bernard

Als ik AdwCleaner aanklik krijg ik nog steeds dar ,, paniek,, scherm , waar het de vorige keer mis ging . Moet ik dan toch klikken op de regel : Doorgaan naar de website ( niet aanbevolen ) ???? En daardoor kan ik ook niet AdwCleaner naar bureaublad sturen

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Microsoft Windows XP x86 Ran by Gerda on wo 13-08-2014 at 16:58:45,23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&search Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\videodownloadconverter_4zbar uninstall ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on wo 13-08-2014 at 17:03:38,21 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Geld dat ook voor firewall ?

Daar was ik al bang voor , maar krijgen we dan niet hetzelfde resultaat als : # 35 Want als ik op AdwCleaner klik komt dat scherm weer terug , waar ik toch verder ben gegaan . Of moet ik eerst nog wat aan mijn firewall doen ? En dan ben ik weer alles kwijt , en dat zou zonde zijn , want hij is best goed voor zo,n oud beestje ? Is er geen andere mogelijkheid als : AdwCleaner ? nu herinner ik me nog de tip van Asus , op # 30 Misschien heb ik daar iets fout gedaan ? Maar als het wel moet , wil je me dan een ,, beeldinstructie geven wat ik precies moet doen ( als het mogelijk is )

Zoek.exe v5.0.0.0 Updated 11-August-2014 Tool run by Gerda on di 12-08-2014 at 20:58:51,81. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Gerda\Mijn documenten\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 21:04:12,98 ===== --- Create Environment Variables 21:04:14,75 --- Checking Input 21:04:22,87 --- AU AppData Check 21:04:29,28 --- Remove From Windows Installer 21:04:31,29 --- Empty Folders Check 21:06:02,34 --- StartMenuInternet Check 21:06:03,00 --- IE Startpage Check 21:06:26,09 --- Program Files DB Check 21:07:31,57 --- C:\Documents and Settings\Default User\Application Data DB Check 21:08:28,18 --- C:\Documents and Settings\Gerda\Application Data DB Check 21:08:28,18 --- C:\Documents and Settings\LocalService\Application Data DB Check 21:08:28,18 --- C:\Documents and Settings\NetworkService\Application Data DB Check 21:08:28,18 --- C:\WINDOWS\system32\config\systemprofile\Application Data DB Check 21:08:28,18 --- C:\Documents and Settings\Gerda DB Check 21:10:14,37 --- C:\DOCUME~1\ALLUSE~1\APPLIC~1 DB Check 21:10:34,87 --- C:\Documents and Settings\Default User\Local Settings\Application Data DB Check 21:10:36,07 --- C:\Documents and Settings\Gerda\Local Settings\Application Data DB Check 21:10:36,07 --- C:\Documents and Settings\LocalService\Local Settings\Application Data DB Check 21:10:36,07 --- C:\Documents and Settings\NetworkService\Local Settings\Application Data DB Check 21:10:36,07 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data DB Check 21:10:36,07 --- C:\Documents and Settings\All Users\Menu Start\Programma's DB Check 21:11:46,90 --- C:\Documents and Settings\Gerda\Menu Start\Programma's DB Check 21:11:57,03 --- Tasks DB Check 21:12:03,04 --- Tasks2 DB Check 21:12:06,92 --- Documents DB Check 21:12:34,26 --- Documents2 DB Check 21:12:38,57 --- C:\Documents and Settings\All Users\Bureaublad DB Check 21:12:40,60 --- C:\Documents and Settings\Gerda\Bureaublad DB Check 21:12:44,68 --- Services DB Check 21:12:55,26 --- FF prefs.js DB Check 21:13:27,31 --- Del by CLSID 21:13:29,21 --- Delete Services 21:14:27,29 --- Registry Fix 21:14:45,12 --- Delete files\folders 21:14:45,14 --- Create Backups 21:14:45,31 --- Recently Created 21:15:24,87 --- StartUp Information 21:17:41,78 --- Firefox Extensions 21:17:55,03 --- Chrome Look 21:17:55,51 --- IEdefaults 21:18:05,56 --- Del by CLSID 21:18:13,51 --- Shortcut Fix 21:18:26,06 --- Del from Uninstall List 21:19:02,90 --- msconfig check 21:20:29,68 --- Deleting Registry Keys 21:20:30,00 --- Empty IE Cache 21:20:30,10 --- Empty FF Cache 21:20:34,76 --- Empty CHR Cache 21:20:35,73 --- Empty Flash Cache 21:20:35,98 --- Empty Java Cache 21:20:38,50 --- C:\zoek_backups Content 21:20:42,31 Ik weet niet of het klaar was , want het streepje stond nog te knipperen . Maar dat duurde zolang , dat ik dacht het zal wel goed zijn - - - Updated - - - Zoek.exe v5.0.0.0 Updated 11-August-2014 Tool run by Gerda on di 12-08-2014 at 20:58:51,81. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Gerda\Mijn documenten\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-08-134842.log 27170 bytes C:\zoek-results2014-08-09-091355.log 38616 bytes C:\zoek-results2014-08-09-170307.log 22387 bytes C:\zoek-results2014-08-10-083804.log 14133 bytes ==== Empty Folders Check ====================== C:\Program Files\DealPly deleted successfully C:\Program Files\Giant Savings Extension deleted successfully C:\Documents and Settings\Gerda\Application Data\Babylon deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\SearchScopes\{31F65C9D-8777-4D7A-8752-2F33DF02EAAF} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully HKEY_CLASSES_ROOT\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\40030ae4 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\40030ae4 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VideoDownloadConverter Search Scope Monitor"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Program Files\RCP not found C:\Program Files\Giant Savings Extension not found C:\Program Files\DealPly not found C:\Documents and Settings\Gerda\Application Data\Babylon not found C:\Program Files\VideoDownloadConverter_4z deleted C:\Program Files\cosstminn deleted C:\Program Files\ComPlus Applications deleted C:\Program Files\MyPC Backup deleted C:\Documents and Settings\Gerda\Application Data\webssearches deleted C:\Documents and Settings\Gerda\Application Data\BabSolution deleted C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect deleted C:\Program Files\FLVM Player deleted C:\Program Files\Zebar deleted C:\Documents and Settings\Gerda\Application Data\Protect deleted C:\Documents and Settings\Gerda\Application Data\{1EDE0D83-B129-4ABC-923B-725D5B0C0DAC} deleted C:\zoek_backup deleted C:\Documents and Settings\Gerda\Application Data\VideoDownloadConverter_4z deleted C:\SUPPORT deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ask deleted C:\Documents and Settings\Gerda\Local Settings\Application Data\IAC deleted C:\Documents and Settings\Gerda\Local Settings\Application Data\Local_Weather_LLC deleted C:\Documents and Settings\Gerda\Menu Start\Programma's\Weather Alerts deleted C:\WINDOWS\wininit.ini deleted C:\WINDOWS\tasks\bench-S-1-5-21-1705022645-2691431146-1015858574-1007.job deleted C:\WINDOWS\tasks\bench-sys.job deleted C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job deleted C:\Documents and Settings\Gerda\Bureaublad\Continue Live Installation.lnk deleted "C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe" deleted "C:\0f0b43306f7d6932ea0a7992c9fdf0f5" deleted "C:\6ac175bc091376da9a251c" deleted "C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-08-04 20:05:53 6F78A5B98BCA1C83D9E44E3065BA54C4 1355 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\Gerda\LOCALS~1\Temp ==== 2014-08-10 16:54:51 7D93D7F8C92865D03E13ABE08446C2F9 289602 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\VOPackage.exe 2014-08-10 16:54:47 2C04981648312BC64D68A3A2712A2E15 4161699 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\systemspeedup_2207-962eb220.exe 2014-08-10 16:54:45 B0CAD5FC8087CCDEF628D6323B32EFAD 1691200 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\ins42.tmp.exe 2014-08-10 16:54:44 700D55B298D5961DAECBC30BA5D1EB73 6058560 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\OptimizerPro.exe 2014-08-10 16:54:44 6CE292A19EA203D91662F1AACB939F82 121064 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\SafetySearch_2907-83875e00.exe 2014-08-10 16:54:42 F06A14773E45B2C4BCD315EAB00814C7 4302584 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\RegClean_2207-6f297ecf.exe 2014-08-10 16:54:35 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\FLVMPlayerSetup-c45490cb.exe 2014-08-10 16:54:13 13B0085A03720E67FB8C73DB3F14609E 421056 ----atw- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\s474.exe 2014-08-10 07:18:56 BAED4410C7683FD4D048B0AB7616D761 171937 ------w- C:\Documents and Settings\Gerda\Local Settings\Temp\is45637729\140064_stp\Generic_vo.exe 2014-08-06 15:48:25 42EC539D183CB43BCFF89E72585902D5 384485 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\Quarantine.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsw70.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsw33.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsr37.exe ====== Java Cache ===== 2014-08-11 22:10:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-5abb528f ====== C:\WINDOWS\system32 ===== 2014-08-08 13:18:46 6818CC5AEB477497480269CE627DDF17 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-08-08 13:18:34 49E203776C2ACB289385168A9058EE9E 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\System32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\System32\java.exe 2014-08-06 17:18:28 180E1D44727EB72CB11EC5953C5E4C52 117760 ------w- C:\WINDOWS\System32\prntvpt.dll 2014-08-06 17:18:27 89B23B4BE691942072E0E3F7EDEB33B6 1676288 ------w- C:\WINDOWS\System32\xpssvcs.dll 2014-08-06 17:18:27 81C4B0077427391D582FBB1B6B9578CB 575488 ------w- C:\WINDOWS\System32\xpsshhdr.dll 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\System32\xp_eos.exe ====== C:\WINDOWS\system32\drivers ===== 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\System32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys ====== C:\WINDOWS\Tasks ====== 2014-08-07 14:09:43 7EC88B8F8F8CEBF26404E22D2FDD2197 366 ---ha-w- C:\WINDOWS\Tasks\MpIdleTask.job 2014-08-05 17:05:52 BB2E112E8953985AA28EE88FC3CAD7AE 222 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job 