wibo
-
Items
26 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door wibo
-
-
Hallo
ik heb ondertussen wat geexperimenteerd op mijn "probleemmap", weliswaar op de zeer gecondenseerde versie.
Het A-Z sorteren genereert meestal geen fouten in de doelmap, maar soms wel. Het resultaat lijkt niet afhankelijk van de koppelingnotering met of zonder $.
Waarschijnlijk zit er toch een bugje in de bronmap , of zien jullie andere ooorzaken?
In bijlage mijn bestanden van vandaag.
-
Bedankt voor de moeite!
Ik heb een broncellenmap en een doelcellenmap bijgevoegd. De bronmap werkt met een macro voor de interne berekeningen.
Ik krijg automatisch een $-notering als ik de broncellen één na één kopieer en koppel. Kopieer ik de cellen "en vrac" dan is er geen $-notering.
Merkwaardig in de doelcelmap is dat het niet uitmaakt qua verwijzing of er een $- notering voor de cel is, of niet.
Hoe dan ook , in de testmappen lijkt alles te lukken bij het A-Z sorteren van kolommen in de bronmap.
In mijn "echte" probleemmap (met overal $-noteringen in de doelcellen) lukt het voorlopig NIET!
Ik zoek morgen verder of wacht op een tip.
-
Ik heb in Excel 2007 een aantal broncellen gekoppeld aan doelcellen (in een andere map).
Wanneer de broncellen van plaats veranderen, bv na alfabetisch sorteren, kloppen de waarden in de doelcellen niet meer.
Hoe kan ik een "permanente" koppeling naar (de WAARDEN in) de broncellen instellen?
Alvast dank voor de tips!
-
Mensen, juicht: Iobit is weer bereikbaar. Het zou me wel benieuwen wat er fout was gelopen, zodat ik u met dit probleem niet meer onnodig hoef lastig te vallen. Alvast heel hartelijk dank voor uw hulp en expertise!
-
Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by willy on di 03/12/2013 at 17:33:51.19.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: F:\Docuwilly\Acer\probleem dec\zoek.exe [script inserted] [Checkboxes used]
==== Older Logs ======================
C:\zoek-results2013-12-03-090618.log 45121 bytes
==== Reset Hosts File ======================
# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----
user_20130312_1740_.backup
prefs_20130312_1740_.backup
==== Deleting Files \ Folders ======================
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03/12/2013 09:26]
==== Firefox Extensions ======================
ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org
- nzbdStatus - %ProfilePath%\extensions\sabnzbdstatus@dq5studios.com.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]
Advanced SystemCare Surfing Protection - willy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\willy\AppData\Local\Mozilla\Firefox\Profiles\f6fjst1m.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\willy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on di 03/12/2013 at 17:45:17.00 ======================
-
Ik weet niet of dit een hint kan zijn:
wanneer ik in uw antwoord op uw link naar AdwCleaner click, krijg ik helaas dit:
"De verbinding werd geherinitialiseerd
De verbinding met de server werd geherinitialiseerd tijdens het laden van de pagina.
Misschien is de website tijdelijk niet beschikbaar of overbelast. Probeer het over enkele ogenblikken opnieuw.
Controleer uw netwerkverbinding als u geen enkele pagina kunt laden.
Verzeker u ervan dat Firefox toegang heeft tot het web als uw computer of netwerk is beveiligd door een firewall of proxyserver."
-
Heb via Chrome geprobeerd Iobit te bereiken. Resultaat: "
[h=1]Deze webpagina is niet beschikbaar"[/h]
Log van AdwCleaner ( interface zag er anders uit / heb dit gekregen via "search"
# AdwCleaner v1.606 - Logfile created 12/03/2013 at 14:27:41
# Updated 10/05/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : willy - WILLY-PC2012
# Running from : C:\Users\willy\Desktop\adwcleaner-1.606-en.exe
# Option [search]
***** [services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Found : HKLM\SOFTWARE\Tarma Installer
[x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
***** [internet Browsers] *****
-\\ Internet Explorer v9.11.9600.16428
[OK] Registry is clean.
-\\ Mozilla Firefox v25.0.1 (nl)
Profile name : default
File : C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v30.0.1599.101
File : C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [2100 octets] - [03/12/2013 14:27:10]
AdwCleaner[R2].txt - [2041 octets] - [03/12/2013 14:27:41]
########## EOF - C:\AdwCleaner[R2].txt - [2169 octets] ##########
-
Ik ben inderdaad blij dat ik alvast van die rotrzooi verlost ben. Helaas blijft het initiële probleem bestaan: kan geen berbinding maken met de Iobitserver, ook niet via hun website/"Products".
Het is wel zo dat ik van hun Malware Fighter vandaag wel automatisch de meest recente databaseversie heb binnengekregen.
