C:\Documents and Settings\JULIE\Local Settings\Application Data\Software deleted C:\Documents and Settings\LocalService\Local Settings\Application Data\Software deleted C:\user.js deleted "C:\WINDOWS\tasks\AVG_REG_0913b.job" deleted "C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job" deleted "C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted "C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted "C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55.ico" deleted "C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-11-25 14:18:33 D0FBC21805855396820D9C8A6A082A6A 43152 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\DOCUME~1\JULIE\LOCALS~1\Temp ==== 2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe ====== Java Cache ===== 2013-11-27 19:33:17 76C8396B8DFA77938A919B13CA2BF6D9 10061 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\5b00f142-48058456 2013-11-27 19:33:16 3AA71F6D0F3B0DA12034611B9FCB104F 79 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\5b8942b5-6.0.lap ====== C:\WINDOWS\system32 ===== 2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\System32\aswBoot.exe 2013-11-24 11:17:54 B01416804D89B5EC1D206E6DF542DFAB 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\System32\javaws.exe 2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\System32\javaw.exe 2013-11-24 11:17:39 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\System32\java.exe ====== C:\WINDOWS\system32\drivers ===== 2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys 2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys 2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys 2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\System32\drivers\aswsp.sys 2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys 2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys 2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys 2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys ====== C:\WINDOWS\Tasks ====== 2013-11-25 14:26:21 13CE73B8A40032AED2EAD066F5072FDD 364 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job 2013-11-22 09:14:55 171E719A8FE7755ADD232C0C0A18AF87 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-11-28 23:45:49 -------- d-----w- C:\Program Files\trend micro 2013-11-28 11:25:11 -------- d-----w- C:\Program Files\Adblock Plus for IE 2013-11-28 10:55:09 -------- d-----w- C:\Program Files\Dropbox 2013-11-28 10:52:40 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe ======= C: ===== 2013-11-29 08:52:31 37D44C9BDE58E6C9BE5B1EE3AC4EC8F4 90 ----a-w- C:\folders.txt ====== C:\Documents and Settings\JULIE\Application Data ====== 2013-11-28 11:26:57 -------- d-----w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Adblock Plus for IE 2013-11-28 11:25:13 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE 2013-11-28 10:54:49 -------- d-----w- C:\Documents and Settings\JULIE\Start Menu\Programs\Dropbox 2013-11-28 10:53:56 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Dropbox 2013-11-25 14:11:26 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013 ====== C:\Documents and Settings\JULIE ====== 2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe 2013-11-28 20:25:56 -------- d--h--r- C:\Documents and Settings\JULIE\Recent ====== C: exe-files == 2013-11-29 08:25:23 18386D0E20887CE1868638511220014D 1272832 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc1.exe 2013-11-28 23:45:51 FAAE6704627CE37C8E0FB59341604BC5 64467 ----a-w- C:\Program Files\trend micro\JULIE.exe 2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe 2013-11-28 10:55:09 495402813BAC6E506F17306373878F5B 29770248 ----a-w- C:\Program Files\Dropbox\DropboxProxy.exe 2013-11-28 10:52:40 D59FF1C6B3E970350F5B29BF53E16AE5 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe 2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\system32\aswBoot.exe 2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\system32\javaws.exe 2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\system32\javaw.exe 2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\system32\java.exe 2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe 2013-11-22 15:17:34 2A6BE138266B9C6A76BEAF931C725EB4 469072 ----a-w- C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe 2013-11-22 09:14:55 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-11-22 09:14:55 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-11-22 09:14:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe 2013-11-22 09:14:54 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-11-22 09:14:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-11-22 09:14:42 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-11-22 09:14:42 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler64.exe === C: other files == 2013-11-29 08:25:22 BC7ACE2C646A01D194CBBD8B43CAD4DA 1398596 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc2.com 2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys 2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys 2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys 2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\system32\drivers\aswsp.sys 