Ga naar inhoud

PaulaKooistra

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    6

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door PaulaKooistra

  1. PaulaKooistra
    Fantastisch, bedankt! Ik sluit het af.
  2. PaulaKooistra
    Ik geloof dat alles weg is! SpyHunter geeft nog één melding van een onbekend object: Realtek® High Definition Audio Function Driver (RTKVHDA.sys), SpyHunter zegt dat zodra ze hebben uitgezocht wat het is ze een juiste actie zullen ondernemen. Maar verder is alle reclame weg, alle linkjes overal onder, heerlijk! Heel hartelijk bedankt voor uw hulp!
  3. PaulaKooistra
    En dit is de log van zoek.exe: Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by Robbie on do 31-10-2013 at 21:10:05,90. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Robbie\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-08-19-060735.log 45686 bytes ==== Empty Folders Check ====================== C:\Program Files\BearShare Applications deleted successfully C:\Program Files\eSobi deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Common Files\Symantec Shared deleted successfully C:\ProgramData\NtiDvdCopy deleted successfully C:\ProgramData\Symantec deleted successfully C:\ProgramData\Web Page Maker deleted successfully C:\Users\Jelle Kooistra\AppData\Roaming\Logitech deleted successfully C:\Users\Jelle Kooistra\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Robbie\AppData\Roaming\Logitech deleted successfully C:\Users\Robbie\AppData\Roaming\Media Player Classic deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-907318438-3544772815-2518106823-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D78990A-2539-5417-114D-58BFC028C837} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vToolbarUpdater15.4.0 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.2MUR656L22E5XJR7MTEMYUEMBY\shell\open\command] @="C:\\Users\\Robbie\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.Robbie\shell\open\command] @="C:\\Users\\Jelle Kooistra\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe" ==== Deleting Files \ Folders ====================== C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6...0cd2a102a9.com not found C:\Program Files\AVG Nation toolbar not found "C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\searchplugins\Web Search.xml" not found C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} deleted C:\Windows\system32\appdata deleted C:\Users\Jelle Kooistra\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Users\Jelle Kooistra\AppData\LocalLow\wincorebsband deleted C:\Users\Jelle Kooistra\AppData\LocalLow\mediabarbs deleted C:\Users\Robbie\AppData\LocalLow\wincorebsband deleted C:\Users\Robbie\AppData\LocalLow\mediabarbs deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted C:\Windows\wininit.ini deleted C:\Windows\system32\tasks\RunAsStdUser Task deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Robbie\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-10-25 15:16:39 55CEF8FE478E41C8EBCF7B27AF991A3F 18968 ----a-w- C:\Windows\System32\sdnclean.exe ====== C:\Windows\system32\drivers ===== 2013-10-11 19:34:48 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-10-11 19:34:30 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-11 19:34:30 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-11 19:34:30 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-11 19:34:30 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-11 19:34:30 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-10-11 19:34:30 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-11 19:34:29 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2013-10-11 19:34:28 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-10-11 19:34:24 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys ====== C:\Windows\Tasks ====== 2013-10-06 12:43:15 4156C4143B854732D17CC65A7D433079 3032 ----a-w- C:\Windows\system32\Tasks\{28C3ADA7-F6D4-4D9D-A0CA-E33029EB90F1} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-29 08:38:43 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Robbie\AppData\Roaming ====== 2013-10-21 15:54:29 -------- d-----w- C:\Users\Robbie\AppData\Roaming\.aethericcrusade 2013-10-15 16:22:26 -------- d-----w- C:\Users\Robbie\AppData\Roaming\TeamViewer 2013-10-07 18:36:48 8702AE3D2750659421D20C1FF136494E 333040 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2013-10-06 12:14:45 -------- d-----w- C:\Users\Robbie\AppData\Roaming\AVG2014 2013-10-06 12:14:04 -------- d-----w- C:\Users\Robbie\AppData\Local\Avg2014 2013-10-04 15:39:55 -------- d-----w- C:\Users\Jelle