-
Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by willy on di 03/12/2013 at 9:45:51.29.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: F:\Docuwilly\virus probleem\zoek.exe [script inserted] [Checkboxes used]
==== System Restore Info ======================
3/12/2013 9:51:27 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\PROGRA~2\Avi met vobsub deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Search Results Toolbar deleted successfully
C:\PROGRA~2\SlySoft deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\Program Files\log deleted successfully
C:\ProgramData\DriverGenius deleted successfully
C:\ProgramData\Evernote deleted successfully
C:\ProgramData\iMesh deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\ProgramData\SlySoft deleted successfully
C:\ProgramData\WinZipEC deleted successfully
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\Users\willy\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\willy\AppData\Roaming\Spotnet deleted successfully
C:\Users\willy\AppData\Roaming\TP deleted successfully
C:\Users\willy\AppData\Local\iMesh deleted successfully
C:\Users\willy\AppData\Local\PackageAware deleted successfully
C:\Users\willy\AppData\Local\Spotnet deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully
HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js:
user_pref("browser.startup.homepage", "https://dub118.mail.live.com/default.aspx");
Added to C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "8c840da3000000000000386077fad955");
user_pref("extensions.BabylonToolbar.instlDay", "15705");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.rvrt", "false");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=8c840da3000000000000386077fad955&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=0112_3");
user_pref("extensions.BabylonToolbar_i.excTlbr", false);
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:25:24");
---- Lines BabylonToolbar removed from user.js ----
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=8c840da3000000000000386077fad955&q=");
user_pref("extensions.BabylonToolbar.id", "8c840da3000000000000386077fad955");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.instlDay", "15705");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:25:24");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar_i.excTlbr", false);
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=0112_3");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.rvrt", "false");
user_pref("extensions.BabylonToolbar_i.newTab", false);
---- Lines delta removed from prefs.js ----
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "8c840da3000000000000386077fad955");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.523:38:20");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.srcExt", "ss");
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "8c840da3000000000000386077fad955");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.523:38:20");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);
---- Lines incredibar removed from prefs.js ----
user_pref("extensions.incredibar.actvtyRptTime", "1352409126347");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "BE");
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.did", "10658");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "97F352184698535436E8C07F77349195");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "8c840da3000000000000386077fad955");
user_pref("extensions.incredibar.id", "8c840da3000000000000386077fad955");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlday", "15652");
user_pref("extensions.incredibar.instlDay", "15652");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.isdcmntcmplt", "false");
user_pref("extensions.incredibar.isDcmntCmplt", true);
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1422:08:35");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6R8KEUaA3l");
user_pref("extensions.incredibar.upn2n", "92825368076577295");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1422:08:35");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1422:08:35");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10658");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "8c840da3000000000000386077fad955");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15652");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6R8KEUaA3l");
user_pref("extensions.incredibar_i.upn2n", "92825368076577295");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:08:35");
---- Lines incredibar removed from user.js ----
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8KEUaA3l&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.id", "8c840da3000000000000386077fad955");
user_pref("extensions.incredibar_i.instlDay", "15652");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:08:35");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.upn2", "6R8KEUaA3l");
user_pref("extensions.incredibar_i.upn2n", "92825368076577295");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.did", "10658");
user_pref("extensions.incredibar_i.ppd", "");
---- Lines y2layers removed from prefs.js ----
user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "c128ecdf-6668-4cf7-a2c7-4f42126a0384");
---- Lines y2layers removed from user.js ----
user_pref("extentions.y2layers.installId", "c128ecdf-6668-4cf7-a2c7-4f42126a0384");
user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
---- Lines yontoo removed from prefs.js ----
user_pref("extensions.plugin@yontoo.com.install-event-fired", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- Lines {28387537-e3f9-4ed7-860c-11e69af4a8a0} removed from prefs.js ----
user_pref("extensions.{28387537-e3f9-4ed7-860c-11e69af4a8a0}.install-event-fired", true);
---- FireFox user.js and prefs.js backups ----
user_20130312_0957_.backup
prefs_20130312_0957_.backup
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
==== Deleting Files \ Folders ======================
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted
C:\PROGRA~2\Free Download Manager deleted
C:\PROGRA~2\iMesh Applications deleted
C:\Program Files\Web Assistant deleted
C:\ProgramData\boost_interprocess deleted
C:\ProgramData\SweetIM deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\Premium deleted