2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys 2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys 2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="C:\program files\real\realplayer\update\realsched.exe -osboot" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bubble Dock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LBubble Dock" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\GX620\\Application Data\\Nosibay\\Bubble Dock\\LBubble Dock.exe\" /winstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON BX300F Series] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="E_SBA" "hkey"="HKCU" "command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEJE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_SBA.tmp\" /EF \"HKCU\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Language" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OPTENET_GUI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="optgui" "hkey"="HKLM" "command"="C:\\PROGRA~1\\CONTRO~1\\bin\\optgui.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2std] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vsnp2std" "hkey"="HKLM" "command"="C:\\WINDOWS\\vsnp2std.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAXPnP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="smax4pnp" "hkey"="HKLM" "command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tisapeksyrte] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="tisapeksyrte" "hkey"="HKCU" "command"="C:\\Documents and Settings\\JULIE\\tisapeksyrte.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk" "backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup" "command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE " "item"="McAfee Security Scan Plus" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" ==== Startup Folders ====================== 2013-11-28 13:49:53 1024 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\Dropbox.lnk 2013-06-29 14:33:27 695 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02/09/2012 10:25] C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job --a------ [undetermined Task] C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job --a------ C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22/11/2013 16:17] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [11/11/2012 14:11] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default E5AF72B7353FF8D431A7C463A4229524 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 4469481C70FB8FF1A85064DDCE03BF49 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.2 951D672F07618CB0783D57EBD65A6EEC - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.2 D53B3F53C1D01D340E9172CC6F2D6385 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.2 B96B53C659E607F7C1E0AD61D8BD57EB - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.2 B6EF669108C9904ACB9933D836733EBA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.2 3565E1D67807EC10A1E26ED42B42B8F2 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.2 652F8CCB343D0CC33D44146CB2948C0D - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.2 256C847CD03160C9088FB440DB929448 - c:\program files\real\realplayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin 555E65306A5D3A5978BE74E1DD62CDD9 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit) E32771B0AE3F18CEFFC12D682025238A - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit) 2DC6257A367A6182E40F748D0396AAF9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) 1E3AA02F2C91A2B25EFB4E355160CDCA - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In 1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat B0753E73FF63F485521A9DDEB7DE91EB - C:\Program Files\Musicnotes\npmusicn.dll - Musicnotes 0DD1E0A385B888107A1F9206189596CF - C:\Program Files\Musicnotes\NPSibelius.dll - ScorchPlugin AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight 68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions algijfiaiapkekcjonmjfiniajogplli - C:\Documents and Settings\All Users\Application Data\Bcool\algijfiaiapkekcjonmjfiniajogplli.crx[] jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[11/11/2012 14:11] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 09:59] nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[] RealPlayer HTML5Video Downloader Extension - GX620 - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk ==== Chrome Fix ====================== C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail" "Default_page_url"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_page_url"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{71047469-F76E-4705-8116-96756417035D}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {21219173-FB2A-4E4B-81DF-CF52DE0AC492} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {71047469-F76E-4705-8116-96756417035D} Google Url="{searchTerms} - Google Search?}" ==== Reset Google Chrome ====================== C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{21219173-FB2A-4E4B-81DF-CF52DE0AC492} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\algijfiaiapkekcjonmjfiniajogplli deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\GX620\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\GX620\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\JULIE\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Fingers for Windows" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Recuva" not deleted "C:\Documents and Settings\All Users\Start Menu\Programs\Reflex'English Cambridge" not deleted ==== EOF on 29/11/2013 at 10:11:53,17 ======================
