djessdog

Hallo, ik kreeg een laptop met Windows Vista, maar het moederbord daarvan is volledig verloren gegaan. Nu heb ik de harddisk eruit weten te redden en probeer de e-mails te redden. Is er m.a.w. een tool om de e-mails te backuppen (ik heb geen andere windows laptop wel een Imac) en ze vervolgens te importeren in de mail van een Ipad? De harddisk kan ik lezen via een externe schijf-sleef. Ik heb reeds geprobeerd met de app mail monkey om de mails te converteren naar een mailformat voor de Ipad, maar dat is helaas niet gelukt. D.w.z. alle mails krijgen de juiste extensie maar ik kan het niet importeren in de Mail van de Ipad. Zoek ik het te ver?

Nee, ik vind dat het nu erg goed gaat! Hij loopt niet meer vast, en ook de programma's kunnen weer gewoon geopend worden. Hartelijk dank voor jullie deskundig advies en begeleiding!

OK # AdwCleaner v3.018 - Report created 13/02/2014 at 15:52:26 # Updated 28/01/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Evanne - PC_VAN_EVANNE # Running from : C:\Users\Evanne\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8949C266-9E3D-4EC0-B065-FBC84A5B388E} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8949C266-9E3D-4EC0-B065-FBC84A5B388E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\ParetoLogic Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\systweak Key Deleted : HKLM\Software\ParetoLogic Key Deleted : HKLM\Software\systweak Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E} ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.19499 -\\ Mozilla Firefox v3.6.28 (nl) [ File : C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Evanne\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1724 octets] - [13/02/2014 15:45:02] AdwCleaner[s0].txt - [1733 octets] - [13/02/2014 15:52:26] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1793 octets] ##########

en als dat is gebeurd? moet ik dan weer een log produceren?

Hier het resultaat van zoek.exe Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Evanne on do 13-02-2014 at 7:53:18,89. MicrosoftÆ Windows Vistaô Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Evanne\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 13-2-2014 7:57:23 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\ProgramData\AVAST Software deleted successfully C:\Users\Evanne\AppData\Roaming\U3 deleted successfully C:\Users\Evanne\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1136623961-3287669430-1088312469-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Util FindRight deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default user.js not found ---- Lines Sweet removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.sweet-page.com/newtab/?type=nt&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"); user_pref("browser.search.defaultenginename", "sweet-page"); user_pref("browser.search.selectedEngine", "sweet-page"); user_pref("browser.startup.homepage", "http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_13-02-2014_0840_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command] @="C:\\Program Files\\Mozilla Firefox\\firefox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\} not found C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack deleted C:\\Users\\Evanne\\AppData\\Roaming\\0F1F1C2Y1H1P1C0I0T deleted C:\\Users\\Evanne\\AppData\\Roaming\\ParetoLogic deleted C:\\Users\\Evanne\\AppData\\Roaming\\DriverCure deleted C:\\ProgramData\\ParetoLogic deleted C:\\Users\\Evanne\\AppData\\Roaming\\systweak deleted C:\\Program Files\\Mobogenie deleted C:\Program Files\Mozilla Firefox deleted C:\Users\Evanne\daemonprocess.txt deleted C:\Program Files\GUT35F7.tmp deleted C:\Program Files\GUT92BF.tmp deleted C:\Program Files\GUTAB4D.tmp deleted C:\Program Files\GUTCEE9.tmp deleted C:\Program Files\GUTD3CE.tmp deleted C:\Program Files\GUM35E6.tmp deleted C:\Program Files\GUM92AE.tmp deleted C:\Program Files\GUMAB4C.tmp deleted C:\Program Files\GUMCEB9.tmp deleted C:\Program Files\GUMD3BD.tmp deleted C:\Users\Evanne\AppData\Local\MoboGenie deleted C:\Windows\system32\tasks\RegClean Pro deleted C:\Windows\system32\roboot.exe deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome.manifest" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\install.rdf" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\index.html" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\newtab.html" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\newtabplus.xul" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\options.xul" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn.html" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\all.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\blank.gif" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\classification.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\default-wallpaper.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\default.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\game.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\google.com.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\google.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\help.