Ga naar inhoud

mimoun

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    5

  • Registratiedatum

  • Laatst bezocht

mimoun's prestaties

Nieuweling

Nieuweling (1/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. mimoun
    Nee, het is opgelost. Jullie zijn van harte bedankt. Mvg Mimoun
  2. mimoun
    oeps hier is het logje van #4 Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Mike on di 11/02/2014 at 23:06:27,19. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mike\Desktop\zoek\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 11/02/2014 23:09:38 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha6540.net"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} not found C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} not found C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} not found C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} not found ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"="C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack" [22/09/2012 09:36] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chrome Look ====================== AdBlock - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Media Player - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jppjknnalobdglnndbmkmmfomngocahe ==== Chrome Fix ====================== C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jppjknnalobdglnndbmkmmfomngocahe deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5444 folders=477 567200467 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Mike\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Mike\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 11/02/2014 at 23:35:53,56 ======================
  3. mimoun
    # AdwCleaner v3.018 - Report created 11/02/2014 at 17:21:01 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) # Username : Mike - PC_VAN_MIKE # Running from : C:\Users\Mike\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jqitsb1e.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\SearchSettings.BHO Key Deleted : HKLM\SOFTWARE\Classes\SearchSettings.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_e77c81ae Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2720081 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-youtube-download_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-youtube-download_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE} Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\Headlight Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Imesh Key Deleted : HKCU\Software\smartbar Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\SProtector Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKLM\Software\Application Updater Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Imesh Key Deleted : HKLM\Software\Search Settings Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\Vittalia Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D82C50F59AED6DA47AA360145789E8BA Key Deleted : HKLM\Software\Classes\Installer\Features\D82C50F59AED6DA47AA360145789E8BA Key Deleted : HKLM\Software\Classes\Installer\Products\D82C50F59AED6DA47AA360145789E8BA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\CC94835868BCA58489B0D79DE655BCB1 ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 -\\ Mozilla Firefox v [ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jqitsb1e.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10158 octets] - [11/02/2014 17:19:35] AdwCleaner[s0].txt - [10324 octets] - [11/02/2014 17:21:01] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10385 octets] ##########
  4. mimoun
    Hier is alvast het log van zoek.exe Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Mike on di 04/02/2014 at 16:34:46,91. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mike\Desktop\zoek.exe [scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-02-04-152624.log 4500 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\TornTV.com deleted C:\Users\Mike\daemonprocess.txt deleted C:\Users\Mike\.android deleted C:\Program Files\Application Updater deleted C:\Program Files\Mobogenie deleted C:\Program Files\Conduit deleted C:\Program Files\VideoPlayerV3 deleted C:\Program Files\MediaPlayerV1 deleted C:\Program Files\Common Files\DVDVideoSoft\TB deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\SearchProtect deleted C:\Program Files\Ss.Helper deleted C:\Program Files\iMesh Applications deleted C:\Program Files\Common Files\Plasmoo deleted C:\extensions.sqlite deleted C:\extensions.ini deleted C:\found.000 deleted C:\found.001 deleted C:\found.002 deleted C:\found.003 deleted C:\found.004 deleted C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Mike\AppData\Roaming\Babylon deleted C:\Users\Mike\AppData\Roaming\GetRightToGo deleted C:\Users\Mike\AppData\Roaming\OpenCandy deleted C:\ProgramData\DownloaaD keeiper deleted C:\ProgramData\SearchNewTab deleted C:\ProgramData\InstallMate deleted C:\ProgramData\WinterSoft deleted C:\Users\Mike\AppData\Local\SearchProtect deleted C:\Users\Mike\AppData\Local\iMesh deleted C:\Users\Mike\AppData\Local\Mobogenie deleted