  12. pvn
    Clarkie, bedankt voor de uitleg: Comodo werd verwijderd, nu krijg ik wel melding ivm ontbrekende firewall. Hierbij het log: Logfile of random's system information tool 1.06 (written by random/random) Run by JULIE at 2013-11-29 00:46:15 Microsoft Windows XP Professional Service Pack 3 System drive C: has 25 GB (33%) free of 76 GB Total RAM: 2038 MB (59% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\AVG_REG_0913b.job C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-11 426736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-25 606544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-25 606544] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2012-11-11 296096] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-25 3568312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608] "Google Update"=C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-10-18 116648] "Google Update"=C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-10-18 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock] C:\Documents and Settings\GX620\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe /winstartup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON BX300F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [2008-01-22 188928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std] C:\WINDOWS\vsnp2std.exe [2006-01-06 344064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte] C:\Documents and Settings\JULIE\tisapeksyrte.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\program files\real\realplayer\update\realsched.exe [2012-11-11 296096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] C:\PROGRA~1\MCAFEE~1\30982A~1.207\SSSCHE~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "RichVideo"=2 "avast! Antivirus"=2 "WebOptimizer"=2 "Web Assistant Updater"=2 "MozillaMaintenance"=3 "McComponentHostService"=3 C:\Documents and Settings\JULIE\Start Menu\Programs\Startup Dropbox.lnk - C:\Documents and Settings\JULIE\Application Data\Dropbox\bin\Dropbox.exe OpenOffice.org 3.4.1.lnk - C:\Program Files\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74271178.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\74271178.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoResolveSearch"= "NoDriveTypeAutoRun"= "NoDriveAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 3 months====== 2013-11-29 00:45:49 ----D---- C:\rsit 2013-11-29 00:45:49 ----D---- C:\Program Files\trend micro 2013-11-29 00:21:20 ----SHD---- C:\Config.Msi 2013-11-28 12:25:13 ----D---- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE 2013-11-28 12:25:11 ----D---- C:\Program Files\Adblock Plus for IE 2013-11-28 11:55:09 ----D---- C:\Program Files\Dropbox 2013-11-28 11:53:56 ----D---- C:\Documents and Settings\JULIE\Application Data\Dropbox 2013-11-28 11:52:40 ----A---- C:\Program Files\Dropbox 2.4.7.exe 2013-11-25 15:20:59 ----D---- C:\Documents and Settings\JULIE\Application Data\AVAST Software 2013-11-25 15:18:38 ----A---- C:\WINDOWS\system32\aswBoot.exe 2013-11-25 15:17:56 ----D---- C:\Program Files\AVAST Software 2013-11-25 15:17:17 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software 2013-11-24 12:17:54 ----A---- C:\WINDOWS\system32\javaws.exe 2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\javaw.exe 2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\java.exe 2013-10-28 13:30:20 ----D---- C:\Program Files\GeoGebra 4.2 2013-10-14 19:16:10 ----A---- C:\Program Files\adblockplusie-1.1.exe 2013-09-30 20:10:35 ----D---- C:\Documents and Settings\JULIE\Application Data\xm1 2013-09-30 20:01:56 ----D---- C:\Program Files\Algobox 2013-09-30 08:48:36 ----D---- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign 2013-09-25 09:32:54 ----HD---- C:\VTRoot 2013-09-17 09:27:11 ----D---- C:\Program Files\Common Files\Java 2013-09-17 09:25:38 ----A---- C:\DelFix.txt 2013-09-16 22:24:51 ----D---- C:\AdwCleaner 2013-09-16 17:52:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-09-16 16:28:13 ----D---- C:\Documents and Settings\JULIE\Application Data\AVG 2013-09-16 16:25:11 ----D---- C:\Documents and Settings\All Users\Application Data\AVG 2013-09-16 16:24:46 ----SHD---- C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2013-09-16 16:22:25 ----A---- C:\WINDOWS\system32\avg_tuh_stf_all_2014_146_24c28.exe 2013-09-16 16:06:45 ----D---- C:\Documents and Settings\JULIE\Application Data\TuneUp Software 2013-09-16 16:04:53 ----D---- C:\Program Files\AVG 2013-09-16 15:58:11 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files 2013-09-16 15:58:10 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData 2013-09-16 15:50:28 ----D---- C:\Program Files\Microsoft Windows OneCare Live 2013-09-16 15:41:29 ----A---- C:\WINDOWS\system32\WindowsXP-KB942288-v3-x86.exe 2013-09-16 15:30:17 ----A---- C:\WINDOWS\system32\mseinstall.exe 2013-09-16 13:54:55 ----SHD---- C:\RECYCLER 2013-09-16 10:21:29 ----D---- C:\WINDOWS\erdnt 2013-09-16 10:05:07 ----D---- C:\WINDOWS\CSC 2013-09-10 17:48:31 ----A---- C:\WINDOWS\system32\autorun_usb_32.exe ======List of files/folders modified in the last 3 months====== 2013-11-29 00:45:49 ----RD---- C:\Program Files 2013-11-29 00:42:22 ----D---- C:\Documents and Settings\JULIE\Application Data\Skype 2013-11-29 00:33:01 ----D---- C:\WINDOWS\Temp 2013-11-29 00:26:17 ----D---- C:\WINDOWS\Prefetch 2013-11-29 00:26:09 ----D---- C:\WINDOWS\system32\drivers 2013-11-29 00:24:10 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-11-29 00:23:55 ----SHD---- C:\WINDOWS\Installer 2013-11-29 00:21:51 ----D---- C:\WINDOWS\system32 2013-11-29 00:21:49 ----SD---- C:\WINDOWS\Tasks 2013-11-29 00:00:14 ----D---- C:\WINDOWS 2013-11-28 23:41:48 ----D---- C:\WINDOWS\system32\CatRoot2 2013-11-28 17:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache 2013-11-26 17:35:54 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2013-11-26 17:35:49 ----RD---- C:\Program Files\Skype 2013-11-25 15:18:38 ----D---- C:\WINDOWS\WinSxS 2013-11-25 15:10:48 ----HD---- C:\WINDOWS\inf 2013-11-24 12:17:39 ----D---- C:\Program Files\Java 2013-11-22 10:15:17 ----D---- C:\Documents and Settings\JULIE\Application Data\Mozilla 2013-11-09 12:57:35 ----D---- C:\Documents and Settings\JULIE\Application Data\Winamp 2013-10-27 16:03:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2013-10-23 23:52:00 ----D---- C:\WINDOWS\Network Diagnostic 2013-10-22 10:10:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2013-10-21 20:40:39 ----D---- C:\Documents and Settings\JULIE\Application Data\dvdcss 2013-09-29 14:57:01 ----D---- C:\Program Files\Mozilla Firefox 2013-09-17 09:27:11 ----D---- C:\Program Files\Common Files 2013-09-16 20:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2013-09-16 16:41:13 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2013-09-16 16:41:13 ----D---- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2013-09-16 15:36:12 ----D---- C:\WINDOWS\SoftwareDistribution 2013-09-16 15:23:24 ----D---- C:\WINDOWS\Debug 2013-09-16 13:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$ 2013-09-16 10:05:17 ----D---- C:\Documents and Settings 2013-09-16 08:05:54 ----D---- C:\Program Files\Google ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys [] R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys [] R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys [] R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032] R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys [] R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504] R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-03-17 132608] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160] R3 rt2870;Conceptronic 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-06-30 722432] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352] R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984] S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys [] S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [] S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [] S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [] S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 tccp;tccp; C:\WINDOWS\system32\DRIVERS\tccp.sys [2013-09-10 28824] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-25 50344] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2009-08-24 69632] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696] R2 ReflectService.exe;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-08-21 224960] R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 250568] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S4 ?etadpug;Google Update Service (gupdate); C:\Program Files\Google\Desktop\Install\{5e265d20-691f-8eec-2f44-4563ecb2feae}\ \ \???\{5e265d20-691f-8eec-2f44-4563ecb2feae}\GoogleUpdate.exe < [] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  13. pvn
    Dag allen, Na het installeren van Avast free AV, begon het probleem: bij het openen van mijn browser IE 8 krijg ik nu altijd de volgende voor mij vervelende pagina pagina te zien: MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail Het laden van die pagina duurt ook een eeuwigheid. Bij het klikken op Tools, Internet Options, gebeurd er helemaal niets meer, ik kan dus geen nieuwe homepage bepalen. In Control panel zie nik het icoon Internet Options nog maar ik kan het niet meer openen. Besturingssysteem: xp pro op dell gx 620, comodo internet security premium, avast free kan iemend helpen, Met dank, Peter
  14. pvn
    Ok, ik denk dat nu alles opgelost is... met dank, Peter Ik laatst net een nieuwe vraag ivm Proofing tools spaans office 2007
  15. pvn
    Dag allen, Kan iemand helpen met het vinden van spaanse proofing tools voor mijn office 2007. Een paar jaar geleden ooit eens tegen betaling gedownload en geinstalleerd, maar na formatteren kan ik het niet meer vinden. Mvg, Peter
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.