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\icon.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\iconsmall.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\ie_logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\line.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\load.gif" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\logo.ico" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\main.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\oNewtab.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\photosload.gif" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\searchButton.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\settings.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\shoping.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\style.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\submit_buttion.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\uploadpaper.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\wallpaper_buttion.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weather.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weather.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weatherlogo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\webstore.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\wedo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\easing.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\ga.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\google.autocomplete.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery-1.8.0.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery-base.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery.autocomplete.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery.sortable.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\js.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\lazyload.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\newtabplus.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\options.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\wrap.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\xa.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\xagainit.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\google.com.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\quickSearch.js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\skin_0.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW\locale.dtd" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW\locale.properties" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\bookmarks.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\cloud.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\extensions.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\lastVisited.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\quickSearch.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\setup.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\download.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\skins.css" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\defaultBg.svg" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\defaultBgIco.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\idialog_s.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\ios5_button.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\left.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\loading.gif" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\loading2.gif" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_bg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_left.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_right.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\right.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\titleBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\wedo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\buttonBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\categoryBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\cn_outSideLogo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\cn_uploadLogo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\icons.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\outSideLogo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchButton.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchLeft.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\selected.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\tabsBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\uploadLogo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img\extensionsbtn.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\baidu.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\bing.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\google.com.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\google.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\linktype.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\searchButton.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\taobao.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\yahoo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0\dialBoxStyle.