Kooistra\AppData\Roaming\AVG2014 2013-10-04 15:38:22 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014 2013-10-04 15:33:15 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014 2013-10-04 15:31:59 -------- d-----w- C:\Users\Jelle Kooistra\AppData\Local\Adobe_Systems_Incorporate 2013-10-04 15:21:16 -------- d-----w- C:\Users\Jelle Kooistra\AppData\Local\Avg2014 ====== C:\Users\Robbie ====== 2013-10-31 19:52:42 8C27D71B2F6719136407C525ECF18D51 1060070 ----a-w- C:\Users\Robbie\Desktop\adwcleaner.exe 2013-10-31 19:50:36 8C27D71B2F6719136407C525ECF18D51 1060070 ----a-w- C:\Users\Jelle Kooistra\Downloads\adwcleaner.exe 2013-10-29 08:56:19 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT (2).exe 2013-10-29 08:38:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT (1).exe 2013-10-29 08:32:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT.exe 2013-10-29 07:46:14 -------- d-----w- C:\ProgramData\HitmanPro 2013-10-29 07:45:55 965DDCC6BC59CE4B19A8C842A66C9F48 9212696 ----a-w- C:\Users\Robbie\Downloads\hitmanpro.exe 2013-10-11 19:27:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-10-04 15:33:43 -------- d-----w- C:\ProgramData\AVG2014 2013-10-04 15:30:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ====== C: exe-files == 2013-10-31 19:52:42 8C27D71B2F6719136407C525ECF18D51 1060070 ----a-w- C:\Users\Robbie\Desktop\adwcleaner.exe 2013-10-31 19:50:36 8C27D71B2F6719136407C525ECF18D51 1060070 ----a-w- C:\Users\Jelle Kooistra\Downloads\adwcleaner.exe 2013-10-29 08:56:19 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT (2).exe 2013-10-29 08:38:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Robbie.exe 2013-10-29 08:38:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT (1).exe 2013-10-29 08:32:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Robbie\Downloads\RSIT.exe 2013-10-29 07:45:55 965DDCC6BC59CE4B19A8C842A66C9F48 9212696 ----a-w- C:\Users\Robbie\Downloads\hitmanpro.exe 2013-10-25 16:10:00 20276081772DDDB3BF689FD642E7EAAD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-907318438-3544772815-2518106823-1001\$IQIST6I.exe 2013-10-25 16:09:53 BAB96423A4C47066C695310C16C815DE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-907318438-3544772815-2518106823-1001\$IYTFZMS.exe === C: other files == 2013-10-29 12:04:17 763E7EF482EBABED2AE1DFB35ED1351F 11162832 ----a-w- C:\Users\Robbie\Downloads\Helling-proefpakket.zip 2013-10-26 13:06:53 9F1B4E56DF5B9AC869FDEAF3A3BDFA5F 79761 ----a-w- C:\ProgramData\AVG2014\IDS\outbox\tmp_a85ab3d4-7042-47d3-a6e9-d16fd8c5a5cc.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-907318438-3544772815-2518106823-1001\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spybot-S&D Cleaning"="C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" "eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" "ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" "PLFSetI"="C:\Windows\PLFSetI.exe" "Skytel"="Skytel.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SDTray"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spybot-S&D Cleaning"="C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06-12-2011 20:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06-12-2011 20:56] C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe [] C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:CNOF s 8C:\Program Files\Spybot - Search Destroy 2\SDScan.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-JELLE-WERK-Jelle Kooistra" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-JELLE-WERK-Robbie" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Check for updates (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1000Core" [C:\Users\Jelle Kooistra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1000UA" [C:\Users\Jelle Kooistra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1001Core" [C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1001UA" [C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Refresh immunization (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe] "C:\Windows\system32\tasks\Scan the system (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe] "C:\Windows\system32\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\system32\tasks\{28C3ADA7-F6D4-4D9D-A0CA-E33029EB90F1}" ["c:\users\robbie\appdata\local\google\chrome\application\chrome.