Ga naar inhoud

wibo

Lid
  • Items

    26
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door wibo

  1. Bedankt voor je moeite en tip! Quote : "Als je de sortering in de kolom A van de doelmap wil behouden, zal je een ander systeem moeten zoeken dan de koppelingen die je nu gebruikt." Eenvoudige oplossing die lijkt te werken is een extra nieuwe koppeling voor Kolom A maken vanuit de bronmap.
  2. Hallo ik heb ondertussen wat geexperimenteerd op mijn "probleemmap", weliswaar op de zeer gecondenseerde versie. Het A-Z sorteren genereert meestal geen fouten in de doelmap, maar soms wel. Het resultaat lijkt niet afhankelijk van de koppelingnotering met of zonder $. Waarschijnlijk zit er toch een bugje in de bronmap , of zien jullie andere ooorzaken? In bijlage mijn bestanden van vandaag. Map koppeling test.xlsm Franky-matic-v1.8-2 WB excel test.xlsm
  3. Bedankt voor de moeite! Ik heb een broncellenmap en een doelcellenmap bijgevoegd. De bronmap werkt met een macro voor de interne berekeningen. Ik krijg automatisch een $-notering als ik de broncellen één na één kopieer en koppel. Kopieer ik de cellen "en vrac" dan is er geen $-notering. Merkwaardig in de doelcelmap is dat het niet uitmaakt qua verwijzing of er een $- notering voor de cel is, of niet. Hoe dan ook , in de testmappen lijkt alles te lukken bij het A-Z sorteren van kolommen in de bronmap. In mijn "echte" probleemmap (met overal $-noteringen in de doelcellen) lukt het voorlopig NIET! Ik zoek morgen verder of wacht op een tip. test met doelcellen.xlsm test met broncellen.xlsm
  4. Ik heb in Excel 2007 een aantal broncellen gekoppeld aan doelcellen (in een andere map). Wanneer de broncellen van plaats veranderen, bv na alfabetisch sorteren, kloppen de waarden in de doelcellen niet meer. Hoe kan ik een "permanente" koppeling naar (de WAARDEN in) de broncellen instellen? Alvast dank voor de tips!
  5. Mensen, juicht: Iobit is weer bereikbaar. Het zou me wel benieuwen wat er fout was gelopen, zodat ik u met dit probleem niet meer onnodig hoef lastig te vallen. Alvast heel hartelijk dank voor uw hulp en expertise!
  6. Zoek.exe Version 4.0.0.5 Updated 30-November-2013 Tool run by willy on di 03/12/2013 at 17:33:51.19. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Docuwilly\Acer\probleem dec\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-12-03-090618.log 45121 bytes ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- user_20130312_1740_.backup prefs_20130312_1740_.backup ==== Deleting Files \ Folders ====================== C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03/12/2013 09:26] ==== Firefox Extensions ====================== ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default - Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0 - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF - Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org - nzbdStatus - %ProfilePath%\extensions\sabnzbdstatus@dq5studios.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] Advanced SystemCare Surfing Protection - willy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\willy\AppData\Local\Mozilla\Firefox\Profiles\f6fjst1m.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\willy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 03/12/2013 at 17:45:17.00 ======================
  7. Ik weet niet of dit een hint kan zijn: wanneer ik in uw antwoord op uw link naar AdwCleaner click, krijg ik helaas dit: "De verbinding werd geherinitialiseerd De verbinding met de server werd geherinitialiseerd tijdens het laden van de pagina. Misschien is de website tijdelijk niet beschikbaar of overbelast. Probeer het over enkele ogenblikken opnieuw. Controleer uw netwerkverbinding als u geen enkele pagina kunt laden. Verzeker u ervan dat Firefox toegang heeft tot het web als uw computer of netwerk is beveiligd door een firewall of proxyserver."
  8. Heb via Chrome geprobeerd Iobit te bereiken. Resultaat: " [h=1]Deze webpagina is niet beschikbaar"[/h] Log van AdwCleaner ( interface zag er anders uit / heb dit gekregen via "search" # AdwCleaner v1.606 - Logfile created 12/03/2013 at 14:27:41 # Updated 10/05/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : willy - WILLY-PC2012 # Running from : C:\Users\willy\Desktop\adwcleaner-1.606-en.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Found : HKLM\SOFTWARE\Iminent Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 [x64] Key Found : HKLM\SOFTWARE\Tarma Installer [x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ***** [internet Browsers] ***** -\\ Internet Explorer v9.11.9600.16428 [OK] Registry is clean. -\\ Mozilla Firefox v25.0.1 (nl) Profile name : default File : C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js [OK] File is clean. -\\ Google Chrome v30.0.1599.101 File : C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [2100 octets] - [03/12/2013 14:27:10] AdwCleaner[R2].txt - [2041 octets] - [03/12/2013 14:27:41] ########## EOF - C:\AdwCleaner[R2].txt - [2169 octets] ##########
  9. Ik ben inderdaad blij dat ik alvast van die rotrzooi verlost ben. Helaas blijft het initiële probleem bestaan: kan geen berbinding maken met de Iobitserver, ook niet via hun website/"Products". Het is wel zo dat ik van hun Malware Fighter vandaag wel automatisch de meest recente databaseversie heb binnengekregen.