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0\icons.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\headerBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\logo.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0\categoryBg.png" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0\icons.png" deleted "C:\\Program Files\\FindRight\updateFindRight.exe" deleted "C:\Program Files\FindRight\updateFindRight.exe" deleted "C:\\Program Files\\FindRight\bin\utilFindRight.exe" deleted "C:\Program Files\FindRight\bin\utilFindRight.exe" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img" deleted "C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0" deleted "C:\\Program Files\\FindRight" not deleted "C:\Program Files\FindRight" not deleted "C:\\Program Files\\FindRight\bin" not deleted "C:\Program Files\FindRight\bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Evanne\AppData\Local\Temp ==== 2014-02-11 13:54:37 9EB54EABFB8B9FA02BFC48AF3A9FD020 41984 ----a-w- C:\Users\Evanne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxx2pam.dll 2014-02-08 20:42:11 C0F543C0A9EF23C2DDCF93CD922324AB 20240336 ----a-w- C:\Users\Evanne\AppData\Local\Temp\Mobogenie_Setup_2-1-37_613.exe 2014-02-05 09:33:20 1A29223420079456E8BE516BAEAE719F 5700688 ----a-w- C:\Users\Evanne\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-02-12 12:44:15 6F01E59ED7ADE15C0ECD138037D1BFCB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-02-12 12:44:13 4D533BE929A05AFC736BD9A5B957AA82 174080 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-12 12:44:12 3554D5001281A1D836B9BBB30530D106 25600 ----a-w- C:\Windows\System32\jsproxy.dll 2014-02-12 12:44:12 2B45D225F56385EE9841D7FF2E7793F4 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-02-12 12:44:11 902690A71DA969C0B157F96BD4110366 2005504 ----a-w- C:\Windows\System32\iertutil.dll 2014-02-12 12:44:10 732833FE6FE26FE6B2D3DA8A1823A7FE 55808 ----a-w- C:\Windows\System32\iernonce.dll 2014-02-12 12:44:10 4ECF98D402E9397C391FB3EB4ED60DF6 1213440 ----a-w- C:\Windows\System32\urlmon.dll 2014-02-12 12:44:09 DADEBF72E480F970B7F200082D49D85A 133632 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-12 12:44:09 98ED8AC09ECD23C31AF211562C0ED389 387584 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-02-12 12:44:09 5CE024AD2C4AA64F1589AC39109F07F8 916992 ----a-w- C:\Windows\System32\wininet.dll 2014-02-12 12:44:08 2035B9C2BD915C5F3B6A4F24EF2027BC 630272 ----a-w- C:\Windows\System32\msfeeds.dll 2014-02-12 12:44:06 8BAC9D8207D681F049CE4439BE2A5DFA 109056 ----a-w- C:\Windows\System32\iesysprep.dll 2014-02-12 12:44:06 6C824DBC5E197C3C2463FE093B05A3CB 1469440 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-02-12 12:43:59 BF0BB9193C905AC595719A306898A0BF 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2014-02-12 12:43:58 C5A19525D723B179994A3D1677FB4A86 206848 ----a-w- C:\Windows\System32\occache.dll 2014-02-12 12:43:57 F8AD3F2C9B5272F2F6CB4283BEC449CE 11111424 ----a-w- C:\Windows\System32\ieframe.dll 2014-02-12 12:43:57 E91AB23F0C6F9BE77F44E7B64140D751 71680 ----a-w- C:\Windows\System32\iesetup.dll 2014-02-12 12:43:53 A412FDC6BE7A3AFE9DB15EE5CCA56231 18944 ----a-w- C:\Windows\System32\corpol.dll 2014-02-12 12:43:52 A16E9C8B46887C7A072605875A2E7127 43520 ----a-w- C:\Windows\System32\licmgr10.dll 2014-02-12 12:43:51 35F76AB3A67EAA08888B0146AF43960F 164352 ----a-w- C:\Windows\System32\ieui.dll 2014-02-12 12:43:50 9084C6F6659A659DA4E59E493FF8A359 385024 ----a-w- C:\Windows\System32\html.iec 2014-02-12 12:43:50 58939D717886CDE70555478AB2D2862B 184320 ----a-w- C:\Windows\System32\iepeers.dll 2014-02-12 12:43:49 737EACC805F4BF3D0B1177203B9A2BE4 67072 ----a-w- C:\Windows\System32\mshtmled.dll 2014-02-12 12:43:48 D84ADEFB4972B41B0F67188F6C8E4581 611840 ----a-w- C:\Windows\System32\mstime.dll 2014-02-12 12:43:47 9C197E060E25E4D0ACADC81CA99B08D1 105984 ----a-w- C:\Windows\System32\url.dll 2014-02-12 12:43:46 6DD8A505EE63E2DA22E9FF3501D1C05C 6019584 ----a-w- C:\Windows\System32\mshtml.dll 2014-02-12 06:33:56 F5AD3D55D71D8FF7C2BDE5A4D7078ED8 420864 ----a-w- C:\Windows\System32\vbscript.dll 2014-02-12 06:32:06 BA53A05A630D4B8B5DA5427E4C633479 1248768 ----a-w- C:\Windows\System32\msxml3.dll 2014-02-11 18:00:11 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2014-02-11 16:17:59 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-02-11 16:17:54 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-02-11 16:17:46 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll 2014-02-11 16:17:46 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll 2014-02-11 16:17:45 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2014-02-11 16:17:44 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll 2014-02-11 16:17:44 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-02-11 16:17:44 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2014-02-11 16:17:44 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2014-02-11 16:17:43 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2014-02-11 16:17:43 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2014-02-11 16:12:29 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-02-11 16:12:29 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-02-11 16:12:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-02-11 16:12:27 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll 2014-02-11 16:12:27 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-02-11 15:32:03 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll 2014-02-11 15:31:55 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2014-02-11 15:30:50 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll ====== C:\Windows\system32\drivers ===== 2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-02-11 15:32:04 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-22 19:37:26 A2882E8E32852F1FC46BB7ACF3E9F1B5 107256 ----a-w- C:\Windows\System32\drivers\RapportKELL.