2014-08-05 17:05:48 3B7F9D918D68E7933EFD4D5B149575F0 216 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job 2014-08-04 20:38:04 F510302C830B49A6B33AB9E5D1DD7EE1 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-08-06 17:20:09 -------- d-----w- C:\Program Files\Reference Assemblies 2014-08-04 20:47:47 -------- d-----w- C:\Program Files\Common Files\DESIGNER ======= C: ===== ====== C:\Documents and Settings\Gerda\Application Data ====== 2014-08-11 14:32:51 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts 2014-08-11 14:32:37 -------- d-----w- C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player 2014-08-08 13:28:14 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun 2014-08-07 17:34:54 5FFBB9F997E5955E76AAF90329C58344 69232 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ====== C:\Documents and Settings\Gerda ====== 2014-08-04 19:45:24 -------- d--h--r- C:\Documents and Settings\Gerda\Onlangs geopend 2014-08-04 18:55:03 -------- d-----w- C:\Documents and Settings\Gerda\AppData ====== C: exe-files == 2014-08-12 11:32:52 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\RSIT[1].exe 2014-08-10 19:56:10 9D46D72131D0E36A79D4819F08EA0E0B 1366203 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\AdwCleaner[1].exe 2014-08-10 18:27:56 81C1D94FFD2C170A86C4C0C7B183E9EF 6837632 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\SPSetup[2].exe 2014-08-10 18:27:54 A90FAA6449A4BECA4466564510991BB1 177352 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\spstub[2].exe 2014-08-10 16:54:51 7D93D7F8C92865D03E13ABE08446C2F9 289602 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\VOPackage.exe 2014-08-10 16:54:47 2C04981648312BC64D68A3A2712A2E15 4161699 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\systemspeedup_2207-962eb220.exe 2014-08-10 16:54:45 B0CAD5FC8087CCDEF628D6323B32EFAD 1691200 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\ins42.tmp.exe 2014-08-10 16:54:44 700D55B298D5961DAECBC30BA5D1EB73 6058560 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\OptimizerPro.exe 2014-08-10 16:54:44 6CE292A19EA203D91662F1AACB939F82 121064 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\SafetySearch_2907-83875e00.exe 2014-08-10 16:54:42 F06A14773E45B2C4BCD315EAB00814C7 4302584 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\RegClean_2207-6f297ecf.exe 2014-08-10 16:54:35 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\FLVMPlayerSetup-c45490cb.exe 2014-08-10 16:54:13 13B0085A03720E67FB8C73DB3F14609E 421056 ----atw- C:\Documents and Settings\Gerda\Local Settings\Temp\n474\s474.exe 2014-08-10 07:18:56 BAED4410C7683FD4D048B0AB7616D761 171937 ------w- C:\Documents and Settings\Gerda\Local Settings\Temp\is45637729\140064_stp\Generic_vo.exe 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\system32\javaws.exe 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\system32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\system32\java.exe 2014-08-08 13:18:18 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-08-08 13:18:18 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-08-08 13:18:18 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-08-08 13:18:18 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-08-08 13:18:18 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-08-08 13:18:18 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-08-08 13:18:18 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-08-08 13:18:17 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-08-08 13:18:17 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-08-08 13:18:17 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-08-08 13:18:17 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-08-08 13:18:17 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-08-08 13:18:17 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-08-08 13:18:17 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-08-08 13:18:17 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-08-08 13:18:15 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-08-08 13:18:15 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-08-08 13:18:15 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-08-08 13:18:15 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-08-08 13:18:15 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-08-08 13:18:15 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-08-08 13:17:37 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Documents and Settings\Gerda\Application Data\Sun\Java\jre1.7.0_67\lzma.exe 2014-08-07 12:53:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Gerda.exe 2014-08-06 19:12:58 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\RECYCLER\S-1-5-21-1705022645-2691431146-1015858574-1007\Dc6.