C:\Users\willy\AppData\Local\Software deleted
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager deleted
C:\Users\willy\AppData\LocalLow\mediabarim deleted
C:\Windows\wininit.ini deleted
C:\user.js deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\babylon.xml deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\babylon1.xml deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\MyStart Search.xml deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\Search_Results.xml deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\Invalidprefs.js deleted
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\jetpack deleted
C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4} deleted
"C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\delta.xml" deleted
"C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\sweetim.xml" deleted
"C:\Windows\Installer\1aaad5.msi" deleted
"C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\delta.xml" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\willy\AppData\Local\Temp ====
2013-11-26 14:23:54 D496480A00ABDE0655C0FDCE9530B43E 216064 ----a-w- C:\Users\willy\AppData\Local\Temp\gcapi_dll.dll
2013-11-26 14:23:54 D4945107DF8F56CC4DC858C0694C13E2 26688 ----a-w- C:\Users\willy\AppData\Local\Temp\Checkupdate.exe
2013-11-26 14:23:54 B8B811C4655490676C2DED04E531F106 9577536 ----a-w- C:\Users\willy\AppData\Local\Temp\Foxit Reader Updater.exe
2013-11-26 14:23:54 23700AA70D1751D592D8641FC0E0660F 73408 ----a-w- C:\Users\willy\AppData\Local\Temp\gtapi_signed.dll
2013-11-19 10:04:27 6B1D908AAACC6B4793D749AB9D950BE2 121448 ----a-w- C:\Users\willy\AppData\Local\Temp\clear.fiClient\cabarc.exe
====== Java Cache =====
2013-11-18 16:38:45 0FC73B4C93ACC0A41A4B70AC7A47D2C5 112 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\49acf8dc-6.0.lap
2013-11-27 16:31:34 074A12C92DFCE141F58ACDDA028DD9DE 898 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3d9bb503-2e15475d
2013-11-18 16:38:45 BB8206952D02F91A75100B3DB480A95F 80 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\b857c20-6.0.lap
2013-11-27 16:31:31 2097D00A4A940CDFD975E5A0C1186559 80 ----a-w- C:\Users\willy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\51a50bd-6.0.lap
====== C:\Windows\SysWOW64 =====
2013-11-28 20:46:01 99DE7F0838685CE9F4C39E58FEE6F48B 790272 ----a-w- C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-11-28 20:46:08 A58E46E776CFAD5DCBC8C2D9A920E7B4 582056 ----a-w- C:\Windows\Sysnative\tosasfapo64.dll
2013-11-28 20:46:08 771536F10F1A419622787FB5D27A8E6B 871856 ----a-w- C:\Windows\Sysnative\tossaeapo64.dll
2013-11-28 20:46:08 68C8E504065F3724D873DE7942D5F72C 2103040 ----a-w- C:\Windows\Sysnative\WavesGUILib64.dll
2013-11-28 20:46:08 3D30D3B2776C1A24F6498F569466E8D7 162224 ----a-w- C:\Windows\Sysnative\toseaeapo64.dll
2013-11-28 20:46:07 D29D34D0AF33EDD9D604816154CBFE6A 244480 ----a-w- C:\Windows\Sysnative\slprp64.dll
2013-11-28 20:46:07 D1A3064BD95D337804EFCF6D8C03B406 897792 ----a-w- C:\Windows\Sysnative\sl3apo64.dll
2013-11-28 20:46:07 CC0434CBB00ECF7B4FDD072A4101AC60 1014016 ----a-w- C:\Windows\Sysnative\slcnt64.dll
2013-11-28 20:46:07 B4D7A07098508A3BCC3C57612F890F98 947760 ----a-w- C:\Windows\Sysnative\SFSS_APO.dll
2013-11-28 20:46:07 43B0E62B728A04A73FE6FAE3274FFEE7 722688 ----a-w- C:\Windows\Sysnative\sltech64.dll
2013-11-28 20:46:06 027D50CF8F4A9FAFF61B49958CFED1ED 2810072 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll
2013-11-28 20:46:05 8BFA2E598156C9224545DD3317856D9B 2587864 ----a-w- C:\Windows\Sysnative\RtkAPO64.dll
2013-11-28 20:46:04 C08DE9FE49B8DE126EE7A42C7C80450E 1021656 ----a-w- C:\Windows\Sysnative\RtkApi64.dll
2013-11-28 20:46:04 B6FB3F1D359FA0D293E952FD1550BB41 153304 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll
2013-11-28 20:46:04 A0DC2F4C3A743339B3941BAFA39FDC0A 38385664 ----a-w- C:\Windows\Sysnative\RCoRes64.dat
2013-11-28 20:46:04 6294EB69AE8907495D3F69C19676DBC0 1286360 ----a-w- C:\Windows\Sysnative\RTCOM64.dll
2013-11-28 20:46:04 20B2E41DAA40B18444C19C1CCE9577DE 617176 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll
2013-11-28 20:46:03 CA2F732F51BB609265DDC9A851ECDB27 929080 ----a-w- C:\Windows\Sysnative\NAHIMICAPOSettingsIPC.dll
2013-11-28 20:46:03 68E48600A04EF184B42B52634D703856 5751576 ----a-w- C:\Windows\Sysnative\NAHIMICAPOlfx.dll
2013-11-28 20:46:02 DF1C73C391BD249E400B017ECEBF2BB8 3714304 ----a-w- C:\Windows\Sysnative\MaxxAudioVnN64.dll
2013-11-28 20:46:02 8C3D0711219078FB6601C39387EB7B30 1286400 ----a-w- C:\Windows\Sysnative\MaxxSpeechAPO64.dll
2013-11-28 20:46:02 587A8CF457604D84266FF858CEB60223 662784 ----a-w- C:\Windows\Sysnative\MaxxVolumeSDAPO.dll
2013-11-28 20:46:02 32E91908A319CF4FDDE18C6F5699E0E0 907008 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO2064.dll
2013-11-28 20:46:02 1B89185D5D7AB3A10B4309E16C62CC30 27644160 ----a-w- C:\Windows\Sysnative\MaxxAudioVnA64.dll
2013-11-28 20:46:01 A0E82776B44BA5A89755D872B003887F 1921792 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek264.dll
2013-11-28 20:46:01 932271059AE180C436D5CA7AF2B0637C 14152960 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek64.dll
2013-11-28 20:46:01 7C29CDA779E9CEA80075F45E34E55A8E 1345280 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO5064.dll
2013-11-28 20:46:01 3829AF61A8442CC4F63D908E82A09705 1012992 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2013-11-28 20:46:01 20F371119BB00A073BDBAEC5BFBD1C30 2036992 ----a-w- C:\Windows\Sysnative\MaxxAudioEQ64.dll
2013-11-28 20:46:00 315AEF22E309E724AD0575C75E7EF5F3 1084160 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO4064.dll
2013-11-28 20:46:00 06080807E61471A18AD99F3E6FF3C9B5 663296 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO30.dll
2013-11-28 20:45:57 A9B98F96FBE514ADEABD20B2BD132172 415680 ----a-w- C:\Windows\Sysnative\DTSU2PREC64.dll
2013-11-28 20:45:57 922CDA544EB5C5A57795B38ED5871B69 2743328 ----a-w- C:\Windows\Sysnative\FMAPO64.dll
2013-11-28 20:45:57 8AE860D92752CFA136979B1FF797FFDC 501184 ----a-w- C:\Windows\Sysnative\DTSU2PLFX64.dll
2013-11-28 20:45:57 37B8A8089ECED77F6CEAF74917C5D12B 487360 ----a-w- C:\Windows\Sysnative\DTSU2PGFX64.dll
2013-11-28 20:45:56 FAC24F4CC63235D9533DD6605E5EE6F0 1938608 ----a-w- C:\Windows\Sysnative\DDPD64A.dll