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-12 15:21:51 -------- d-----w- C:\Program Files\trend micro 2014-02-09 15:01:31 -------- d-----w- C:\Program Files\FindRight 2014-02-08 20:55:10 -------- d-----w- C:\Program Files\TeamViewer ======= C: ===== 2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS 2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS ====== C:\Users\Evanne\AppData\Roaming ====== 2014-02-09 14:29:54 -------- d-----w- C:\Users\Evanne\AppData\Local\ElevatedDiagnostics 2014-02-08 20:46:11 -------- d-----w- C:\Users\Evanne\AppData\Local\Mozilla 2014-02-08 20:46:06 -------- d-----w- C:\Users\Evanne\AppData\Roaming\Mozilla ====== C:\Users\Evanne ====== 2014-02-12 15:15:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Evanne\Desktop\RSIT.exe 2014-02-11 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-02-09 17:26:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run(2).exe 2014-02-09 17:23:47 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run.exe 2014-02-09 17:07:48 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Evanne\Downloads\chromeinstall-7u51.exe 2014-02-09 15:14:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-02-09 14:12:33 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.RNP.Run.exe 2014-02-08 22:43:45 6E8CD9409823BEA643C3C01958210CE4 37660568 ----a-w- C:\Users\Evanne\Downloads\Dropbox 2.6.2(2).exe 2014-02-08 20:53:51 0D7C0BC4553183F45A38C6218274A2EF 5853328 ----a-w- C:\Users\Evanne\Downloads\TeamViewer_Setup_nl.exe 2014-02-08 20:51:11 078D66AD44C5E9DF5C473DACE05D6DAF 282968 ----a-w- C:\Users\Evanne\Downloads\Firefox Setup Stub 27.0.exe ====== C: exe-files == 2014-02-12 15:21:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Evanne.exe 2014-02-12 15:15:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Evanne\Desktop\RSIT.exe 2014-02-12 12:44:15 6F01E59ED7ADE15C0ECD138037D1BFCB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-02-12 12:44:13 4D533BE929A05AFC736BD9A5B957AA82 174080 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-12 12:44:09 DADEBF72E480F970B7F200082D49D85A 133632 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-12 12:44:07 B43392B1F2546C8F0963F5E5F49BE95D 376320 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-12 12:43:42 153A7C95B3E529725FB60632BD0B2DD7 638120 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-11 16:12:29 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-02-11 16:12:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-02-11 13:45:30 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\7c7a501d-48b3-4ffc-9954-06d71409dbce\csrss.exe 2014-02-11 13:45:30 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\3d173000-a8ed-4b5f-a71e-39456ab599e9\dwm.exe 2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\92176ca3-2ddf-4dfd-aad8-a35d4d966b3f\TPwrMain.exe 2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\9151e282-e67e-4783-9463-209d2ebbd0e7\RapportService.exe 2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\77abad2d-ed18-423f-bda7-5ed1e1f1ba32\hkcmd.exe 2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\1a4be01b-ed17-4208-91b5-fc34c7e83596\igfxpers.exe 2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\e9f70cc8-e51f-4090-83e1-2d2882c5cc99\RtHDVCpl.exe 2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\ada4704e-4577-40e0-a1cd-c297bdea1905\TOSCDSPD.exe 2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\a8f5a662-25ee-47f2-bdc7-9a08d17d8197\hpwuSchd2.exe 2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\94defef9-8e0f-4608-9c61-37261e2c6ab9\SmoothView.exe 2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\370cf422-47ae-449e-b289-c2c7ab9a5620\MSASCui.exe 2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\e8b5d12e-da90-435a-b820-7452a44740f7\NDSTray.exe 2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\a77beb6f-6bc9-4cca-ba36-9d81e3706422\wmpnscfg.exe 2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\550ba23f-d9af-4c69-b58a-0a9ff988a0cc\CFSwMgr.exe 2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\4cdc1568-da53-4e2e-9277-ef28bf4280e0\ehtray.exe 2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\d7f05737-0158-4b17-8401-f93cb32056ab\SynTPHelper.exe 2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\ae20e3af-c826-47ab-8449-84ed5f6fb4e3\conime.exe 2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\8d4f582b-4155-415b-9800-bad8fba4e62d\taskeng.exe 