C:\Users\Mike\AppData\Local\SwvUpdater deleted C:\Users\Mike\AppData\Local\Babylon deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons deleted C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki deleted C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Mike\AppData\LocalLow\BabylonToolbar deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\tasks\AmiUpdXp.job deleted C:\Windows\system32\tasks\AmiUpdXp deleted C:\user.js deleted C:\Windows\system32\roboot.exe deleted C:\Windows\System32\SearchProtect deleted C:\Windows\System32\SETBB45.tmp deleted C:\Windows\System32\SETC047.tmp deleted C:\Users\Mike\Documents\Mobogenie deleted C:\Program Files\Mozilla Firefox\components\AskSearch.js deleted "C:\Users\Mike\AppData\Local\{2EBE999A-5CE4-4ECF-A5C8-8302AE0109E7}" deleted "C:\Users\Mike\AppData\Roaming\WeddingPlanner" deleted "C:\ProgramData\e15dda00b846e585\{C1A27135-69EB-8D44-7358-34727DD7B820}" deleted "C:\ProgramData\e15dda00b846e585\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted "C:\Users\Mike\AppData\Roaming\Umiqp\fueqo.bae" deleted "C:\Users\Mike\AppData\Roaming\Umiqp\fueqo.bae.0" deleted "C:\Program Files\Search Settings\SearchSettings.exe" deleted "C:\Program Files\Search Settings\SearchSettingsRes409.dll" deleted "C:\Users\Mike\AppData\Roaming\SkypEmoticons\Res.dll" deleted "C:\Users\Mike\AppData\Roaming\SkypEmoticons\SE.exe" deleted "C:\Users\Mike\AppData\Local\Pokki\analytics.db" deleted "C:\Users\Mike\AppData\Local\Pokki\engine_update.db" deleted "C:\Users\Mike\AppData\Local\Pokki\notifications.db" deleted "C:\Users\Mike\AppData\Local\Pokki\ocdeskband_0.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\avcodec-54.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\avformat-54.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\avutil-51.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\chrome_100_percent.pak" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\en-US.pak" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\icudt.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\libPokki.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\pokki.exe" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine\resources.pak" deleted "C:\Users\Mike\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\lockfile" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cookies-journal" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\QuotaManager" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\QuotaManager-journal" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Visited Links" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Shortcuts" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Visited Links" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cookies-journal" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\QuotaManager" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\QuotaManager-journal" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Visited Links" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cookies" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Network Action Predictor" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases\Databases.db" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\000223.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\MANIFEST-000222" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases\file__0\1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\000223.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\MANIFEST-000222" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Extension State\000142.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Extension State\MANIFEST-000141" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets\Custom.css" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\000223.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\MANIFEST-000222" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\databases\Databases.db" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Extension State\000223.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Extension State\MANIFEST-000222" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\User StyleSheets\Custom.css" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\databases\file__0\1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_2" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_3" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache\index" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\000223.log" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\LOCK" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\MANIFEST-000222" deleted "C:\Users\Mike\AppData\LocalLow\Search Settings\kb130\temp\ws-16104.log" deleted "C:\ProgramData\e15dda00b846e585" deleted "C:\Users\Mike\AppData\Roaming\Umiqp" deleted "C:\Program Files\Search Settings" deleted "C:\Users\Mike\AppData\Roaming\SkypEmoticons" deleted "C:\Users\Mike\AppData\Local\Pokki" not deleted "C:\Users\Mike\AppData\LocalLow\Search Settings" deleted "C:\Users\Mike\AppData\Local\Pokki\Engine" deleted "C:\Users\Mike\AppData\Local\Pokki\Pokkies" not deleted "C:\Users\Mike\AppData\Local\Pokki\UserData" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases\file__0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\Default\Extension State" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\databases" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\Extension State" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\User StyleSheets" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications\databases\file__0" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Cache" deleted "C:\Users\Mike\AppData\Local\Pokki\UserData\notifications-websheet\Extension State" deleted "C:\Users\Mike\AppData\LocalLow\Search Settings\kb130" deleted "C:\Users\Mike\AppData\LocalLow\Search Settings\kb130\temp" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Mike\AppData\Local\Temp ==== 2014-02-03 11:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Mike\AppData\Local\Temp\SPSetup.exe 2014-02-02 00:58:06 D93621AD4347D306E1BD57386E0976BD 966029 ----a-w- C:\Users\Mike\AppData\Local\Temp\Setup2.exe 2014-01-22 11:20:10 BCB0728F4B117855765CE8FE883B5E9B 1536 ----a-w- C:\Users\Mike\AppData\Local\Temp\NOSEventMessages.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-01-23 09:16:33 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf 2014-01-22 11:15:52 F451DCACBAA67F3307305EBD4A39EA07 19072 ----a-w- C:\Windows\System32\drivers\pccsmcfd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-22 11:16:53 -------- d-----w- C:\Program Files\Common Files\Nokia 2014-01-22 11:15:31 -------- d-----w- C:\Program Files\PC Connectivity Solution 2014-01-22 11:08:56 -------- d-----w- C:\Program Files\Nokia ======= C: ===== 2014-01-31 11:01:47 7739879DC29C3BAE53F0CF7541009E66 3416 ------w- C:\bootsqm.dat ====== C:\Users\Mike\AppData\Roaming ====== 2014-01-23 09:18:50 -------- d-----w- C:\Users\Mike\AppData\Roaming\Nokia Suite ====== C:\Users\Mike ====== 2014-02-03 16:21:10 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Mike\Desktop\RSIT.exe 2014-02-02 00:58:22 A3330CDFD73A25712FF44772A8CB23FB 612 --sha-r- C:\ProgramData\ntuser.pol 2014-01-22 11:17:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2014-01-22 11:08:56 -------- d-----w- C:\ProgramData\NokiaInstallerCache ====== C: exe-files == 2014-02-04 09:15:10 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Users\Mike\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe 2014-02-03 16:21:10 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Mike\Desktop\RSIT.exe 2014-02-03 11:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Mike\AppData\Local\Temp\SPSetup.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsxFE54.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsx3145.exe 2014-02-02 00:58:06 D93621AD4347D306E1BD57386E0976BD 966029 ----a-w- C:\Users\Mike\AppData\Local\Temp\Setup2.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsy318F.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nst9EF2.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nst238B.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsiA345.exe === C: other files == 2014-02-04 15:27:05 5025FD1353E96DA1BE0126F5FD5E5A99 1251700 ----a-w- C:\ProgramData\AVG2012\IDS\quarantine\0f5019ac-82fc-47d2-aef9-d15771b8ca7e.zip 2014-01-30 23:20:33 2C133BD2632016D1C22381D8E2B81550 153614 ----a-w- C:\Users\Mike\AppData\Local\Temp\scoped_dir_3028_23888\VideoPlayerV3beta160.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" "Remote Mouse"="C:\Program Files\Remote Mouse\RemoteMouse.exe" "Google Update"="C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "se"="C:\Users\Mike\AppData\Roaming\SkypEmoticons\SE.exe /minimized " "NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray" "Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "Samsung PanelMgr"="C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun" "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "MessengerPlusForSkypeService"="C:\Program Files\Yuna Software\Messenger Plus for Skype\MsgPlusForSkypeService.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile-based device management"="%WINDIR%\WindowsMobile\wmdcBase.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" "Remote Mouse"="C:\Program Files\Remote Mouse\RemoteMouse.exe" "Google Update"="C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "se"="C:\Users\Mike\AppData\Roaming\SkypEmoticons\SE.exe /minimized " "NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray" "Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion] "command"="C:\\Program Files\\Cyberlink\\Shared Files\\brs.exe" "hkey"="HKLM" "item"="BDRegion" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CognizanceTS] "command"="rundll32.exe c:\\PROGRA~1\\BIOSCR~1\\VeriSoft\\Bin\\ASTSVCC.dll,RegisterModule" "hkey"="HKLM" "item"="CognizanceTS" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Health Check Scheduler] "command"="C:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe" "hkey"="HKLM" "item"="HP Health Check Scheduler" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" "hkey"="HKLM" "item"="HP Software