2013-11-28 20:45:56 F2CF417EF502555B139EDCD9FEBF9CD3 109848 ----a-w- C:\Windows\Sysnative\AcpiServiceVnA64.dll
2013-11-28 20:45:56 B827E0AE582ACD641F0B2B052773A5CA 6217904 ----a-w- C:\Windows\Sysnative\DDPP64A.dll
2013-11-28 20:45:56 A1C8F811777EFA1B6BD82B226016CF2D 313520 ----a-w- C:\Windows\Sysnative\DDPO64A.dll
2013-11-28 20:45:56 82DF29C6D5571BFA69429563F0AED677 260272 ----a-w- C:\Windows\Sysnative\DDPA64.dll
2013-11-28 20:45:56 6E14F444A2506049EEC25CB5EDFE0905 113576 ----a-w- C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll
2013-11-28 20:45:56 2D0895BED270D1A8CADD981A5BFC0AE5 605496 ----a-w- C:\Windows\Sysnative\audioLibVc.dll
2013-11-28 20:45:56 2CBDC11690656A1A2D03EC65AE2BCE68 209096 ----a-w- C:\Windows\Sysnative\AERTAC64.dll
====== C:\Windows\Sysnative\drivers =====
2013-11-28 20:46:06 1EF2A77F3F4951CC25EEEA882376A769 5681192 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat
2013-11-28 20:46:05 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys
2013-11-28 20:46:04 C8C7EAD8098EA7468D651F3459657240 681905 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2013-11-14 10:22:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-11-14 10:22:08 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2013-11-14 10:22:08 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2013-11-14 10:22:08 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
2013-11-05 10:14:33 8074830CF6121F4C70CC9C32F2D8BCCB 2850 ----a-w- C:\Windows\Sysnative\Tasks\ASC7_SkipUac_willy
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-02 19:08:47 -------- d-----w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\willy\AppData\Roaming ======
2013-11-14 19:32:44 -------- d-----w- C:\Users\willy\AppData\Locallow\ADSRemoval
====== C:\Users\willy ======
2013-12-03 08:26:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2013-12-02 19:08:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\willy\Downloads\RSITx64.exe
2013-11-28 20:46:54 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl
2013-11-23 16:49:42 A6C8B39BCED92B2DAEAE587EA00F344F 12902696 ----a-w- C:\Users\willy\Downloads\winamp566_full_nl-nl.exe
2013-11-14 19:32:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2013-11-05 10:14:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2013-11-05 10:14:44 -------- d-----w- C:\ProgramData\ProductData
2013-11-05 10:14:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
====== C: exe-files ==
2013-12-02 19:08:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\willy.exe
2013-12-02 19:08:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\willy\Downloads\RSITx64.exe
2013-11-28 20:46:08 ACA3B1A550ED553028F5FDBFA0398A22 101120 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc.exe
2013-11-28 20:46:08 A3E3A08C75737EBC84E50816B86F4338 287488 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
2013-11-28 20:46:06 07622F6D69B93403FC9CBB40450DD842 1719000 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2013-11-28 20:46:05 DABD4AB3D049ECA6AFFD61B63A997728 289496 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2013-11-28 20:46:05 CF161C7C6B23A8827C41292F60E6B078 7204568 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2013-11-28 20:46:04 54BF6A01D8E2C804612703F878E2BCDC 978648 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
2013-11-28 20:46:03 BAF91E0F5CDE5300D4957859B8893D03 1361112 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2013-11-28 20:46:03 16438B000BF56F2CD7FDB5E6C3B38C7E 13662936 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2013-11-28 20:46:01 AF1BEA73ACEA5C17113D832EECBC74B8 3669248 ----a-w- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe
2013-11-28 20:45:57 6688B6F74C360CBC366B7AF948D9084D 240576 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
2013-11-26 14:23:54 D4945107DF8F56CC4DC858C0694C13E2 26688 ----a-w- C:\Users\willy\AppData\Local\Temp\Checkupdate.exe
2013-11-26 14:23:54 B8B811C4655490676C2DED04E531F106 9577536 ----a-w- C:\Users\willy\AppData\Local\Temp\Foxit Reader Updater.exe
=== C: other files ==
2013-11-28 20:46:05 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe /check"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 5]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 5"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 5\\ASCTray.exe\" /AutoStart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcadeMovieService"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EgisTecPMMUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EgisUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hotkey Utility]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Hotkey Utility"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Acer\\Hotkey Utility\\HotkeyUtility.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="\"C:\\Windows\\system32\\hkcmd.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="\"C:\\Windows\\system32\\igfxtray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norton Online Backup"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Reader Application Helper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Reader Application Helper"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Sony\\ReaderDesktop\\appHelper\\ReaderAppHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDVCPL"
"hkey"="HKLM"
"command"="\"c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe\" -s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SuiteTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WinampAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdvancedSystemCareService5]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EgisTec Ticket Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NOBU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\Driver Booster Startup.job --a------ C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [08/09/2013 10:39]
C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [08/09/2013 10:12]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/07/2012 17:14]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/07/2012 17:14]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASC7_SkipUac_willy" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]