  10. Zoek.exe Version 4.0.0.5 Updated 30-November-2013 Tool run by willy on di 03/12/2013 at 9:45:51.29. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Docuwilly\virus probleem\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 3/12/2013 9:51:27 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Avi met vobsub deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Search Results Toolbar deleted successfully C:\PROGRA~2\SlySoft deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\Program Files\log deleted successfully C:\ProgramData\DriverGenius deleted successfully C:\ProgramData\Evernote deleted successfully C:\ProgramData\iMesh deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\SlySoft deleted successfully C:\ProgramData\WinZipEC deleted successfully C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\willy\AppData\Roaming\Media Player Classic deleted successfully C:\Users\willy\AppData\Roaming\Spotnet deleted successfully C:\Users\willy\AppData\Roaming\TP deleted successfully C:\Users\willy\AppData\Local\iMesh deleted successfully C:\Users\willy\AppData\Local\PackageAware deleted successfully C:\Users\willy\AppData\Local\Spotnet deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js: user_pref("browser.startup.homepage", "https://dub118.mail.live.com/default.aspx"); Added to C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); user_pref("extensions.BabylonToolbar.autoRvrt", "false"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.id", "8c840da3000000000000386077fad955"); user_pref("extensions.BabylonToolbar.instlDay", "15705"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.rvrt", "false"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=8c840da3000000000000386077fad955&q="); user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2"); user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=0112_3"); user_pref("extensions.BabylonToolbar_i.excTlbr", false); user_pref("extensions.BabylonToolbar_i.newTab", false); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:25:24"); ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=8c840da3000000000000386077fad955&q="); user_pref("extensions.BabylonToolbar.id", "8c840da3000000000000386077fad955"); user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); user_pref("extensions.BabylonToolbar.instlDay", "15705"); user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2"); user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:25:24"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar_i.excTlbr", false); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=0112_3"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar.autoRvrt", "false"); user_pref("extensions.BabylonToolbar.rvrt", "false"); user_pref("extensions.BabylonToolbar_i.newTab", false); ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "8c840da3000000000000386077fad955"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.523:38:20"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "8c840da3000000000000386077fad955"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.523:38:20"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines incredibar removed from prefs.js ---- user_pref("extensions.incredibar.actvtyRptTime", "1352409126347"); user_pref("extensions.incredibar.admin", false); user_pref("extensions.incredibar.aflt", "orgnl"); user_pref("extensions.incredibar.afterInstallRpt", "sent"); user_pref("extensions.incredibar.cntry", "BE"); user_pref("extensions.incredibar.dfltlng", "en"); user_pref("extensions.incredibar.dfltLng", "EN"); user_pref("extensions.incredibar.dfltsrch", "false"); user_pref("extensions.incredibar.dfltSrch", false); user_pref("extensions.incredibar.did", "10658"); user_pref("extensions.incredibar.envrmnt", "production"); user_pref("extensions.incredibar.excTlbr", false); user_pref("extensions.incredibar.hdrMd5", "97F352184698535436E8C07F77349195"); user_pref("extensions.incredibar.hmpg", false); user_pref("extensions.incredibar.hrdid", "8c840da3000000000000386077fad955"); user_pref("extensions.incredibar.id", "8c840da3000000000000386077fad955"); user_pref("extensions.incredibar.installerproductid", "26"); user_pref("extensions.incredibar.instlday", "15652"); user_pref("extensions.incredibar.instlDay", "15652"); user_pref("extensions.incredibar.instlref", ""); user_pref("extensions.incredibar.instlRef", ""); user_pref("extensions.incredibar.isdcmntcmplt", "false"); user_pref("extensions.incredibar.isDcmntCmplt", true); user_pref("extensions.incredibar.keywordurl", ""); user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1422:08:35"); user_pref("extensions.incredibar.mntrvrsn", "1.2.0"); user_pref("extensions.incredibar.newtab", "false"); user_pref("extensions.incredibar.newTab", false); user_pref("extensions.incredibar.newtaburl", ""); user_pref("extensions.incredibar.noFFXTlbr", false); user_pref("extensions.incredibar.ppd", ""); user_pref("extensions.incredibar.prdct", "incredibar"); user_pref("extensions.incredibar.productid", "26"); user_pref("extensions.incredibar.prtnrId", "Incredibar"); user_pref("extensions.incredibar.prtnrid", "Incredibar"); user_pref("extensions.incredibar.sg", "none"); user_pref("extensions.incredibar.smplGrp", "none"); user_pref("extensions.incredibar.smplgrp", "none"); user_pref("extensions.incredibar.srch", ""); user_pref("extensions.incredibar.srchprvdr", ""); user_pref("extensions.incredibar.tlbrId", "base"); user_pref("extensions.incredibar.tlbrid", "base"); user_pref("extensions.incredibar.tlbrsrchurl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar.upn2", "6R8KEUaA3l"); user_pref("extensions.incredibar.upn2n", "92825368076577295"); user_pref("extensions.incredibar.vrsn", "1.5.11.14"); user_pref("extensions.incredibar.vrsni", "1.5.11.14"); user_pref("extensions.incredibar.vrsnTs", "1.5.11.1422:08:35"); user_pref("extensions.incredibar.vrsnts", "1.5.11.1422:08:35"); user_pref("extensions.incredibar_i.aflt", "orgnl"); user_pref("extensions.incredibar_i.dfltLng", ""); user_pref("extensions.incredibar_i.did", "10658"); user_pref("extensions.incredibar_i.excTlbr", false); user_pref("extensions.incredibar_i.id", "8c840da3000000000000386077fad955"); user_pref("extensions.incredibar_i.installerproductid", "26"); user_pref("extensions.incredibar_i.instlDay", "15652"); user_pref("extensions.incredibar_i.instlRef", ""); user_pref("extensions.incredibar_i.ms_url_id", ""); user_pref("extensions.incredibar_i.newTab", false); user_pref("extensions.incredibar_i.ppd", ""); user_pref("extensions.incredibar_i.prdct", "incredibar"); user_pref("extensions.incredibar_i.productid", "26"); user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); user_pref("extensions.incredibar_i.smplGrp", "none"); user_pref("extensions.incredibar_i.tlbrId", "base"); user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar_i.upn2", "6R8KEUaA3l"); user_pref("extensions.incredibar_i.upn2n", "92825368076577295"); user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:08:35"); ---- Lines incredibar removed from user.js ---- user_pref("extensions.incredibar_i.newTab", false); user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar_i.id", "8c840da3000000000000386077fad955"); user_pref("extensions.incredibar_i.instlDay", "15652"); user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:08:35"); user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); user_pref("extensions.incredibar_i.prdct", "incredibar"); user_pref("extensions.incredibar_i.aflt", "orgnl"); user_pref("extensions.incredibar_i.smplGrp", "none"); user_pref("extensions.incredibar_i.tlbrId", "base"); user_pref("extensions.incredibar_i.instlRef", ""); user_pref("extensions.incredibar_i.dfltLng", ""); user_pref("extensions.incredibar_i.excTlbr", false); user_pref("extensions.incredibar_i.ms_url_id", ""); user_pref("extensions.incredibar_i.upn2", "6R8KEUaA3l"); user_pref("extensions.incredibar_i.upn2n", "92825368076577295"); user_pref("extensions.incredibar_i.productid", "26"); user_pref("extensions.incredibar_i.installerproductid", "26"); user_pref("extensions.incredibar_i.did", "10658"); user_pref("extensions.incredibar_i.ppd", ""); ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers"); user_pref("extentions.y2layers.installId", "c128ecdf-6668-4cf7-a2c7-4f42126a0384"); ---- Lines y2layers removed from user.js ---- user_pref("extentions.y2layers.installId", "c128ecdf-6668-4cf7-a2c7-4f42126a0384"); user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers"); ---- Lines yontoo removed from prefs.js ---- user_pref("extensions.plugin@yontoo.com.install-event-fired", true); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- Lines {28387537-e3f9-4ed7-860c-11e69af4a8a0} removed from prefs.js ---- user_pref("extensions.{28387537-e3f9-4ed7-860c-11e69af4a8a0}.install-event-fired", true); ---- FireFox user.js and prefs.js backups ---- user_20130312_0957_.backup prefs_20130312_0957_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] ==== Deleting Files \ Folders ====================== C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted C:\PROGRA~2\Free Download Manager deleted C:\PROGRA~2\iMesh Applications deleted C:\Program Files\Web Assistant deleted C:\ProgramData\boost_interprocess deleted C:\ProgramData\SweetIM deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Premium deleted C:\Users\willy\AppData\Local\Software deleted C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager deleted C:\Users\willy\AppData\LocalLow\mediabarim deleted C:\Windows\wininit.ini deleted C:\user.js deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\babylon.xml deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\babylon1.xml deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\MyStart Search.xml deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\Search_Results.xml deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\Invalidprefs.js deleted C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\jetpack deleted C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4} deleted "C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\delta.xml" deleted "C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\sweetim.xml" deleted "C:\Windows\Installer\1aaad5.msi" deleted "C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\delta.xml" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\willy\AppData\Local\Temp ==== 2013-11-26 14:23:54 D496480A00ABDE0655C0FDCE9530B43E 216064 ----a-w- C:\Users\willy\AppData\Local\Temp\gcapi_dll.dll 2013-11-26 14:23:54 D4945107DF8F56CC4DC858C0694C13E2 26688 ----a-w- C:\Users\willy\AppData\Local\Temp\Checkupdate.exe 2013-11-26 14:23:54 B8B811C4655490676C2DED04E531F106 9577536 ----a-w- C:\Users\willy\AppData\Local\Temp\Foxit Reader Updater.exe 2013-11-26 14:23:54 23700AA70D1751D592D8641FC0E0660F 73408 ----a-w- C:\Users\willy\AppData\Local\Temp\gtapi_signed.dll 2013-11-19 10:04:27 6B1D908AAACC6B4793D749AB9D950BE2 121448 ----a-w- C:\Users\willy\AppData\Local\Temp\clear.fiClient\cabarc.exe ====== Java Cache ===== 2013-11-18 16:38:45 0FC73B4C93ACC0A41A4B70AC7A47D2C5 112 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\49acf8dc-6.0.lap 2013-11-27 16:31:34 074A12C92DFCE141F58ACDDA028DD9DE 898 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3d9bb503-2e15475d 2013-11-18 16:38:45 BB8206952D02F91A75100B3DB480A95F 80 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\b857c20-6.0.lap 2013-11-27 16:31:31 2097D00A4A940CDFD975E5A0C1186559 80 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\51a50bd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2013-11-28 20:46:01 99DE7F0838685CE9F4C39E58FEE6F48B 790272 ----a-w- C:\Windows\SysWOW64\MaxxAudioAPOShell.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-11-28 20:46:08 A58E46E776CFAD5DCBC8C2D9A920E7B4 582056 ----a-w- C:\Windows\Sysnative\tosasfapo64.dll 2013-11-28 20:46:08 771536F10F1A419622787FB5D27A8E6B 871856 ----a-w- C:\Windows\Sysnative\tossaeapo64.dll 2013-11-28 20:46:08 68C8E504065F3724D873DE7942D5F72C 2103040 ----a-w- C:\Windows\Sysnative\WavesGUILib64.dll 2013-11-28 20:46:08 3D30D3B2776C1A24F6498F569466E8D7 162224 ----a-w- C:\Windows\Sysnative\toseaeapo64.dll 2013-11-28 20:46:07 D29D34D0AF33EDD9D604816154CBFE6A 244480 ----a-w- C:\Windows\Sysnative\slprp64.dll 2013-11-28 20:46:07 D1A3064BD95D337804EFCF6D8C03B406 897792 ----a-w- C:\Windows\Sysnative\sl3apo64.dll 2013-11-28 20:46:07 CC0434CBB00ECF7B4FDD072A4101AC60 1014016 ----a-w- C:\Windows\Sysnative\slcnt64.dll 2013-11-28 20:46:07 B4D7A07098508A3BCC3C57612F890F98 947760 ----a-w- C:\Windows\Sysnative\SFSS_APO.dll 2013-11-28 20:46:07 43B0E62B728A04A73FE6FAE3274FFEE7 722688 ----a-w- C:\Windows\Sysnative\sltech64.dll 2013-11-28 20:46:06 027D50CF8F4A9FAFF61B49958CFED1ED 2810072 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll 2013-11-28 20:46:05 8BFA2E598156C9224545DD3317856D9B 2587864 ----a-w- C:\Windows\Sysnative\RtkAPO64.dll 2013-11-28 20:46:04 C08DE9FE49B8DE126EE7A42C7C80450E 1021656 ----a-w- C:\Windows\Sysnative\RtkApi64.dll 2013-11-28 20:46:04 B6FB3F1D359FA0D293E952FD1550BB41 153304 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll 2013-11-28 20:46:04 A0DC2F4C3A743339B3941BAFA39FDC0A 38385664 ----a-w- C:\Windows\Sysnative\RCoRes64.dat 2013-11-28 20:46:04 6294EB69AE8907495D3F69C19676DBC0 1286360 ----a-w- C:\Windows\Sysnative\RTCOM64.dll 2013-11-28 20:46:04 20B2E41DAA40B18444C19C1CCE9577DE 617176 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll 2013-11-28 20:46:03 CA2F732F51BB609265DDC9A851ECDB27 929080 ----a-w- C:\Windows\Sysnative\NAHIMICAPOSettingsIPC.dll 2013-11-28 20:46:03 68E48600A04EF184B42B52634D703856 5751576 ----a-w- C:\Windows\Sysnative\NAHIMICAPOlfx.dll 2013-11-28 20:46:02 DF1C73C391BD249E400B017ECEBF2BB8 3714304 ----a-w- C:\Windows\Sysnative\MaxxAudioVnN64.dll 2013-11-28 20:46:02 8C3D0711219078FB6601C39387EB7B30 1286400 ----a-w- C:\Windows\Sysnative\MaxxSpeechAPO64.dll 2013-11-28 20:46:02 587A8CF457604D84266FF858CEB60223 662784 ----a-w- C:\Windows\Sysnative\MaxxVolumeSDAPO.dll 2013-11-28 20:46:02 32E91908A319CF4FDDE18C6F5699E0E0 907008 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO2064.dll 2013-11-28 20:46:02 1B89185D5D7AB3A10B4309E16C62CC30 27644160 ----a-w- C:\Windows\Sysnative\MaxxAudioVnA64.dll 2013-11-28 20:46:01 A0E82776B44BA5A89755D872B003887F 1921792 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek264.dll 2013-11-28 20:46:01 932271059AE180C436D5CA7AF2B0637C 14152960 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek64.dll 2013-11-28 20:46:01 7C29CDA779E9CEA80075F45E34E55A8E 1345280 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO5064.dll 2013-11-28 20:46:01 3829AF61A8442CC4F63D908E82A09705 1012992 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll 2013-11-28 20:46:01 20F371119BB00A073BDBAEC5BFBD1C30 2036992 ----a-w- C:\Windows\Sysnative\MaxxAudioEQ64.dll 2013-11-28 20:46:00 315AEF22E309E724AD0575C75E7EF5F3 1084160 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO4064.dll 2013-11-28 20:46:00 06080807E61471A18AD99F3E6FF3C9B5 663296 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO30.dll 2013-11-28 20:45:57 A9B98F96FBE514ADEABD20B2BD132172 415680 ----a-w- C:\Windows\Sysnative\DTSU2PREC64.dll 2013-11-28 20:45:57 922CDA544EB5C5A57795B38ED5871B69 2743328 ----a-w- C:\Windows\Sysnative\FMAPO64.dll 2013-11-28 20:45:57 8AE860D92752CFA136979B1FF797FFDC 501184 ----a-w- C:\Windows\Sysnative\DTSU2PLFX64.dll 2013-11-28 20:45:57 37B8A8089ECED77F6CEAF74917C5D12B 487360 ----a-w- C:\Windows\Sysnative\DTSU2PGFX64.dll 2013-11-28 20:45:56 FAC24F4CC63235D9533DD6605E5EE6F0 1938608 ----a-w- C:\Windows\Sysnative\DDPD64A.dll 2013-11-28 20:45:56 F2CF417EF502555B139EDCD9FEBF9CD3 109848 ----a-w- C:\Windows\Sysnative\AcpiServiceVnA64.dll 2013-11-28 20:45:56 B827E0AE582ACD641F0B2B052773A5CA 6217904 ----a-w- C:\Windows\Sysnative\DDPP64A.dll 2013-11-28 20:45:56 A1C8F811777EFA1B6BD82B226016CF2D 313520 ----a-w- C:\Windows\Sysnative\DDPO64A.dll 2013-11-28 20:45:56 82DF29C6D5571BFA69429563F0AED677 260272 ----a-w- C:\Windows\Sysnative\DDPA64.dll 2013-11-28 20:45:56 6E14F444A2506049EEC25CB5EDFE0905 113576 ----a-w- C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll 2013-11-28 20:45:56 2D0895BED270D1A8CADD981A5BFC0AE5 605496 ----a-w- C:\Windows\Sysnative\audioLibVc.dll 2013-11-28 20:45:56 2CBDC11690656A1A2D03EC65AE2BCE68 209096 ----a-w- C:\Windows\Sysnative\AERTAC64.dll ====== C:\Windows\Sysnative\drivers ===== 2013-11-28 20:46:06 1EF2A77F3F4951CC25EEEA882376A769 5681192 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat 2013-11-28 20:46:05 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2013-11-28 20:46:04 C8C7EAD8098EA7468D651F3459657240 681905 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT 2013-11-14 10:22:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-11-14 10:22:08 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-11-14 10:22:08 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2013-11-14 10:22:08 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2013-11-05 10:14:33 8074830CF6121F4C70CC9C32F2D8BCCB 2850 ----a-w- C:\Windows\Sysnative\Tasks\ASC7_SkipUac_willy ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-02 19:08:47 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\willy\AppData\Roaming ====== 2013-11-14 19:32:44 -------- d-----w- C:\Users\willy\AppData\Locallow\ADSRemoval ====== C:\Users\willy ====== 2013-12-03 08:26:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2013-12-02 19:08:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\willy\Downloads\RSITx64.exe 2013-11-28 20:46:54 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2013-11-23 16:49:42 A6C8B39BCED92B2DAEAE587EA00F344F 12902696 ----a-w- C:\Users\willy\Downloads\winamp566_full_nl-nl.exe 2013-11-14 19:32:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2013-11-05 10:14:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2013-11-05 10:14:44 -------- d-----w- C:\ProgramData\ProductData 2013-11-05 10:14:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7 ====== C: exe-files == 2013-12-02 19:08:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\willy.exe 2013-12-02 19:08:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\willy\Downloads\RSITx64.exe 2013-11-28 20:46:08 ACA3B1A550ED553028F5FDBFA0398A22 101120 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc.exe 2013-11-28 20:46:08 A3E3A08C75737EBC84E50816B86F4338 287488 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe 2013-11-28 20:46:06 07622F6D69B93403FC9CBB40450DD842 1719000 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe 2013-11-28 20:46:05 DABD4AB3D049ECA6AFFD61B63A997728 289496 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2013-11-28 20:46:05 CF161C7C6B23A8827C41292F60E6B078 7204568 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 2013-11-28 20:46:04 54BF6A01D8E2C804612703F878E2BCDC 978648 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe 2013-11-28 20:46:03 BAF91E0F5CDE5300D4957859B8893D03 1361112 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2013-11-28 20:46:03 16438B000BF56F2CD7FDB5E6C3B38C7E 13662936 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2013-11-28 20:46:01 AF1BEA73ACEA5C17113D832EECBC74B8 3669248 ----a-w- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe 2013-11-28 20:45:57 6688B6F74C360CBC366B7AF948D9084D 240576 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe 2013-11-26 14:23:54 D4945107DF8F56CC4DC858C0694C13E2 26688 ----a-w- C:\Users\willy\AppData\Local\Temp\Checkupdate.exe 2013-11-26 14:23:54 B8B811C4655490676C2DED04E531F106 9577536 ----a-w- C:\Users\willy\AppData\Local\Temp\Foxit Reader Updater.exe === C: other files == 2013-11-28 20:46:05 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 5"="C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 5"="C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe /check" "WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 5] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Advanced SystemCare 5" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 5\\ASCTray.exe\" /AutoStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcadeMovieService" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hotkey Utility] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hotkey Utility" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Acer\\Hotkey Utility\\HotkeyUtility.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="\"C:\\Windows\\system32\\hkcmd.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="\"C:\\Windows\\system32\\igfxtray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Reader Application Helper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader Application Helper" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Sony\\ReaderDesktop\\appHelper\\ReaderAppHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="\"c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe\" -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdvancedSystemCareService5] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EgisTec Ticket Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NOBU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\Driver Booster Startup.job --a------ C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [08/09/2013 10:39] C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [08/09/2013 10:12] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/07/2012 17:14] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/07/2012 17:14] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_willy" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster Startup" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task aa398b79-5e4c-43ab-867a-6b5629e239f9" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03/12/2013 09:26] ==== Firefox Extensions ====================== ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default - Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0 - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - Ads Removal - %ProfilePath%\extensions\adsremoval@adsremoval.net - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org - GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi - nzbdStatus - %ProfilePath%\extensions\sabnzbdstatus@dq5studios.