2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\7b8fc7b9-5606-462d-b776-215474067519\SynTPEnh.exe 2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\dc74c45e-2d5f-47c5-ad13-6e3b19dc4e62\taskeng.exe 2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\c76213c3-4547-42d9-b84f-cf08fbe425ca\TCrdMain.exe 2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\8efc26d7-f3b9-42e1-a878-f98a06762ca4\AvastUI.exe 2014-02-11 13:45:24 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\0e7a3256-5497-4f93-bb59-2c4449c4a384\explorer.exe 2014-02-09 17:26:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run(2).exe 2014-02-09 17:23:47 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run.exe 2014-02-09 17:08:17 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Evanne\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-09 17:07:48 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Evanne\Downloads\chromeinstall-7u51.exe 2014-02-09 15:19:34 C41D0C34D86ACCBB28148B066EAD1311 1710392 ------w- C:\ProgramData\HP\Installer\Temp\hpzmsi01.exe 2014-02-09 15:13:57 4336FBC3A8A75922456D194391A5999C 36528344 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.107\32.0.1700.107_chrome_installer.exe 2014-02-09 14:12:33 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.RNP.Run.exe 2014-02-08 22:43:45 6E8CD9409823BEA643C3C01958210CE4 37660568 ----a-w- C:\Users\Evanne\Downloads\Dropbox 2.6.2(2).exe 2014-02-08 20:55:16 FFF1DAC7CAF8EEA4A14680F89603C21F 462480 ----a-w- C:\Program Files\TeamViewer\Version9\uninstall.exe 2014-02-08 20:55:16 E89B5502726C2B2B54751644FF587B1E 202592 ----a-w- C:\Program Files\TeamViewer\Version9\tv_w32.exe 2014-02-08 20:55:16 C32E6295D7D024B2302EFF1A7FEFD720 4915040 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe 2014-02-08 20:55:16 058717CBDB12598B60DC437AF1FFA104 238432 ----a-w- C:\Program Files\TeamViewer\Version9\tv_x64.exe 2014-02-08 20:55:15 3022B5E75BEC45B6082361AFCA8D41A5 4415328 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe 2014-02-08 20:55:13 FCE5499C5CD3364037D83C55B3C00DEA 12493152 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer.exe 2014-02-08 20:53:51 0D7C0BC4553183F45A38C6218274A2EF 5853328 ----a-w- C:\Users\Evanne\Downloads\TeamViewer_Setup_nl.exe 2014-02-08 20:51:11 078D66AD44C5E9DF5C473DACE05D6DAF 282968 ----a-w- C:\Users\Evanne\Downloads\Firefox Setup Stub 27.0.exe 2014-02-08 20:42:11 C0F543C0A9EF23C2DDCF93CD922324AB 20240336 ----a-w- C:\Users\Evanne\AppData\Local\Temp\Mobogenie_Setup_2-1-37_613.exe === C: other files == 2014-02-11 16:17:59 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys 2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys 2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-02-11 15:32:04 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-02-11 15:32:01 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys 2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_052c97ea\usbvideo.sys 2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-02-11 15:31:59 49A623C16E482F4D31AD0EBD801DD8EC 68608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_933ee10a\usbcir.sys 2014-02-11 15:31:59 1114579556DB85E9FAF9590DBC64CD62 73344 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_e74ab35a\USBAUDIO.sys 2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbd.sys 2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbport.sys 2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys 2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbhub.sys 2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys 2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-02-11 14:14:32 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbohci.sys 2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbuhci.sys 2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbehci.sys 2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-02-11 14:10:08 AB51E1F08C8E789D6C9E8B94D15BE9A9 340432 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys 2014-02-11 14:10:08 000D82CC258E2D341605A6F350C4D1E6 606672 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys 2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS 2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS 2014-02-09 15:01:24 1707EEEC102FADDB29DD17585A99F3CB 1837759 ----a-w- C:\Users\Evanne\AppData\Local\Temp\fullpackage_temp1391958083\package1.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1136623961-3287669430-1088312469-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="RtHDVCpl.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "NDSTray.exe"="NDSTray.exe" "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Skytel"="Skytel.