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 ------w- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2014-08-06 15:48:25 42EC539D183CB43BCFF89E72585902D5 384485 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\Quarantine.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsw70.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsw33.exe 2014-08-06 08:07:30 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temp\nsr37.exe === C: other files == 2014-08-08 13:18:19 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" "AGRSMMSG"="AGRSMMSG.exe" "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" "TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL" "Zooming"="ZoomingHook.exe" "TCtryIOHook"="TCtrlIOHook.exe" "TPSMain"="TPSMain.exe" "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" "TFncKy"="TFncKy.exe" "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" ==== Startup Folders ====================== 2014-08-07 15:07:59 1181 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\DesktopWeatherAlerts.lnk 2014-08-07 15:09:10 1149 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\Weather Alerts.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03-08-2014 15:21] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\MpIdleTask.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [08-08-2014 07:10] ==== Chrome Look ====================== YouTube - Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\Temp ==== Chromium Startpages ====================== C:\Documents and Settings\Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/" ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" "Search Page"="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms}" "Search Bar"="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms}" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms}" "Start Page"="http://search.gboxapp.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" "Default"="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms}" "CustomizeSearch"="http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms}" "Default_Search_URL"="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.startpagina.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{FAC8F604-A79A-48DA-B412-EE9BE4FD461A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {FAC8F604-A79A-48DA-B412-EE9BE4FD461A} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_nlNL457" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\Gerda\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489 C:\Documents and Settings\Gerda\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489 C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player\FLVM Player.lnk - C:\Program Files\FLVM Player\FLVMPlayer.exe C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player\Uninstall FLVM Player.lnk - C:\Program Files\FLVM Player\FLVPlayerUninstaller.exe C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\DesktopWeatherAlerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\Weather Alerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe /restart ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Adobe Reader X .lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe C:\Documents and Settings\All Users\Menu Start\Programma's\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about C:\Documents and Settings\All Users\Menu Start\Programma's\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update C:\Documents and Settings\All Users\Menu Start\Programma's\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Java\Get Help.lnk - C:\Documents and Settings\All Users\Menu Start\Programma's\Java\Visit Java.com.lnk - C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Gerda\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489 C:\Documents and Settings\Gerda\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE /recycle ==== shortcuts After Repair ====================== C:\Documents and Settings\Gerda\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Gerda\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Documents and Settings\Gerda\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4} deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Gerda\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Gerda\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts" not found ==== EOF on di 12-08-2014 at 22:29:13,98 ====================== Of is dit hem , deze stond in kladblok na herstart