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash ==== Deleted Firefox Extensions ====================== C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\extensions\gophoto@gophoto.it.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - No path found[] jbpkiefagocgkmemidfngdkamloieekf - No path found[] nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] YouTube - willy - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - willy - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Ads Removal - willy - Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod avast Online Security - willy - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Advanced SystemCare Surfing Protection - willy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Chrome In-App Payments service - willy - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - willy - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.babylon.com/?affID=109220&tt=0112_3&babsrc=HP_ss&mntrId=8c840da3000000000000386077fad955" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Download Manager_is1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\willy\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\willy\AppData\Local\Mozilla\Firefox\Profiles\f6fjst1m.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\willy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 03/12/2013 at 10:06:18.45 ======================
  11. Mijn Log-file via RSIT: Logfile of random's system information tool 1.09 (written by random/random) Run by willy at 2013-12-02 20:08:47 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 204 GB (77%) free of 266 GB Total RAM: 4000 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:09:11, on 2/12/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\AVAST Software\Avast\Setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\willy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file) O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe /check O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11594 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" "C:\Program Files\AVAST Software\Avast\afwServ.exe" taskeng.exe {DF813B1A-9984-4DF9-A2C5-A9F5F3833668} C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Windows\System32\igfxpers.exe" "C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files\AVAST Software\Avast\Setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe" /check taskeng.exe {7286F051-CB55-4ABA-A1C7-4D0217425786} "C:\Program Files (x86)\Winamp\winampa.exe" "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe" "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\system32\svchost.exe -k SDRSVC taskhost.exe $(Arg0) "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552 "C:\Users\willy\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k WerSvcGroup ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Driver Booster Startup.job C:\Windows\tasks\Driver Booster Update.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default prefs.js - "browser.startup.homepage" - "https://dub118.mail.live.com/default.aspx" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@sony.com/ReaderDesktop] "Description"=Reader for PC is installed if this plugin exists "Path"=C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll NPOFF12.DLL npwachk.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ Search_Results.xml C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\extensions\ adsremoval@adsremoval.net ascsurfingprotection@iobit.com en-GB@dictionaries.addons.mozilla.org C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\ babylon.xml babylon1.xml delta.xml MyStart Search.xml Search_Results.xml sweetim.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-05 2486592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 553384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 210856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-19 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-01-11 365056] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {28387537-e3f9-4ed7-860c-11e69af4a8a0} {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-01 442352] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-28 13662936] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2012-05-28 288128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2012-09-19 188944] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\Windows\system32\hkcmd.exe [2013-10-01 399856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\Windows\system32\igfxtray.exe [2013-10-01 172016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] C:\Windows\system32\igfxpers.exe [2013-10-01 442352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2012-11-08 898952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL] c:\program files\realtek\audio\hda\ravcpl64.exe [2013-11-28 13662936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-11-14 6604568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe [2013-11-20 85600] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968] ""= [] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2013-11-13 1574208] "20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe [2013-11-23 180184] "WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2013-11-20 85600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2013-10-01 442880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameConsole-wt.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameConsole.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameLauncher.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GamesAppService.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GREG.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GREGsvc.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MUILink.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PatchHelper.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Restore.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.ac3filter"=ac3filter64.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-02 20:08:47 ----D---- C:\rsit 2013-12-02 20:08:47 ----D---- C:\Program Files\trend micro 2013-11-28 21:46:08 ----A---- C:\Windows\system32\WavesGUILib64.dll 2013-11-28 21:46:08 ----A---- C:\Windows\system32\tossaeapo64.dll 2013-11-28 21:46:08 ----A---- C:\Windows\system32\toseaeapo64.dll 2013-11-28 21:46:08 ----A---- C:\Windows\system32\tosasfapo64.dll 2013-11-28 21:46:07 ----A---- C:\Windows\system32\sltech64.dll 2013-11-28 21:46:07 ----A---- C:\Windows\system32\slprp64.dll 2013-11-28 21:46:07 ----A---- C:\Windows\system32\slcnt64.dll 2013-11-28 21:46:07 ----A---- C:\Windows\system32\sl3apo64.dll 2013-11-28 21:46:07 ----A---- C:\Windows\system32\SFSS_APO.dll 2013-11-28 21:46:06 ----A---- C:\Windows\system32\RtPgEx64.dll 2013-11-28 21:46:06 ----A---- C:\Windows\system32\drivers\rtvienna.dat 2013-11-28 21:46:05 ----A---- C:\Windows\system32\RtkAPO64.dll 2013-11-28 21:46:05 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys 2013-11-28 21:46:04 ----A---- C:\Windows\system32\RtkApi64.dll 2013-11-28 21:46:04 ----A---- C:\Windows\system32\RtDataProc64.dll 2013-11-28 21:46:04 ----A---- C:\Windows\system32\RTCOM64.dll 2013-11-28 21:46:04 ----A---- C:\Windows\system32\RCoRes64.dat 2013-11-28 21:46:04 ----A---- C:\Windows\system32\RCoInstII64.dll 2013-11-28 21:46:04 