"C:\Windows\SysNative\tasks\Driver Booster Startup" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task aa398b79-5e4c-43ab-867a-6b5629e239f9" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]
"C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03/12/2013 09:26]
==== Firefox Extensions ======================
ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Ads Removal - %ProfilePath%\extensions\adsremoval@adsremoval.net
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org
- GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi
- nzbdStatus - %ProfilePath%\extensions\sabnzbdstatus@dq5studios.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
==== Deleted Firefox Extensions ======================
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\extensions\gophoto@gophoto.it.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dlnembnfbcpjnepmfjmngjenhhajpdfd - No path found[]
jbpkiefagocgkmemidfngdkamloieekf - No path found[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]
YouTube - willy - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - willy - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Ads Removal - willy - Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
avast Online Security - willy - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Advanced SystemCare Surfing Protection - willy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Chrome In-App Payments service - willy - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - willy - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=109220&tt=0112_3&babsrc=HP_ss&mntrId=8c840da3000000000000386077fad955"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-1014492182-1278609348-4096970860-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Download Manager_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\willy\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\willy\AppData\Local\Mozilla\Firefox\Profiles\f6fjst1m.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\willy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on di 03/12/2013 at 10:06:18.45 ======================
-
Mijn Log-file via RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by willy at 2013-12-02 20:08:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 204 GB (77%) free of 266 GB
Total RAM: 4000 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:11, on 2/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\Setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\willy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe /check
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11594 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
taskeng.exe {DF813B1A-9984-4DF9-A2C5-A9F5F3833668}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\AVAST Software\Avast\Setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe" /check
taskeng.exe {7286F051-CB55-4ABA-A1C7-4D0217425786}
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Users\willy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Startup.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default
prefs.js - "browser.startup.homepage" - "https://dub118.mail.live.com/default.aspx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@sony.com/ReaderDesktop]
"Description"=Reader for PC is installed if this plugin exists
"Path"=C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Search_Results.xml
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\extensions\
ascsurfingprotection@iobit.com
en-GB@dictionaries.addons.mozilla.org
C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\f6fjst1m.default\searchplugins\
babylon.xml
babylon1.xml
delta.xml
MyStart Search.xml
Search_Results.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-05 2486592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-01-11 365056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{28387537-e3f9-4ed7-860c-11e69af4a8a0}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-01 442352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-28 13662936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2012-05-28 288128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2012-09-19 188944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility]
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-10-01 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2013-10-01 172016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2013-10-01 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Application Helper]
C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2012-11-08 898952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
c:\program files\realtek\audio\hda\ravcpl64.exe [2013-11-28 13662936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-11-14 6604568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-11-20 85600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2013-11-13 1574208]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\a5c26b02-6986-48a3-b22f-57810740da70.exe [2013-11-23 180184]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2013-11-20 85600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-01 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameConsole-wt.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameConsole.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameLauncher.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GamesAppService.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GREG.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GREGsvc.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MUILink.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PatchHelper.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Restore.exe]
"Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-02 20:08:47 ----D---- C:\rsit
2013-12-02 20:08:47 ----D---- C:\Program Files\trend micro
2013-11-28 21:46:08 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-11-28 21:46:08 ----A---- C:\Windows\system32\tossaeapo64.dll
2013-11-28 21:46:08 ----A---- C:\Windows\system32\toseaeapo64.dll
2013-11-28 21:46:08 ----A---- C:\Windows\system32\tosasfapo64.dll
2013-11-28 21:46:07 ----A---- C:\Windows\system32\sltech64.dll