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [28-08-2011 22:18] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default - Plus-HD-2.2 - %ProfilePath%\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com - glindorus - %ProfilePath%\extensions\firefox@glindorus.net.xpi ExtDir: C:\Users\Jelle Kooistra\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 884705AD43780C86782935D5B1F1E4DE - C:\Users\Robbie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator E85BC9AF3B4481B875F5A9BD73E8732F - C:\Users\Robbie\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer 683B6A2376FA62A797A9DC83807CACA8 - C:\Users\Robbie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17 9CD7CD8FD07718851DD8081CDF8CA3E7 - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll - AdobeExManDetect A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director B674373AED09BDC9C4150B5762FD4360 - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll - Harmony Firefox Plugin F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector FE7797CA1D549131F0A235DC13B87E7F - C:\Users\Robbie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect ==== Deleted Firefox Extensions ====================== C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com deleted C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\extensions\firefox@glindorus.net.xpi deleted C:\Users\Jelle Kooistra\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[] cljghnkcnkhedlnhdgbcbefjoapionoc - C:\Users\Robbie\AppData\Local\eToolKit\Beemp3.crx[] dnlhamhiejpiajljicfphhpiahoojipl - C:\Users\Robbie\AppData\Local\eToolKit\FacebookShare.crx[] dpmoonohndgmmnlcnjajheaahmnjlbmj - C:\Users\Robbie\AppData\Local\eToolKit\FacebookStatus.crx[] eelchhiiipbeleiimmhpdfbagkcjdmdm - C:\Users\Robbie\AppData\Local\eToolKit\FacebookChat.crx[] fppahmlkambbejgkiidklamcmhealjag - C:\Users\Robbie\AppData\Local\eToolKit\FacebookLike.crx[] jchankggehakkafdlalgmfbodgfilnbg - C:\Users\Robbie\AppData\Local\eToolKit\FacebookMain.crx[] jedcimnjemkbmkkngncfgfpjgfcapimk - C:\Users\Robbie\AppData\Local\eToolKit\Extmanager.crx[] omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx[01-05-2012 21:45] Google Drive - Jelle Kooistra - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jelle Kooistra - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jelle Kooistra - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Jelle Kooistra - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jelle Kooistra - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Angry Birds - Robbie - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Monster Dash - Robbie - Default\Extensions\cknghehebaconkajgiobncfleofebcog Bloxorz - Robbie - Default\Extensions\dfkaiemjhgblkkcanmhciiopcehlhnhi Egg Snatch - Robbie - Default\Extensions\fpnfdfjnajgdmhbnphmnlcllehkpkong Monster Mowdown - Robbie - Default\Extensions\geigdllbfbaahjmlnjpccakpdfbgmlel Crazy Buggy 3D - Robbie - Default\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik Apple Shooter - Robbie - Default\Extensions\ingecjekeggadjbbklelffkgeppklgnm Crash Bandicoot - Robbie - Default\Extensions\kbodigjlkohjaldailjkjlnklenbfgcj Cargo Bridge - Robbie - Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn Isoball - Robbie - Default\Extensions\kejjemnehdnkjkjnjbiilhlpnbliolhf Gravity Duck - Robbie - Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma Mr MothBall - Robbie - Default\Extensions\mcojpamlhfgicdibfhfpfaialnlaghbi Plants vs Zombies - Robbie - Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina Chrome In-App Payments service - Robbie - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 20-20 3D Viewer for IKEA - Robbie - Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm Christmas Cat - Robbie - Default\Extensions\nobjelkmiaiccegpaiglpcjjdnekpopi Nyan Cat Lost In Space - Robbie - Default\Extensions\ocolcbginmpjiobmipdgimnpeplgbghg My Robot Nation - Robbie - Default\Extensions\okmedjidogeeadcippfjfhplchokdhhc MyHarmony Chrome Plugin - Robbie - Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf Sinuous - Robbie - Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl Red Ball 2 - Robbie - Default\Extensions\pcijmfpdmfbijcfediiabagagmkiaceh Falling Sand - Robbie - Default\Extensions\pggaepdghiamdelgbgolfggheakmdgon Wolf Toss - Robbie - Default\Extensions\pjlncddmdljpioccbmempchonhlifakc Possibly the best game ever made Jump jump jump - Robbie - Default\Extensions\polmonmjcgfjmbdfoiemmfgbglgaibfj Gun Cars - Robbie - Default\Extensions\ppdkalaelbokfggahpcacdhjjbpljnkp ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {30750DD1-EADD-4cf1-A485-C736C96936AB} Web Search (eToolKit) Url="http://search.etoolkit.com/search?q={searchTerms}&id=0263c0cb66755c96438eef8d813bcc8032f&s=p" {60F9DF01-54AC-4F25-A59A-063E895E20FC} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-907318438-3544772815-2518106823-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cljghnkcnkhedlnhdgbcbefjoapionoc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dnlhamhiejpiajljicfphhpiahoojipl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dpmoonohndgmmnlcnjajheaahmnjlbmj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eelchhiiipbeleiimmhpdfbagkcjdmdm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fppahmlkambbejgkiidklamcmhealjag deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jchankggehakkafdlalgmfbodgfilnbg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jedcimnjemkbmkkngncfgfpjgfcapimk deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jelle Kooistra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jelle Kooistra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Robbie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Robbie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Jelle Kooistra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Robbie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Robbie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on do 31-10-2013 at 21:40:38,70 ======================
  4. PaulaKooistra
    Op de een of andere manier zie ik uw antwoord nu pas... Ik heb ongetwijfeld niet goed gekeken. Bedankt voor de reactie! Allereerst de log van AdwCleaner, (en dan zal ik ondertussen verdergaan met zoek.zip): # AdwCleaner v3.010 - Report created 31/10/2013 at 20:59:14 # Updated 20/10/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Robbie - JELLE-WERK # Running from : C:\Users\Robbie\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : vToolbarUpdater17.0.12 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Nation toolbar Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec Folder Deleted : C:\Program Files\AVG Nation toolbar Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\myfree codec Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Users\Jelle Kooistra\AppData\Local\AVG Nation toolbar Folder Deleted : C:\Users\Jelle Kooistra\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Jelle Kooistra\AppData\LocalLow\AVG Nation toolbar Folder Deleted : C:\Users\Jelle Kooistra\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Jelle Kooistra\AppData\Roaming\eIntaller Folder Deleted : C:\Users\Robbie\AppData\Local\AVG Nation toolbar Folder Deleted : C:\Users\Robbie\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Robbie\AppData\Local\Ilivid Player Folder Deleted : C:\Users\Robbie\AppData\Local\PackageAware Folder Deleted : C:\Users\Robbie\AppData\LocalLow\AVG Nation toolbar Folder Deleted : C:\Users\Robbie\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Robbie\AppData\LocalLow\FunWebProducts Folder Deleted : C:\Users\Robbie\AppData\LocalLow\searchquband Folder Deleted : C:\Users\Robbie\AppData\Roaming\Systweak Folder Deleted : C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\ilividmoviestoolbardla Folder Deleted : C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo Folder Deleted : C:\Users\Jelle Kooistra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof File Deleted : C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\searchplugins\Web Search.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-chromeinstaller [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C2FD3E1-B228-4506-9170-30F1D2338626} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C2FD3E1-B228-4506-9170-30F1D2338626} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-codedownloader [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ACEE4F0-6BBE-4A89-9638-EF2D509342E4} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8ACEE4F0-6BBE-4A89-9638-EF2D509342E4} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-enabler [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BFB74DE-21F5-409D-8DB6-F889F7AC6D2E} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BFB74DE-21F5-409D-8DB6-F889F7AC6D2E} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-firefoxinstaller [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881530A6-C43F-4415-89E0-6FDF714A6BD1} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{881530A6-C43F-4415-89E0-6FDF714A6BD1} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-updater [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9206F6B3-7AD5-4CA0-BF71-8CF722A2485F} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9206F6B3-7AD5-4CA0-BF71-8CF722A2485F} Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31D8407C-62E4-4125-A4A9-717EFB1A56AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Myfree Codec Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-2.2 Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\iMeshSRTB Key Deleted : HKLM\Software\Myfree Codec Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-2.2 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160 Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 -\\ Mozilla Firefox v18.0.1 (en-US) [ File : C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\prefs.js ] Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=37d057a4-cf7d-45a4-8be5-789c84c337c0&searchtype=hp&installDate=12/08/2013")[...] Line Deleted : user_pref("browser.search.selectedEngine", "Web Search"); Line Deleted : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=37d057a4-cf7d-45a4-8be5-789c84c337c0&searchtype=ds&installDate=12/08/2013&q="); Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=37d057a4-cf7d-45a4-8be5-789c84c337c0&searchtype=nt&installDate=12/08/2013&q="); -\\ Google Chrome v [ File : C:\Users\Jelle Kooistra\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10791 octets] - [31/10/2013 20:57:14] AdwCleaner[s0].txt - [11101 octets] - [31/10/2013 20:59:14] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11162 octets] ##########
  5. PaulaKooistra
    Logfile of random's system information tool 1.09 (written by random/random) Run by Robbie at 2013-10-29 09:38:42 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 139 GB (60%) free of 232 GB Total RAM: 3036 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:39:13, on 29-10-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16514) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\rundll32.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Windows\PLFSetI.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG Nation toolbar\vprot.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\Robbie\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Users\Robbie\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Robbie\Downloads\RSIT (1).exe C:\Program Files\trend micro\Robbie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Nation toolbar\vprot.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" (User 'Jelle Kooistra') O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Jelle Kooistra') O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe (User 'Jelle Kooistra') O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload (User 'Jelle Kooistra') O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Jelle Kooistra\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ee62b470c61847d1801ed16fd8c5a5cc-80c25fe896441799a1bf61eea362d983d4de3e81 --CMPID 0913b (User 'Jelle Kooistra') O4 - HKUS\S-1-5-21-907318438-3544772815-2518106823-1000\..\Run: [Google Update] "C:\Users\Jelle Kooistra\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Jelle Kooistra') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe (file missing) O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- End of file - 13500 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1000UA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-907318438-3544772815-2518106823-1001UA.job C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job =========Mozilla firefox========= ProfilePath - C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default prefs.js - "browser.startup.homepage" - "http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=37d057a4-cf7d-45a4-8be5-789c84c337c0&searchtype=hp&installDate=12/08/2013" prefs.js - "keyword.URL" - "http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=37d057a4-cf7d-45a4-8be5-789c84c337c0&searchtype=ds&installDate=12/08/2013&q=" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0] "Description"=Logitech Harmony Remote Plugin "Path"=C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect] "Description"= "Path"=C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ bing.xml google.xml yahoo.xml C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\extensions\ 4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\qt4ecio3.default\searchplugins\ Web Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-23 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-23 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512] "eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896] "eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768] "ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312] "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-29 13601312] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-29 92704] "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768] "PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704] "Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-03-06 