Update" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpWirelessAssistant] "command"="%ProgramFiles%\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe" "hkey"="HKLM" "item"="hpWirelessAssistant" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif] "command"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "hkey"="HKLM" "item"="IAAnotif" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "command"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" "hkey"="HKCU" "item"="LightScribe Control Panel" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon] "command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup" "hkey"="HKLM" "item"="NvCplDaemon" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter] "command"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit" "hkey"="HKLM" "item"="NvMediaCenter" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut] "command"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\Language\\Language.exe\"" "hkey"="HKLM" "item"="PDVD8LanguageShortcut" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl] "command"="%ProgramFiles%\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start" "hkey"="HKLM" "item"="QlbCtrl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QPService] "command"="\"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\"" "hkey"="HKLM" "item"="QPService" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8] "command"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\"" "hkey"="HKLM" "item"="RemoteControl8" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSERIAL] "command"="C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe" "hkey"="HKLM" "item"="SMSERIAL" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "command"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\"" "hkey"="HKLM" "item"="SunJavaUpdateSched" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WAWifiMessage] "command"="%ProgramFiles%\\Hewlett-Packard\\HP Wireless Assistant\\WiFiMsg.exe" "hkey"="HKLM" "item"="WAWifiMessage" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" "hkey"="HKLM" "item"="Windows Defender" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Mobile Device Center" "hkey"="HKLM" "command"="%windir%\\WindowsMobile\\wmdc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Snelle start.lnk] "backup"="C:\\Windows\\pss\\Adobe Reader Snelle start.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="Adobe Reader Snelle start" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Reader Snelle start.lnk" "command"="C:\\PROGRA~1\\Adobe\\READER~1.0\\Reader\\READER~1.EXE " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] "backup"="C:\\Windows\\pss\\Adobe Reader Synchronizer.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="Adobe Reader Synchronizer" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Reader Synchronizer.lnk" "command"="C:\\PROGRA~1\\Adobe\\READER~1.0\\Reader\\ADOBEC~1.EXE " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] "backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="BTTray" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk" "command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" ==== Startup Folders ====================== 2010-08-20 00:47:30 1051 ----a-w- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2009-12-30 04:16:02 963 ----a-w- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk 2011-01-29 15:38:30 1917 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nike+ Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\0C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [01/06/2010 18:18] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000Core.job --a------ C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [28/05/2011 20:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000UA.job --a------ C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [28/05/2011 20:38] C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17/01/2013 22:16] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Go to RoboForm Install page" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMGMMMLJIMJMJJIMKJCNMJMJIMOJCNLMPMIMGMCNGMMMLMKJCNJMLJNMMJGMNMKJIMMMNMMJOMJNJICMIMCNOMCNJMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMLMFMOMPMKJIJMIFMPMJNHICMOMPMKJIJMIJNBJCMCLGJEJKJJNKJCMJNNICMJNDJCMBJDJ"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000Core" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000UA" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Health Check" ["C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\system32\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe] "C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\{A3C54BD4-8D10-4590-A1A3-3320AC45CA43}" ["c:\users\mike\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{C03FD6F2-170A-49EB-AEB5-C32FB249BAA1}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha6540.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha6540\ff" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] ekmmaodgjoloidnjepepnhhejmkklmog - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta160\ch\VideoPlayerV3beta160.