2013-11-28 21:46:07 ----A---- C:\Windows\system32\slprp64.dll
2013-11-28 21:46:07 ----A---- C:\Windows\system32\slcnt64.dll
2013-11-28 21:46:07 ----A---- C:\Windows\system32\sl3apo64.dll
2013-11-28 21:46:07 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-11-28 21:46:06 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-11-28 21:46:06 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2013-11-28 21:46:05 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-11-28 21:46:05 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-11-28 21:46:04 ----A---- C:\Windows\system32\RtkApi64.dll
2013-11-28 21:46:04 ----A---- C:\Windows\system32\RtDataProc64.dll
2013-11-28 21:46:04 ----A---- C:\Windows\system32\RTCOM64.dll
2013-11-28 21:46:04 ----A---- C:\Windows\system32\RCoRes64.dat
2013-11-28 21:46:04 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-11-28 21:46:04 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-11-28 21:46:03 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-11-28 21:46:03 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-28 21:46:02 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-28 21:46:01 ----A---- C:\Windows\SYSWOW64\MaxxAudioAPOShell.dll
2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-28 21:46:01 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-28 21:46:00 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-28 21:46:00 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-28 21:45:57 ----A---- C:\Windows\system32\FMAPO64.dll
2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-11-28 21:45:57 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPP64A.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPO64A.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPD64A.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\DDPA64.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\audioLibVc.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\AERTAC64.dll
2013-11-28 21:45:56 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-16 11:55:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-14 11:22:29 ----A---- C:\Windows\system32\crypt32.dll
2013-11-14 11:22:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-14 11:22:21 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-14 11:22:18 ----A---- C:\Windows\system32\authui.dll
2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-14 11:22:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-14 11:22:17 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 11:22:17 ----A---- C:\Windows\system32\credui.dll
2013-11-14 11:22:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-14 11:22:08 ----A---- C:\Windows\system32\sspicli.dll
2013-11-14 11:22:08 ----A---- C:\Windows\system32\schannel.dll
2013-11-14 11:22:08 ----A---- C:\Windows\system32\lsass.exe
2013-11-14 11:22:08 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-14 11:22:08 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-14 11:22:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-14 11:22:07 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-14 11:22:07 ----A---- C:\Windows\system32\secur32.dll
2013-11-14 11:22:07 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-14 11:22:02 ----A---- C:\Windows\system32\gdi32.dll
2013-11-14 11:22:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-14 11:21:59 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-14 11:21:59 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-14 11:21:59 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-14 11:21:59 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 11:21:58 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 09:33:01 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-12 09:29:43 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-12 09:29:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-12 09:29:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\wininet.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\wextract.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\webcheck.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\vbscript.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\urlmon.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\url.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\occache.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\msrating.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\msls31.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshtml.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\mshta.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript9diag.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript9.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\jscript.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\inseng.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\imgutil.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iexpress.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieui.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iesetup.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iertutil.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iernonce.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iepeers.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieframe.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-12 09:29:37 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-12 09:29:37 ----A---- C:\Windows\system32\icardie.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\elshyph.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-12 09:29:37 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-05 11:14:44 ----D---- C:\ProgramData\ProductData
2013-11-05 11:14:36 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
======List of files/folders modified in the last 1 month======
2013-12-02 20:09:04 ----D---- C:\Windows\Temp
2013-12-02 20:08:47 ----RD---- C:\Program Files
2013-12-02 20:08:19 ----D---- C:\Users\willy\AppData\Roaming\Free Download Manager
2013-12-02 20:02:09 ----D---- C:\ProgramData\clear.fi
2013-12-02 20:00:57 ----D---- C:\Windows\system32\config
2013-11-28 22:37:29 ----D---- C:\ProgramData\AllMyMovies
2013-11-28 22:21:23 ----HD---- C:\ProgramData
2013-11-28 21:49:16 ----AD---- C:\Windows