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL" ==== Startup Folders ====================== 2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-01-2012 12:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-01-2012 12:33] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [01-08-2010 15:40] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default - Undetermined - C:\Program Files\AVAST Software\Avast\WebRep\FF - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} ==== Firefox Plugins ====================== Profilepath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default 49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat D6A4682A6FF41832A3F1A7AB9AE08199 - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll - Java Platform SE 6 U3 CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin ==== Chrome Look ====================== Google Wallet - Evanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT" "Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT" "Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT" "Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}" "Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {25183DBC-A540-4F8F-B9EA-D69769AC0359} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== shortcuts on Users Desktops ====================== C:\Users\Evanne\Desktop\Foto's\myphotobook.lnk - C:\Program Files\myphotobook\myphotobook.exe C:\Users\Evanne\Desktop\Foto's\Windows Live Photo Gallery.lnk - C:\Program Files\HP\Print Projects\Common01\Bin\HpqWLPG03.exe C:\Users\Evanne\Desktop\Hulpprogramma's\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Users\Evanne\Desktop\Hulpprogramma's\avast Free Antivirus.lnk - C:\Users\Evanne\Desktop\Hulpprogramma's\HP Solution Center.lnk - C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe C:\Users\Evanne\Desktop\Hulpprogramma's\Ouneno - Stap 1.lnk - C:\Users\Evanne\Desktop\Hulpprogramma's\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Users\Evanne\Desktop\Hulpprogramma's\TOSHIBA Assist.lnk - C:\Program Files\TOSHIBA\TOSHIBA Assist\TInTouch.exe C:\Users\Evanne\Desktop\Hulpprogramma's\TOSHIBA Gebruikershandleiding.lnk - C:\Program Files\TOSHIBA\Manuals\SPR6L300VNL0.pdf C:\Users\Evanne\Desktop\Onderhoud\RegClean Pro.lnk - C:\Program Files\RegClean Pro\RegCleanPro.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\Microsoft Works.lnk - C:\Program Files\Microsoft Works\MSWorks.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Veilige modus).lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging Console.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -config C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging starten.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -userstart C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging stoppen.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -shutdown ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Veilige modus).lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Evanne\AppData\Local\Mozilla\Firefox\Profiles\otn14c4m.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Evanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=973 folders=166 616732622 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Evanne\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Evanne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\FindRight" not found ==== EOF on do 13-02-2014 at 9:07:01,94 ======================

Hallo, hierbij het logje: Logfile of random's system information tool 1.09 (written by random/random) Run by Evanne at 2014-02-12 16:21:50 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 25 GB (33%) free of 76 GB Total RAM: 3061 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:22:56, on 12-2-2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19499) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Evanne\Desktop\RSIT.exe C:\Program Files\trend micro\Evanne.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing) O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Update FindRight - Unknown owner - C:\Program Files\FindRight\updateFindRight.exe O23 - Service: Util FindRight - Unknown owner - C:\Program Files\FindRight\bin\utilFindRight.exe -- End of file - 8471 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default prefs.js - "browser.startup.homepage" - "http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT" prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, wrc@avast.com:8.0.1497, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ browser.xpt browserdirprovider.dll brwsrcmp.dll components.list FeedConverter.js FeedProcessor.js FeedWriter.js fuelApplication.js GPSDGeolocationProvider.js jsconsole-clhandler.js NetworkGeolocationProvider.js nsAddonRepository.js nsBadCertHandler.js nsBlocklistService.js nsBrowserContentHandler.js nsBrowserGlue.js nsContentDispatchChooser.js nsContentPrefService.js nsDefaultCLH.js nsDownloadManagerUI.js nsExtensionManager.js nsFormAutoComplete.js nsHandlerService.js nsHelperAppDlg.js nsINIProcessor.js nsLivemarkService.js nsLoginInfo.js nsLoginManager.js nsLoginManagerPrompter.js nsMicrosummaryService.js nsPlacesAutoComplete.js nsPlacesDBFlush.js nsPlacesTransactionsService.js nsPrivateBrowsingService.js nsProxyAutoConfig.js nsSafebrowsingApplication.js nsSearchService.js nsSearchSuggestions.js nsSessionStartup.js nsSessionStore.js nsSetDefaultBrowser.js nsSidebar.js nsTaggingService.js nsTryToClose.js nsUpdateService.js nsUpdateServiceStub.js nsUpdateTimerManager.js nsUrlClassifierLib.js nsUrlClassifierListManager.js nsURLFormatter.js nsWebHandlerApp.js pluginGlue.js storage-Legacy.js storage-mozStorage.js txEXSLTRegExFunctions.js