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 02:23] ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx[20/04/2012 05:18] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Mike\AppData\Local\Smartbar/Application\1Extension.crx[] AdBlock - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Media Player - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jppjknnalobdglnndbmkmmfomngocahe Google Wallet - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.oilandgasjobsearch.com_0.localstorage deleted successfully C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.oilandgasjobsearch.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPC38EA89D-157D-4ED2-BFCE-F924896904B0&SSPV=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop" "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e330b943-9f77-4dc8-9353-1b8e526d8918} deleted successfully HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e330b943-9f77-4dc8-9353-1b8e526d8918} deleted successfully HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{e330b943-9f77-4dc8-9353-1b8e526d8918} deleted successfully HKEY_CLASSES_ROOT\CLSID\{7ebd3ee6-95db-41dc-a12a-92c8b0be644c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{e330b943-9f77-4dc8-9353-1b8e526d8918} deleted successfully HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7ebd3ee6-95db-41dc-a12a-92c8b0be644c} deleted successfully HKEY_USERS\S-1-5-21-2161359088-2458219194-4079469670-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@VideoPlayerV3beta160.net deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha6540.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4CDBF999-51DE-574B-6F0A-4291316B00AF} deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ekmmaodgjoloidnjepepnhhejmkklmog deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8 deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Mike\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5364 folders=373 558310750 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Mike\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Mike\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Mike\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not found "C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Mike\AppData\Local\Pokki" not found ==== EOF on di 04/02/2014 at 17:08:12,01 ======================
  5. mimoun
    Beste, Ik heb hetzelfde probleem als Hugo. Hier alvast mijn log-bestand. Dank bij voorbaat. Logfile of random's system information tool 1.09 (written by random/random) Run by Mike at 2014-02-03 17:21:59 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 17 GB (17%) free of 102 GB Total RAM: 2046 MB (34% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\AmiUpdXp.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2161359088-2458219194-4079469670-1000UA.job C:\Windows\tasks\ROC_REG_JAN_DELETE.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}] AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-10-15 1417336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-27 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ebd3ee6-95db-41dc-a12a-92c8b0be644c}] Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha6540\ie\MediaPlayerV1alpha6540.dll [2014-01-30 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-27 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] SearchSettings Class - C:\Program Files\Search Settings\SearchSettings.dll [2010-01-08 1109504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e330b943-9f77-4dc8-9353-1b8e526d8918}] Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta160\ie\VideoPlayerV3beta160.dll [2014-01-07 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640] "SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2010-01-08 974848] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-10-03 13826664] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\ssmmgr.exe [2010-06-08 618496] "AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520] "beid"=C:\Program Files\Belgium Identity Card\beid35gui.exe [2011-02-03 2068480] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888] "ConnectionCenter"=C:\Program Files\Citrix\ICA Client\concentr.exe [2010-03-11 300400] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] "MessengerPlusForSkypeService"=C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-02-27 125952] "mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616] "Remote Mouse"=C:\Program Files\Remote Mouse\RemoteMouse.exe [2011-03-22 874496] "Google Update"=C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-28 136176] "MobileDocuments"=C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [2012-02-23 59240] "Pokki"=C:\Users\Mike\AppData\Local\Pokki\Engine\Launcher.dll [2013-11-01 1240344] "iLivid"=C:\Users\Mike\AppData\Local\iLivid\iLivid.exe -autorun [] "se"=C:\Users\Mike\AppData\Roaming\SkypEmoticons\SE.exe [2014-01-31 5665696] ""= [] "NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS] c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\Windows\system32\NvCpl.dll [2009-10-03 13826664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\Windows\system32\NvMcTray.dll [2009-10-03 92776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService] C:\Program Files\HP\QuickPlay\QPService.exe [2007-04-23 176128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-10-09 729088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe [2007-05-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe [2009-07-14 660480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Snelle start.