2013-11-28 21:48:02 ----AD---- C:\Windows\System32
2013-11-28 21:46:47 ----D---- C:\Windows\SysWOW64
2013-11-28 21:46:41 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-11-28 21:46:41 ----D---- C:\Windows\system32\drivers
2013-11-28 21:46:35 ----D---- C:\Windows\inf
2013-11-28 21:46:34 ----D---- C:\Windows\system32\catroot
2013-11-28 21:46:32 ----D---- C:\Windows\system32\catroot2
2013-11-28 21:46:31 ----D---- C:\Windows\system32\DriverStore
2013-11-28 21:40:20 ----SHD---- C:\System Volume Information
2013-11-24 20:02:41 ----D---- C:\Users\willy\AppData\Roaming\Winamp
2013-11-23 17:52:09 ----D---- C:\Program Files (x86)\Winamp
2013-11-20 10:56:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-11-19 17:44:04 ----D---- C:\Windows\debug
2013-11-19 11:05:10 ----D---- C:\Windows\SoftwareDistribution
2013-11-19 11:03:33 ----D---- C:\Windows\Panther
2013-11-19 11:03:32 ----D---- C:\Windows\Logs
2013-11-17 21:30:25 ----RD---- C:\Program Files (x86)
2013-11-17 11:25:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-14 20:45:42 ----D---- C:\Program Files\SUPERAntiSpyware
2013-11-14 13:24:35 ----D---- C:\Windows\winsxs
2013-11-14 13:23:11 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-11-14 13:23:11 ----D---- C:\Windows\system32\nl-NL
2013-11-14 11:46:50 ----SHD---- C:\Windows\Installer
2013-11-14 11:46:50 ----SHD---- C:\Config.Msi
2013-11-14 11:46:50 ----D---- C:\ProgramData\Microsoft Help
2013-11-14 11:46:16 ----D---- C:\Windows\system32\MRT
2013-11-14 11:44:47 ----A---- C:\Windows\system32\MRT.exe
2013-11-12 09:34:58 ----D---- C:\Windows\SYSWOW64\migration
2013-11-12 09:34:58 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-12 09:34:58 ----D---- C:\Program Files\Internet Explorer
2013-11-12 09:34:58 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-12 09:34:57 ----D---- C:\Windows\system32\migration
2013-11-12 09:34:57 ----D---- C:\Windows\system32\en-US
2013-11-12 09:34:57 ----D---- C:\Windows\PolicyDefinitions
2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-08 17:50:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-06 20:38:36 ----D---- C:\Users\willy\AppData\Roaming\Foxit Software
2013-11-05 20:12:22 ----D---- C:\Windows\system32\Tasks
2013-11-05 11:22:17 ----D---- C:\Windows\Downloaded Program Files
2013-11-05 11:14:43 ----D---- C:\Program Files (x86)\IObit
2013-11-05 11:14:33 ----D---- C:\ProgramData\IObit
2013-11-05 11:14:32 ----D---- C:\Users\willy\AppData\Roaming\IObit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-07-13 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-08-30 270824]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-24 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2013-08-30 131232]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-02-03 59520]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-02-03 84736]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-01 5361920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-28 3707864]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-03-12 342528]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-03-20 99288]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-03-26 82816]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-03-26 34336]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-12-21 258784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-01 883928]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-03-26 23016]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 SQTECH905C;DualCamera; C:\Windows\System32\Drivers\Capt905c.sys [2007-11-20 47680]
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-10-24 30208]
S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-08-30 137960]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-03-20 368600]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-20 257416]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279024]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-12 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2012-10-23 73728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-23 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S4 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
Sinds enkele weken krijg ik deze boodschap als ik een product van Iobit wil downlaoden of updaten:
"Kan geen verbinding maken
Firefox kan geen verbinding maken met de server op www.iobit.com."
Ligt dit aan mijn instellingen of aan de server van Iobit?
-
Inderdaad, stekker eruit en na enkele minuten er weer in: poorten zijn "terug". Ik doe dat ook met weerbarstige Philips DVD player.
-
Juicht mensen,juicht!!!! Mijn usb -poorten werken weer!!!!
Na ontelbare (nutteloze?) ingrepen en probeersels, heb ik het ultieme gedaan: computer volgens de regels van de kunst afgesloten, en gedurende 5-tal minuten LOSGEKOPPELD VAN HET STROOMNET.
Nadien weer aangesloten en opgestart:usb-poorten werken als vanouds.
Als leek denk ik dat het moederbord zichzelf weer helemaal functioneel gezet heeftna de stroomonderbreking.
Voor alle "usb-sukkelaars" : misschien is dit wel een bruikbare tip??
-
het moet helaas Windows 2000 zijn! Iemand "Windows 2000-KB838989-x86-nld" in voorraad?
-
Geen enkele externe HDD werkt via die poorten, ook usb-sticks niet. BVB externe HDD WD500E035-00.
Had zoals gesuggereerd al vooraf de installatie van alle usb poorten ongedaan gemaakt , en door Windows opnieuw laten installeren: geen beterschap.
Zou dit een oorzaak kunnen zijn: in: Windows hulp en ondersteuning ( Een USB-apparaat wordt niet opnieuw gedetecteerd na een energiecyclus in Windows XP of Windows 2000 )
"Wanneer u een Pocket PC-apparaat op een USB 2.0-hub aansluit of wanneer u het apparaat uit- en weer inschakelt terwijl het apparaat nog op de USB 2.0-hub is aangesloten, kan Microsoft Windows het apparaat niet meer vinden. Dit probleem kan zich ook voordoen met andere USB-apparaten waarop nog transmissies moeten worden uitgevoerd als het apparaat wordt losgekoppeld en vervolgens weer aangesloten of als het apparaat uit en weer in wordt geschakeld terwijl het nog op de USB 2.0-hub is aangesloten."
Probleem is natuurlijk dat de voorgestelde hotfix 838989 Nederlandstalig moet zijn om hem te kunnen installeren, en dus niet meer te downloaden/vinden is.