WebContentConverter.js C:\Program Files\Mozilla Firefox\plugins\ npnul32.dll C:\Program Files\Mozilla Firefox\searchplugins\ bolcom-nl.xml google.xml marktplaats-nl.xml sweet-page.xml vandale-nl.xml wikipedia-nl.xml yahoo-nl.xml C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\extensions\ 1391958098_xpi jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack {20a82645-c095-46ed-80e3-08825760534b} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-02-26 2423872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-02-26 2423872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-05 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-05 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-05 129560] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416] "NDSTray.exe"=NDSTray.exe [] "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920] "Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-01-29 430080] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2007-09-13 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-12 16:21:51 ----D---- C:\Program Files\trend micro 2014-02-12 16:21:50 ----D---- C:\rsit 2014-02-12 16:03:13 ----D---- C:\Windows\Migration 2014-02-12 13:44:15 ----A---- C:\Windows\system32\msfeedssync.exe 2014-02-12 13:44:13 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-12 13:44:12 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-02-12 13:44:12 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-12 13:44:11 ----A---- C:\Windows\system32\iertutil.dll 2014-02-12 13:44:10 ----A---- C:\Windows\system32\urlmon.dll 2014-02-12 13:44:10 ----A---- C:\Windows\system32\iernonce.dll 2014-02-12 13:44:09 ----A---- C:\Windows\system32\wininet.dll 2014-02-12 13:44:09 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-12 13:44:09 ----A---- C:\Windows\system32\iedkcs32.dll 2014-02-12 13:44:08 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-12 13:44:06 ----A---- C:\Windows\system32\iesysprep.dll 2014-02-12 13:43:58 ----A---- C:\Windows\system32\occache.dll 2014-02-12 13:43:57 ----A---- C:\Windows\system32\iesetup.dll 2014-02-12 13:43:57 ----A---- C:\Windows\system32\ieframe.dll 2014-02-12 13:43:53 ----A---- C:\Windows\system32\corpol.dll 2014-02-12 13:43:52 ----A---- C:\Windows\system32\licmgr10.dll 2014-02-12 13:43:51 ----A---- C:\Windows\system32\ieui.dll 2014-02-12 13:43:50 ----A---- C:\Windows\system32\iepeers.dll 2014-02-12 13:43:49 ----A---- C:\Windows\system32\mshtmled.dll 2014-02-12 13:43:48 ----A---- C:\Windows\system32\mstime.dll 2014-02-12 13:43:47 ----A---- C:\Windows\system32\url.dll 2014-02-12 13:43:46 ----A---- C:\Windows\system32\mshtml.dll 2014-02-12 07:33:56 ----A---- C:\Windows\system32\vbscript.dll 2014-02-12 07:32:06 ----A---- C:\Windows\system32\msxml3.dll 2014-02-11 19:00:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-02-11 17:17:59 ----A---- C:\Windows\system32\win32k.sys 2014-02-11 17:17:54 ----A---- C:\Windows\system32\SysFxUI.dll 2014-02-11 17:17:54 ----A---- C:\Windows\system32\drivers\portcls.sys 2014-02-11 17:17:54 ----A---- C:\Windows\system32\drivers\drmk.sys 2014-02-11 17:17:46 ----A---- C:\Windows\system32\FntCache.dll 2014-02-11 17:17:46 ----A---- C:\Windows\system32\DWrite.dll 2014-02-11 17:17:45 ----A---- C:\Windows\system32\d3d10level9.dll 2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10core.dll 2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10_1core.dll 2014-02-11 17:17:44 ----A---- C:\Windows\system32\d2d1.dll 2014-02-11 17:17:43 ----A---- C:\Windows\system32\d3d10_1.dll 2014-02-11 17:17:43 ----A---- C:\Windows\system32\d3d10.dll 2014-02-11 17:12:29 ----A---- C:\Windows\system32\wscript.exe 2014-02-11 17:12:28 ----A---- C:\Windows\system32\cscript.exe 2014-02-11 17:12:27 ----A---- C:\Windows\system32\wshcon.dll 2014-02-11 17:12:27 ----A---- C:\Windows\system32\scrrun.dll 2014-02-11 16:32:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-02-11 16:32:03 ----A---- C:\Windows\system32\cdd.dll 2014-02-11 16:31:59 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2014-02-11 16:31:55 ----A---- C:\Windows\system32\gdi32.dll 2014-02-11 16:30:50 ----A---- C:\Windows\system32\crypt32.dll 2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-02-11 15:14:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-02-11 15:14:32 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-02-11 15:03:13 ----ASH---- C:\hiberfil.sys 2014-02-11 14:38:24 ----D---- C:\avast! sandbox 2014-02-11 14:24:18 ----RASH---- C:\MSDOS.SYS 2014-02-11 14:24:18 ----RASH---- C:\IO.SYS 2014-02-09 17:42:43 ----A---- C:\Windows\ntbtlog.txt 2014-02-09 16:37:09 ----D---- C:\Windows\SoftwareDistribution 2014-02-09 16:12:51 ----D---- C:\Users\Evanne\AppData\Roaming\0F1F1C2Y1H1P1C0I0T 2014-02-09 16:01:31 ----D---- C:\Program Files\FindRight 2014-02-09 15:39:54 ----D---- C:\Users\Evanne\AppData\Roaming\ParetoLogic 2014-02-09 15:39:54 ----D---- C:\Users\Evanne\AppData\Roaming\DriverCure 2014-02-09 15:39:50 ----D---- C:\ProgramData\ParetoLogic 2014-02-08 21:55:10 ----D---- C:\Program Files\TeamViewer 2014-02-08 21:49:15 ----A---- C:\Windows\system32\roboot.exe 2014-02-08 21:49:10 ----D---- C:\Users\Evanne\AppData\Roaming\systweak 