421736] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904] "AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-06-25 1073352] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592] "KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128] "WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2003-04-02 12288] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "vProt"=C:\Program Files\AVG Nation toolbar\vprot.exe [2013-10-02 2403144] "SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-11-17 135168] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376] "Google Update"=C:\Users\Robbie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 136176] "Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2013-09-20 3666224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] SDWinLogon.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=l3codecp.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll "msacm.siren"=sirenacm.dll "VIDC.FPS1"=frapsvid.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .scr - open - "C:\Windows\system32\notepad.exe" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 month====== 2013-10-29 09:38:43 ----D---- C:\Program Files\trend micro 2013-10-29 09:38:42 ----D---- C:\rsit 2013-10-29 08:46:14 ----D---- C:\ProgramData\HitmanPro 2013-10-25 16:16:39 ----A---- C:\Windows\system32\sdnclean.exe 2013-10-21 16:54:29 ----D---- C:\Users\Robbie\AppData\Roaming\.aethericcrusade 2013-10-15 17:22:26 ----D---- C:\Users\Robbie\AppData\Roaming\TeamViewer 2013-10-11 22:57:57 ----A---- C:\Windows\system32\vbscript.dll 2013-10-11 22:57:57 ----A---- C:\Windows\system32\mshtmled.dll 2013-10-11 22:57:56 ----A---- C:\Windows\system32\ieui.dll 2013-10-11 22:57:55 ----A---- C:\Windows\system32\wininet.dll 2013-10-11 22:57:55 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-11 22:57:55 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-11 22:57:55 ----A---- C:\Windows\system32\ieUnatt.exe 2013-10-11 22:57:54 ----A---- C:\Windows\system32\jscript9.dll 2013-10-11 22:57:54 ----A---- C:\Windows\system32\jscript.dll 2013-10-11 22:57:53 ----A---- C:\Windows\system32\url.dll 2013-10-11 22:57:53 ----A---- C:\Windows\system32\iertutil.dll 2013-10-11 22:57:52 ----A---- C:\Windows\system32\urlmon.dll 2013-10-11 22:57:51 ----A---- C:\Windows\system32\mshtml.dll 2013-10-11 22:57:49 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 20:34:59 ----A---- C:\Windows\system32\FntCache.dll 2013-10-11 20:34:59 ----A---- C:\Windows\system32\DWrite.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10warp.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10level9.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10core.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10_1core.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10_1.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d3d10.dll 2013-10-11 20:34:58 ----A---- C:\Windows\system32\d2d1.dll 2013-10-11 20:34:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-11 20:34:48 ----A---- C:\Windows\system32\cdd.dll 2013-10-11 20:34:46 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 20:34:45 ----A---- C:\Windows\system32\win32k.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-11 20:34:30 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-11 20:34:29 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-11 20:34:28 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-11 20:34:27 ----A---- C:\Windows\system32\atmlib.dll 2013-10-11 20:34:27 ----A---- C:\Windows\system32\atmfd.dll 2013-10-11 20:34:26 ----A---- C:\Windows\system32\comctl32.dll 2013-10-11 20:34:24 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-06 13:14:45 ----D---- C:\Users\Robbie\AppData\Roaming\AVG2014 2013-10-04 16:33:43 ----D---- C:\ProgramData\AVG2014 ======List of files/folders modified in the last 1 month====== 2013-10-29 09:38:43 ----RD---- C:\Program Files 2013-10-29 09:38:34 ----D---- C:\Windows\temp 2013-10-29 09:34:00 ----D---- C:\Windows\Prefetch 2013-10-29 08:54:07 ----D---- C:\Windows\system32\drivers 2013-10-29 08:46:14 ----D---- C:\ProgramData 2013-10-29 08:43:38 ----D---- C:\ProgramData\MFAData 2013-10-29 08:34:04 ----D---- C:\Windows\System32 2013-10-29 08:34:04 ----D---- C:\Windows\inf 2013-10-29 08:34:04 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-27 23:20:05 ----D---- C:\Windows 2013-10-27 22:08:50 ----D---- C:\Windows\system32\catroot2 2013-10-26 17:28:18 ----SHD---- C:\System Volume Information 2013-10-26 13:20:55 ----D---- C:\Users\Robbie\AppData\Roaming\Skype 2013-10-26 08:00:44 ----D---- C:\Windows\MSAgent 2013-10-26 