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT 2013-11-28 21:46:03 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2013-11-28 21:46:03 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll 2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll 2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll 2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll 2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll 2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll 2013-11-28 21:46:01 ----A---- C:\Windows\SYSWOW64\MaxxAudioAPOShell.dll 2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll 2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll 2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll 2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll 2013-11-28 21:46:00 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll 2013-11-28 21:46:00 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll 2013-11-28 21:45:57 ----A---- C:\Windows\system32\FMAPO64.dll 2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PREC64.dll 2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PLFX64.dll 2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PGFX64.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPP64A.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPO64A.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPD64A.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPA64.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\audioLibVc.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\AERTAC64.dll 2013-11-28 21:45:56 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll 2013-11-16 11:55:15 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-11-14 11:22:29 ----A---- C:\Windows\system32\crypt32.dll 2013-11-14 11:22:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-11-14 11:22:21 ----A---- C:\Windows\system32\drivers\afd.sys 2013-11-14 11:22:18 ----A---- C:\Windows\system32\authui.dll 2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll 2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\credui.dll 2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\authui.dll 2013-11-14 11:22:17 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 11:22:17 ----A---- C:\Windows\system32\credui.dll 2013-11-14 11:22:08 ----A---- C:\Windows\SYSWOW64\schannel.dll 2013-11-14 11:22:08 ----A---- C:\Windows\system32\sspicli.dll 2013-11-14 11:22:08 ----A---- C:\Windows\system32\schannel.dll 2013-11-14 11:22:08 ----A---- C:\Windows\system32\lsass.exe 2013-11-14 11:22:08 ----A---- C:\Windows\system32\lsasrv.dll 2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\cng.sys 2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\secur32.dll 2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2013-11-14 11:22:07 ----A---- C:\Windows\system32\sspisrv.dll 2013-11-14 11:22:07 ----A---- C:\Windows\system32\secur32.dll 2013-11-14 11:22:07 ----A---- C:\Windows\system32\ncrypt.dll 2013-11-14 11:22:02 ----A---- C:\Windows\system32\gdi32.dll 2013-11-14 11:22:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2013-11-14 11:21:59 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL 2013-11-14 11:21:59 ----A---- C:\Windows\system32\nshwfp.dll 2013-11-14 11:21:59 ----A---- C:\Windows\system32\IKEEXT.DLL 2013-11-14 11:21:59 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 11:21:58 ----A---- C:\Windows\SYSWOW64\nshwfp.dll 2013-11-12 09:33:01 ----A---- C:\Windows\system32\IEUDINIT.EXE 2013-11-12 09:29:43 ----A---- C:\Windows\SYSWOW64\elshyph.dll 2013-11-12 09:29:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\wextract.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\url.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\pngfilt.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\occache.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msrating.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msls31.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmler.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshta.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jsIntl.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\inseng.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\imgutil.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iexpress.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\icardie.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\wininet.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\wextract.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\webcheck.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\vbscript.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\urlmon.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\url.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\pngfilt.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\occache.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\msrating.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\msls31.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmlmedia.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmler.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\MshtmlDac.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtml.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshta.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeedssync.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeedsbs.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\licmgr10.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\jsproxy.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\jsIntl.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript9diag.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript9.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\inseng.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\imgutil.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iexpress.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieUnatt.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieui.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iesysprep.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iesetup.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iertutil.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iernonce.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iepeers.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieframe.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwproxystub.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwcollector.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\iedkcs32.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieapfltr.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieapfltr.dat 2013-11-12 09:29:37 ----A---- C:\Windows\system32\IEAdvpack.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\ie4uinit.exe 2013-11-12 09:29:37 ----A---- C:\Windows\system32\icardie.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\elshyph.