2014-02-08 21:46:06 ----D---- C:\Users\Evanne\AppData\Roaming\Mozilla 2014-02-08 21:45:20 ----D---- C:\Program Files\Mobogenie 2014-02-08 21:43:50 ----D---- C:\Program Files\Mozilla Firefox 2014-01-22 20:37:26 ----A---- C:\Windows\system32\drivers\RapportKELL.sys ======List of files/folders modified in the last 1 month====== 2014-02-12 16:22:23 ----D---- C:\Windows\Temp 2014-02-12 16:21:53 ----D---- C:\Windows\Prefetch 2014-02-12 16:21:51 ----RD---- C:\Program Files 2014-02-12 16:17:00 ----AD---- C:\Windows\System32 2014-02-12 16:17:00 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-12 16:14:31 ----SHD---- C:\Windows\Installer 2014-02-12 16:14:30 ----HD---- C:\Config.Msi 2014-02-12 16:14:19 ----D---- C:\Windows\Microsoft.NET 2014-02-12 16:09:47 ----RSD---- C:\Windows\assembly 2014-02-12 16:09:07 ----D---- C:\Windows\inf 2014-02-12 16:03:58 ----D---- C:\Windows\system32\en-US 2014-02-12 16:03:13 ----SD---- C:\ProgramData\Microsoft 2014-02-12 16:03:13 ----D---- C:\Windows 2014-02-12 16:00:08 ----SHD---- C:\System Volume Information 2014-02-12 15:30:57 ----D---- C:\Program Files\Internet Explorer 2014-02-12 15:30:56 ----D---- C:\Windows\system32\migration 2014-02-12 13:55:15 ----D---- C:\Windows\winsxs 2014-02-12 13:41:07 ----D---- C:\Windows\system32\catroot 2014-02-12 13:41:05 ----D---- C:\Windows\system32\catroot2 2014-02-12 07:40:46 ----D---- C:\Windows\system32\MRT 2014-02-12 07:36:24 ----A---- C:\Windows\system32\mrt.exe 2014-02-12 07:09:18 ----D---- C:\Windows\Debug 2014-02-11 20:16:27 ----D---- C:\Program Files\Google 2014-02-11 17:51:43 ----D---- C:\Windows\system32\drivers 2014-02-11 17:51:42 ----D---- C:\Windows\system32\RTCOM 2014-02-11 16:58:59 ----D---- C:\Windows\rescache 2014-02-11 16:35:42 ----D---- C:\Windows\system32\nl-NL 2014-02-11 15:24:17 ----D---- C:\Program Files\Microsoft Silverlight 2014-02-11 14:58:25 ----D---- C:\ProgramData\AVAST Software 2014-02-11 14:58:13 ----SD---- C:\Windows\system32\Microsoft 2014-02-11 14:21:33 ----D---- C:\Windows\system32\Tasks 2014-02-09 16:18:03 ----D---- C:\Windows\Panther 2014-02-09 15:53:23 ----D---- C:\Windows\Tasks 2014-02-09 15:39:50 ----HD---- C:\ProgramData 2014-02-09 15:39:50 ----D---- C:\Program Files\Common Files 2014-02-09 15:36:25 ----D---- C:\Windows\AppPatch 2014-02-09 13:27:50 ----D---- C:\Windows\Minidump 2014-02-09 13:27:45 ----SD---- C:\Windows\Downloaded Program Files 2014-02-09 00:13:25 ----D---- C:\Windows\system32\LogFiles 2014-02-08 21:57:36 ----RSD---- C:\Windows\Fonts 2014-02-08 15:39:16 ----SD---- C:\Users\Evanne\AppData\Roaming\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2014-01-22 107256] R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 RapportCerberus_59849;RapportCerberus_59849; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [2014-02-11 340432] R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2014-01-22 155704] R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2014-01-22 228888] R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-12-28 104448] R3 RTL8187B;Realtek RTL8187B draadloos 802.11b/g 54Mbps USB 2.0 netwerkadapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584] S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-01-22 1444120] R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-05 4915040] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632] R2 TosCoSrv;TOSHIBA Power Saver; c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152] R2 Update FindRight;Update FindRight; C:\Program Files\FindRight\updateFindRight.exe [2014-02-05 80160] R2 Util FindRight;Util FindRight; C:\Program Files\FindRight\bin\utilFindRight.exe [2014-02-09 80160] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-26 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-26 1836544] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-26 136176] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-26 138168] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------

Een vriend van me heeft een laptop met Windows Vista Home Premium. Het ding wordt niet veel door hem gebruikt. Nu loopt de laptop regelmatig vast. Dat wil zeggen programma's die ik wil opstarten reageren na een paar tellen niet meer. Updates downloaden en installeren loopt ook vast. Er is sinds vorig jaar augustus (2013) geen update meer gedaan. Ik heb gezocht naar een punt van systeemherstel, maar dat was niet ingesteld. Ik heb geheugencontrole en schijfcontrole uitgevoerd. Beide controles waren OK. Ik heb gecontroleerd op mal- en spyware, maar dat leverde niets op. Iedere keer als ik de laptop opnieuw opstart, krijg ik de keuze of ik het in veilige modus (met de 2 varianten daarbij) of normaal wil laten opstarten. Al met al is het een beetje ronddraaien in een cirkel. Nu dacht ik om een herinstallatie van Windows Vista Home Premium te doen. Maar de originele cd's zijn niet meer aanwezig. Ik heb nu een image genomen en die op dvd gezet. Mijn idee is dan dat ik dmv de setup.exe van de dvd uit te voeren een schone installatie kan uitvoeren. Echter nadat ik setup.exe heb aangeklikt gebeurt er niets. Op de laptop staat een OEM versie geinstalleerd. Wat kan ik nu het beste doen?