07:42:10 ----SHD---- C:\Windows\Installer 2013-10-26 07:42:10 ----D---- C:\Config.Msi 2013-10-26 07:42:08 ----D---- C:\Users\Robbie\AppData\Roaming\Mozilla 2013-10-25 16:25:21 ----D---- C:\Windows\system32\drivers\etc 2013-10-25 16:17:30 ----D---- C:\Windows\Tasks 2013-10-25 16:17:30 ----D---- C:\Windows\system32\Tasks 2013-10-25 16:17:22 ----D---- C:\Program Files\Spybot - Search & Destroy 2 2013-10-25 16:16:49 ----SD---- C:\ProgramData\Microsoft 2013-10-25 16:16:35 ----D---- C:\ProgramData\Spybot - Search & Destroy 2013-10-21 16:57:59 ----D---- C:\Users\Robbie\AppData\Roaming\.minecraft 2013-10-21 16:54:58 ----D---- C:\VoidLauncher 2013-10-20 21:21:54 ----D---- C:\Windows\Cursors 2013-10-20 20:57:28 ----D---- C:\Users\Robbie\AppData\Roaming\Media Player Classic 2013-10-20 20:57:24 ----D---- C:\Users\Robbie\AppData\Roaming\uTorrent 2013-10-20 20:57:01 ----D---- C:\Windows\Debug 2013-10-12 15:50:17 ----D---- C:\Windows\Microsoft.NET 2013-10-12 15:48:59 ----RSD---- C:\Windows\assembly 2013-10-12 14:20:49 ----D---- C:\Windows\system32\migration 2013-10-12 14:20:47 ----D---- C:\Program Files\Internet Explorer 2013-10-12 14:07:43 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-11 23:33:31 ----D---- C:\Windows\winsxs 2013-10-11 23:32:58 ----D---- C:\ProgramData\Microsoft Help 2013-10-11 23:19:15 ----D---- C:\Windows\system32\MRT 2013-10-11 23:14:14 ----A---- C:\Windows\system32\mrt.exe 2013-10-11 22:58:17 ----D---- C:\Windows\system32\catroot 2013-10-11 20:26:31 ----HD---- C:\$AVG 2013-10-09 18:12:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-10-04 16:40:51 ----D---- C:\Program Files\AVG 2013-10-04 16:38:26 ----D---- C:\ProgramData\AVG2013 2013-10-04 16:30:29 ----D---- C:\Program Files\Adobe 2013-10-02 16:39:59 ----D---- C:\Program Files\AVG Nation toolbar ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264] R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992] R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-02 37664] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392] R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944] R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464] R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264] R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-02-05 37344] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-29 7451264] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB; C:\Windows\system32\DRIVERS\br3gmdm.sys [2008-05-15 104192] S3 catchme;catchme; \??\C:\Users\JELLEK~1\AppData\Local\Temp\catchme.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 114280] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152] R2 BandLuxe_Service;BandLuxe Service; C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [2008-10-03 87264] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784] R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-02-05 233472] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-29 203296] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-15 3921880] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-09-20 1042272] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-09-13 171416] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-06-02 763840] R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712] R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-02 1733448] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 821608] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-06 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384] S2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-04-03 85096] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-06 136176] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-25 115608] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF----------------- - - - Updated - - - Het uitvoeren als administrator is geloof ik niet gelukt... op welk moment moet ik dan op de rechtermuisknop klikken? - - - Updated - - - Het uitvoeren als administrator is geloof ik niet gelukt... op welk moment moet ik dan op de rechtermuisknop klikken?
  6. PaulaKooistra
    Beste PC-Help, Ik heb Monstermarketplace op mijn laptop staan... het is nu de tweede keer. De vorige keer kreeg ik het er af door Spyhunter, CCleaner en Malwarebytes te gebruiken (volgens mij waren dat ze tenminste), maar nu lukt het niet. Spyhunter heeft het steeds over twee bestanden die hij niet kan verwijderen. Ik heb nu net HitmanPro nog geprobeerd, maar ook daarbij staat bij een heleboel infecties 'verwijderen mislukt'. Kunt u me helpen? M.vr.gr. Paula Kooistra
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.