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-12-20 719664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Nike+ Utility.lnk - C:\Program Files\Nike+ Utility\Nike+ Utility.exe C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticetext"= [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "msacm.l3codecp"= ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-03 17:21:59 ----D---- C:\Program Files\trend micro 2014-02-03 17:21:58 ----D---- C:\rsit 2014-02-02 01:58:17 ----D---- C:\Program Files\MediaPlayerV1 2014-01-31 12:01:47 ----N---- C:\bootsqm.dat 2014-01-31 12:00:27 ----SHD---- C:\found.004 2014-01-23 10:18:50 ----D---- C:\Users\Mike\AppData\Roaming\Nokia Suite 2014-01-22 12:16:53 ----D---- C:\Program Files\Common Files\Nokia 2014-01-22 12:15:52 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys 2014-01-22 12:15:31 ----D---- C:\Program Files\PC Connectivity Solution 2014-01-22 12:08:56 ----D---- C:\ProgramData\NokiaInstallerCache 2014-01-22 12:08:56 ----D---- C:\Program Files\Nokia 2014-01-13 00:43:55 ----D---- C:\Program Files\VideoPlayerV3 ======List of files/folders modified in the last 1 month====== 2014-02-03 17:21:59 ----RD---- C:\Program Files 2014-02-03 16:35:32 ----D---- C:\Users\Mike\AppData\Roaming\Dropbox 2014-02-03 16:27:13 ----D---- C:\Windows\Temp 2014-02-02 03:04:42 ----D---- C:\Users\Mike\AppData\Roaming\Skype 2014-02-02 01:58:51 ----A---- C:\extensions.ini 2014-02-02 01:58:31 ----HD---- C:\ProgramData 2014-02-02 01:58:19 ----HD---- C:\Windows\system32\GroupPolicy 2014-02-01 21:38:55 ----D---- C:\Windows\system32\drivers\AVG 2014-02-01 21:37:42 ----SHD---- C:\Windows\Installer 2014-02-01 21:37:37 ----HD---- C:\Config.Msi 2014-01-31 12:05:55 ----D---- C:\Windows\Prefetch 2014-01-31 00:50:24 ----D---- C:\Users\Mike\AppData\Roaming\SkypEmoticons 2014-01-30 23:56:53 ----D---- C:\Program Files\SearchProtect 2014-01-30 23:56:04 ----D---- C:\Windows 2014-01-30 23:48:33 ----D---- C:\Windows\Minidump 2014-01-28 02:20:50 ----D---- C:\Windows\System32 2014-01-28 02:20:50 ----D---- C:\Windows\inf 2014-01-28 02:20:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-27 18:59:12 ----D---- C:\Windows\system32\catroot 2014-01-23 10:18:15 ----D---- C:\Users\Mike\AppData\Roaming\PC Suite 2014-01-23 10:17:37 ----D---- C:\Windows\system32\drivers 2014-01-22 12:19:09 ----D---- C:\ProgramData\Nokia 2014-01-22 12:16:53 ----D---- C:\Program Files\Common Files 2014-01-22 12:15:52 ----DC---- C:\Windows\system32\DRVSTORE 2014-01-22 12:15:51 ----D---- C:\Windows\system32\DriverStore 2014-01-16 10:06:22 ----D---- C:\Windows\system32\NDF 2014-01-13 00:42:54 ----D---- C:\Windows\system32\catroot2 2014-01-09 01:23:21 ----D---- C:\Users\Mike\AppData\Roaming\vlc 2014-01-09 00:50:02 ----SHD---- C:\System Volume Information 2014-01-04 22:14:18 ----D---- C:\ProgramData\SearchNewTab 2014-01-04 22:14:10 ----D---- C:\ProgramData\DownloaaD keeiper 2014-01-04 12:21:20 ----D---- C:\Windows\system32\wdi ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 65584] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-07-29 5120] R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344] R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736] R3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992] R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] S1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2007-01-02 80688] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-03-01 2216448] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-03-17 140288] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 15872] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-02-15 43520] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144] R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2013-10-16 5175856] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243] R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593] R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-01-29 2301216] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728] R2 MsgPlusService;Messenger Plus! Service; C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-02-27 125952] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2010-11-05 128848] R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2010-11-05 128848] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-01 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S2 Util SecretSauce;Util SecretSauce; C:\Program Files\SecretSauce\bin\utilSecretSauce.exe [] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-01 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-10-28 3407292] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1343400] S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2010-11-05 128848] -----------------EOF-----------------
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.