-
@ kweezie wabbit
Het gaat om een geassembleerde desk top:
Naam van besturingssysteem Microsoft Windows 2000 Professional
Versie 5.0.2195 Service Pack 4 build 2195
Fabrikant van besturingssysteem Microsoft Corporation
Computernaam THUIS-WU5V8OQM4
Computerfabrikant ECS
Computermodel M810DLU
Type computer X86-based PC
Processor x86 Family 6 Model 7 Stepping 1 AuthenticAMD ~1300 Mhz
BIOS-versie 06/16/03
Windows-map C:\WINNT
Landinstelling Nederland
Tijdzone West-Europa (standaardtijd)
Totaal fysiek geheugen 490.992 kB
Beschikbaar fysiek geheugen 110.016 kB
Totaal virtueel geheugen 1.845.572 kB
Beschikbaar virtueel geheugen 1.194.396 kB
Ruimte voor wisselbestand 1.354.580 kB
De onlangs toegevoegde usb poorten werken wel (zie onderste lijn)
Apparaat PNP-apparaat-ID
SiS 7001 PCI to USB Open Host Controller PCI\VEN_1039&DEV_7001&SUBSYS_54701462&REV_0F\3&61AAA01&0&18
USB-basishub USB\ROOT_HUB\4&3B4FE10C&1
SiS 7001 PCI to USB Open Host Controller PCI\VEN_1039&DEV_7001&SUBSYS_54701462&REV_0F\3&61AAA01&0&19
USB-basishub USB\ROOT_HUB\4&28963067&1
SiS 7002 USB 2.0 Enhanced Host Controller PCI\VEN_1039&DEV_7002&SUBSYS_54701462&REV_00\3&61AAA01&0&1B
USB 2.0-hoofhub USB\ROOT_HUB20\4&2684B4D6&1
ALi PCI to USB Open Host Controller PCI\VEN_10B9&DEV_5237&SUBSYS_05171799&REV_03\3&61AAA01&0&48
USB-basishub USB\ROOT_HUB\4&11317053&1
ALi PCI to USB Open Host Controller PCI\VEN_10B9&DEV_5237&SUBSYS_05171799&REV_03\3&61AAA01&0&49
USB-basishub USB\ROOT_HUB\4&23EB20F8&1
Standaard Enhanced PCI naar USB-hostcontroller PCI\VEN_10B9&DEV_5239&SUBSYS_05081799&REV_01\3&61AAA01&0&4B
USB 2.0-hoofhub USB\ROOT_HUB20\4&170D5D37&1
USB-apparaat voor massaopslag USB\VID_1058&PID_0704\57442D575845583038453736373230
WD 3200BMV External USB Device USBSTOR\DISK&VEN_WD&PROD_3200BMV_EXTERNAL&REV_1.75\57442D575845583038453736373230&0
-
Hallo
Sinds kort kan ik geen externe HDD aansluiten op twee van mijn usbs-poorten. Nochtans lukt een aansluiting van de printer wel.Bij het zoeken via "apparaatbeheer" ( Windows 2000) naar eventuele ontbrekende drivers krijg ik dit
"De stuurprogramma's voor dit apparaat zijn niet geïnstalleerd. (Code 28)
De installatie is mislukt omdat een functiestuurprogramma niet is opgegeven
voor dit apparaatexemplaar.
Klik op Stuurprogramma opnieuw installeren om de stuurprogramma's voor dit
apparaat opnieuw te installeren".
Wie kan hier helpen? Ik denk dat in c/winnt/inf het bestand usb/inf ontbreekt.
-
Juicht mensen, juicht: ik heb de verdwenen SR-1 te pakken gekregen en mijn Office 2000 is helemaal up-to-date.
Aan alle zoekers, en inzonderheid wouterskurtt ,nogmaals hartelijk dank.
-
Ik waag me liever niet op de hogervermelde Russische site :daarom dat ik ook graag de (beveiligings) update voor Office 2000 NL zou willen installeren.
Ik wacht met spanning op de Nederlandse versie van O2KSR1A.EXE. Alvast nog eens bedankt!!
-
Zoals te verwachten herkent de Engelse download mijn Nederlandse versie niet. Ook werken verschillende geciteerde Microsoft/Office-links niet meer.
Iemand alsnog de Nederlandse versie van O2KSRADL.exe?
Het is toch wel hemeltergend dat deze update niet lukt via SP-3, en dat voor zo'n populair product!!!
-
Dit is waarom Microsoft op vele zenuwen werkt:
Ik had reeds SP 3, en ook SP 2. Om ze te installeren moet je computer echter al beschikken over "SR-1/SR-1a-update" (een soort SP 1), te downloaden via http://support.microsoft.com/kb/245025/nl .
Deze site waarschuwt wel dat dit alleen werkt voor Engelstalige versies van Office 2000. Voor andere talen zou later gezorgd worden. Deze follow-up is echter onvindbaar of reeds verwijderd. Leuk is toch anders!
-
Bedankt voor je snelle reactie.
Ik had reeds vroeger Windows Update aan het werk: 180 downloads, maar vooral Windows, en niet Office gerelateerd!
Ook "Optionele software-updates" biedt geen oplossing: slechts enkele marginale downloads. Voorlopig werden mij helaas nog geen updates voor Office 2000 voorgesteld door Microsoft!
-
Hallo
Na het herformatteren van mijn oude computer moest ook Office 2000 (Premium) - NL opnieuw geherinstalleerd worden. Helaas kan ik de benodigde update niet uitvoeren bij gebrek aan werkbare links naar sr-1 (! Nederlandstalige versie).
Kent er iemand nog actieve links hiervoor, of heeft iemand deze download nog beschikbaar?
Alvast hartelijk dank voor de moeite!!!
-
Bedankt voor je reactie, ik stuur een voorbeeld in bijlage.
Excel 2007: koppeling behouden na verplaatsen broncellen
in Archief Excel
Geplaatst:
Bedankt voor je moeite en tip!
Quote : "Als je de sortering in de kolom A van de doelmap wil behouden, zal je een ander systeem moeten zoeken dan de koppelingen die je nu gebruikt."
Eenvoudige oplossing die lijkt te werken is een extra nieuwe koppeling voor Kolom A maken vanuit de bronmap.