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\dxtrans.dll 2013-11-12 09:29:37 ----A---- C:\Windows\system32\dxtmsft.dll 2013-11-05 11:14:44 ----D---- C:\ProgramData\ProductData 2013-11-05 11:14:36 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} ======List of files/folders modified in the last 1 month====== 2013-12-02 20:09:04 ----D---- C:\Windows\Temp 2013-12-02 20:08:47 ----RD---- C:\Program Files 2013-12-02 20:08:19 ----D---- C:\Users\willy\AppData\Roaming\Free Download Manager 2013-12-02 20:02:09 ----D---- C:\ProgramData\clear.fi 2013-12-02 20:00:57 ----D---- C:\Windows\system32\config 2013-11-28 22:37:29 ----D---- C:\ProgramData\AllMyMovies 2013-11-28 22:21:23 ----HD---- C:\ProgramData 2013-11-28 21:49:16 ----AD---- C:\Windows 2013-11-28 21:48:02 ----AD---- C:\Windows\System32 2013-11-28 21:46:47 ----D---- C:\Windows\SysWOW64 2013-11-28 21:46:41 ----D---- C:\Windows\SYSWOW64\RTCOM 2013-11-28 21:46:41 ----D---- C:\Windows\system32\drivers 2013-11-28 21:46:35 ----D---- C:\Windows\inf 2013-11-28 21:46:34 ----D---- C:\Windows\system32\catroot 2013-11-28 21:46:32 ----D---- C:\Windows\system32\catroot2 2013-11-28 21:46:31 ----D---- C:\Windows\system32\DriverStore 2013-11-28 21:40:20 ----SHD---- C:\System Volume Information 2013-11-24 20:02:41 ----D---- C:\Users\willy\AppData\Roaming\Winamp 2013-11-23 17:52:09 ----D---- C:\Program Files (x86)\Winamp 2013-11-20 10:56:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-11-19 17:44:04 ----D---- C:\Windows\debug 2013-11-19 11:05:10 ----D---- C:\Windows\SoftwareDistribution 2013-11-19 11:03:33 ----D---- C:\Windows\Panther 2013-11-19 11:03:32 ----D---- C:\Windows\Logs 2013-11-17 21:30:25 ----RD---- C:\Program Files (x86) 2013-11-17 11:25:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-14 20:45:42 ----D---- C:\Program Files\SUPERAntiSpyware 2013-11-14 13:24:35 ----D---- C:\Windows\winsxs 2013-11-14 13:23:11 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-11-14 13:23:11 ----D---- C:\Windows\system32\nl-NL 2013-11-14 11:46:50 ----SHD---- C:\Windows\Installer 2013-11-14 11:46:50 ----SHD---- C:\Config.Msi 2013-11-14 11:46:50 ----D---- C:\ProgramData\Microsoft Help 2013-11-14 11:46:16 ----D---- C:\Windows\system32\MRT 2013-11-14 11:44:47 ----A---- C:\Windows\system32\MRT.exe 2013-11-12 09:34:58 ----D---- C:\Windows\SYSWOW64\migration 2013-11-12 09:34:58 ----D---- C:\Windows\SYSWOW64\en-US 2013-11-12 09:34:58 ----D---- C:\Program Files\Internet Explorer 2013-11-12 09:34:58 ----D---- C:\Program Files (x86)\Internet Explorer 2013-11-12 09:34:57 ----D---- C:\Windows\system32\migration 2013-11-12 09:34:57 ----D---- C:\Windows\system32\en-US 2013-11-12 09:34:57 ----D---- C:\Windows\PolicyDefinitions 2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe 2013-11-08 17:50:21 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-06 20:38:36 ----D---- C:\Users\willy\AppData\Roaming\Foxit Software 2013-11-05 20:12:22 ----D---- C:\Windows\system32\Tasks 2013-11-05 11:22:17 ----D---- C:\Windows\Downloaded Program Files 2013-11-05 11:14:43 ----D---- C:\Program Files (x86)\IObit 2013-11-05 11:14:33 ----D---- C:\ProgramData\IObit 2013-11-05 11:14:32 ----D---- C:\Users\willy\AppData\Roaming\IObit ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600] R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-07-13 12368] R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-08-30 270824] R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336] R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880] R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808] R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-24 644968] R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-24 28008] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720] R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2013-08-30 131232] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-02-03 59520] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-02-03 84736] R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-01 5361920] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-28 3707864] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-03-12 342528] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-03-20 99288] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-03-26 82816] R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-03-26 34336] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-12-21 258784] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-01 883928] R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-03-26 23016] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456] S3 SQTECH905C;DualCamera; C:\Windows\System32\Drivers\Capt905c.sys [2007-11-20 47680] S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-24 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-10-24 30208] S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808] R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-08-30 137960] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-03-20 368600] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752] S2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-20 257416] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279024] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-12 111616] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2012-10-23 73728] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-23 1255736] S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S4 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792] S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424] S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456] S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S4 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568] S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
  12. Sinds enkele weken krijg ik deze boodschap als ik een product van Iobit wil downlaoden of updaten: "Kan geen verbinding maken Firefox kan geen verbinding maken met de server op www.iobit.com." Ligt dit aan mijn instellingen of aan de server van Iobit?
  13. Inderdaad, stekker eruit en na enkele minuten er weer in: poorten zijn "terug". Ik doe dat ook met weerbarstige Philips DVD player.
  14. Juicht mensen,juicht!!!! Mijn usb -poorten werken weer!!!! Na ontelbare (nutteloze?) ingrepen en probeersels, heb ik het ultieme gedaan: computer volgens de regels van de kunst afgesloten, en gedurende 5-tal minuten LOSGEKOPPELD VAN HET STROOMNET. Nadien weer aangesloten en opgestart:usb-poorten werken als vanouds. Als leek denk ik dat het moederbord zichzelf weer helemaal functioneel gezet heeftna de stroomonderbreking. Voor alle "usb-sukkelaars" : misschien is dit wel een bruikbare tip??
  15. het moet helaas Windows 2000 zijn! Iemand "Windows 2000-KB838989-x86-nld" in voorraad?
  16. Geen enkele externe HDD werkt via die poorten, ook usb-sticks niet. BVB externe HDD WD500E035-00. Had zoals gesuggereerd al vooraf de installatie van alle usb poorten ongedaan gemaakt , en door Windows opnieuw laten installeren: geen beterschap. Zou dit een oorzaak kunnen zijn: in: Windows hulp en ondersteuning ( Een USB-apparaat wordt niet opnieuw gedetecteerd na een energiecyclus in Windows XP of Windows 2000 ) "Wanneer u een Pocket PC-apparaat op een USB 2.0-hub aansluit of wanneer u het apparaat uit- en weer inschakelt terwijl het apparaat nog op de USB 2.0-hub is aangesloten, kan Microsoft Windows het apparaat niet meer vinden. Dit probleem kan zich ook voordoen met andere USB-apparaten waarop nog transmissies moeten worden uitgevoerd als het apparaat wordt losgekoppeld en vervolgens weer aangesloten of als het apparaat uit en weer in wordt geschakeld terwijl het nog op de USB 2.0-hub is aangesloten." Probleem is natuurlijk dat de voorgestelde hotfix 838989 Nederlandstalig moet zijn om hem te kunnen installeren, en dus niet meer te downloaden/vinden is.
  17. @ kweezie wabbit Het gaat om een geassembleerde desk top: Naam van besturingssysteem Microsoft Windows 2000 Professional Versie 5.0.2195 Service Pack 4 build 2195 Fabrikant van besturingssysteem Microsoft Corporation Computernaam THUIS-WU5V8OQM4 Computerfabrikant ECS Computermodel M810DLU Type computer X86-based PC Processor x86 Family 6 Model 7 Stepping 1 AuthenticAMD ~1300 Mhz BIOS-versie 06/16/03 Windows-map C:\WINNT Landinstelling Nederland Tijdzone West-Europa (standaardtijd) Totaal fysiek geheugen 490.992 kB Beschikbaar fysiek geheugen 110.016 kB Totaal virtueel geheugen 1.845.572 kB Beschikbaar virtueel geheugen 1.194.396 kB Ruimte voor wisselbestand 1.354.580 kB De onlangs toegevoegde usb poorten werken wel (zie onderste lijn) Apparaat PNP-apparaat-ID SiS 7001 PCI to USB Open Host Controller PCI\VEN_1039&DEV_7001&SUBSYS_54701462&REV_0F\3&61AAA01&0&18 USB-basishub USB\ROOT_HUB\4&3B4FE10C&1 SiS 7001 PCI to USB Open Host Controller PCI\VEN_1039&DEV_7001&SUBSYS_54701462&REV_0F\3&61AAA01&0&19 USB-basishub USB\ROOT_HUB\4&28963067&1 SiS 7002 USB 2.0 Enhanced Host Controller PCI\VEN_1039&DEV_7002&SUBSYS_54701462&REV_00\3&61AAA01&0&1B USB 2.0-hoofhub USB\ROOT_HUB20\4&2684B4D6&1 ALi PCI to USB Open Host Controller PCI\VEN_10B9&DEV_5237&SUBSYS_05171799&REV_03\3&61AAA01&0&48 USB-basishub USB\ROOT_HUB\4&11317053&1 ALi PCI to USB Open Host Controller PCI\VEN_10B9&DEV_5237&SUBSYS_05171799&REV_03\3&61AAA01&0&49 USB-basishub USB\ROOT_HUB\4&23EB20F8&1 Standaard Enhanced PCI naar USB-hostcontroller PCI\VEN_10B9&DEV_5239&SUBSYS_05081799&REV_01\3&61AAA01&0&4B USB 2.0-hoofhub USB\ROOT_HUB20\4&170D5D37&1 USB-apparaat voor massaopslag USB\VID_1058&PID_0704\57442D575845583038453736373230 WD 3200BMV External USB Device USBSTOR\DISK&VEN_WD&PROD_3200BMV_EXTERNAL&REV_1.75\57442D575845583038453736373230&0
  18. Hallo Sinds kort kan ik geen externe HDD aansluiten op twee van mijn usbs-poorten. Nochtans lukt een aansluiting van de printer wel.Bij het zoeken via "apparaatbeheer" ( Windows 2000) naar eventuele ontbrekende drivers krijg ik dit "De stuurprogramma's voor dit apparaat zijn niet geïnstalleerd. (Code 28) De installatie is mislukt omdat een functiestuurprogramma niet is opgegeven voor dit apparaatexemplaar. Klik op Stuurprogramma opnieuw installeren om de stuurprogramma's voor dit apparaat opnieuw te installeren". Wie kan hier helpen? Ik denk dat in c/winnt/inf het bestand usb/inf ontbreekt.
  19. Juicht mensen, juicht: ik heb de verdwenen SR-1 te pakken gekregen en mijn Office 2000 is helemaal up-to-date. Aan alle zoekers, en inzonderheid wouterskurtt ,nogmaals hartelijk dank.
  20. Ik waag me liever niet op de hogervermelde Russische site :daarom dat ik ook graag de (beveiligings) update voor Office 2000 NL zou willen installeren. Ik wacht met spanning op de Nederlandse versie van O2KSR1A.EXE. Alvast nog eens bedankt!!
  21. Zoals te verwachten herkent de Engelse download mijn Nederlandse versie niet. Ook werken verschillende geciteerde Microsoft/Office-links niet meer. Iemand alsnog de Nederlandse versie van O2KSRADL.exe? Het is toch wel hemeltergend dat deze update niet lukt via SP-3, en dat voor zo'n populair product!!!
  22. Dit is waarom Microsoft op vele zenuwen werkt: Ik had reeds SP 3, en ook SP 2. Om ze te installeren moet je computer echter al beschikken over "SR-1/SR-1a-update" (een soort SP 1), te downloaden via http://support.microsoft.com/kb/245025/nl . Deze site waarschuwt wel dat dit alleen werkt voor Engelstalige versies van Office 2000. Voor andere talen zou later gezorgd worden. Deze follow-up is echter onvindbaar of reeds verwijderd. Leuk is toch anders!
  23. Bedankt voor je snelle reactie. Ik had reeds vroeger Windows Update aan het werk: 180 downloads, maar vooral Windows, en niet Office gerelateerd! Ook "Optionele software-updates" biedt geen oplossing: slechts enkele marginale downloads. Voorlopig werden mij helaas nog geen updates voor Office 2000 voorgesteld door Microsoft!
  24. Hallo Na het herformatteren van mijn oude computer moest ook Office 2000 (Premium) - NL opnieuw geherinstalleerd worden. Helaas kan ik de benodigde update niet uitvoeren bij gebrek aan werkbare links naar sr-1 (! Nederlandstalige versie). Kent er iemand nog actieve links hiervoor, of heeft iemand deze download nog beschikbaar? Alvast hartelijk dank voor de moeite!!!
  25. Bedankt voor je reactie, ik stuur een voorbeeld in bijlage. voorbeeld PortfolioPosition2009Sep28.xls
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.