Logfile of random's system information tool 1.10 (written by random/random) Run by Gerda at 2014-08-12 13:33:09 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 135 GB (89%) free of 153 GB Total RAM: 510 MB (13% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:33:17, on 12-8-2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ACS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\RSIT[1].exe C:\Program Files\trend micro\Gerda.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Webssearches} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = {searchTerms - (13)} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = {searchTerms - (13)} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Webssearches} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Webssearches} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = {searchTerms - (13)} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = {searchTerms - (13)} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Webssearches} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Webssearches} R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: DesktopWeatherAlerts.lnk = C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe O4 - Startup: Weather Alerts.lnk = C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe O8 - Extra context menu item: &Search - http://tbedits.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm069^YY^nl&si=pconverter&a=E2693A0F-6DE3-4CD5-929D-B4A2AE06A7D7&n=2013021607&cv=2 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296993521765 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe -- End of file - 10237 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task C:\WINDOWS\tasks\bench-S-1-5-21-1705022645-2691431146-1015858574-1007.job - C:\Program Files\Bench\Updater\updater.exe -runmode=checkupdate C:\WINDOWS\tasks\bench-sys.job - C:\Program Files\Bench\Updater\updater.exe -runmode=checkupdate C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\MpIdleTask.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job - C:\Program Files\RCP\RegCleanPro.exe -default ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-01-14 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-02-16 62864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-10-30 192512] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-12-01 1077327] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-28 88363] "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-01-21 675840] "TPNF"=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2004-11-29 53248] "TOSHIBA Accessibility"=C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [2004-12-07 24576] "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-12-23 28672] "SVPWUTIL"=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2005-02-25 65536] "Zooming"=C:\WINDOWS\system32\ZoomingHook.exe [2004-07-14 24576] "TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2005-02-16 28672] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-01-21 266240] "SmoothView"=C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe [2004-11-15 118784] "TFncKy"=TFncKy.exe [] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2004-11-12 73728] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-01-14 122939] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-22 339968] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] "VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-02-16 42536] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-03-02 65536] C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten DesktopWeatherAlerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe Weather Alerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-22 61440] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-08-11 16:33:01 ----D---- C:\Program Files\VideoDownloadConverter_4z 2014-08-11 16:33:01 ----D---- C:\Documents and Settings\Gerda\Application Data\VideoDownloadConverter_4z 2014-08-11 16:33:00 ----D---- C:\Program Files\Giant Savings Extension 2014-08-11 16:33:00 ----D---- C:\Program Files\DealPly 2014-08-11 16:33:00 ----D---- C:\Program Files\cosstminn 2014-08-11 16:33:00 ----D---- C:\Program Files\ComPlus Applications 2014-08-11 16:32:59 ----D---- C:\Program Files\MyPC Backup 2014-08-11 16:32:58 ----D---- C:\SUPPORT 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\webssearches 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\Babylon 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\BabSolution 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\Ask 2014-08-11 16:32:48 ----SHD---- C:\RECYCLER 2014-08-11 16:32:26 ----D---- C:\Program Files\FLVM Player 2014-08-11 16:32:24 ----D---- C:\Program Files\Zebar 2014-08-10 21:56:51 ----D---- C:\AdwCleaner 2014-08-10 18:56:16 ----D---- C:\Documents and Settings\Gerda\Application Data\Protect 2014-08-10 18:54:55 ----D---- C:\Documents and Settings\Gerda\Application Data\{1EDE0D83-B129-4ABC-923B-725D5B0C0DAC} 2014-08-09 19:24:54 ----D---- C:\RECYCLER(2) 2014-08-09 19:00:45 ----D---- C:\WINDOWS\Temp 2014-08-08 15:18:46 ----A---- C:\WINDOWS\system32\javaws.exe 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\javaw.exe 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\java.exe 2014-08-08 07:23:27 ----D---- C:\zoek_backup 2014-08-07 22:00:53 ----D---- C:\0f0b43306f7d6932ea0a7992c9fdf0f5 2014-08-07 20:01:28 ----D---- C:\6ac175bc091376da9a251c 2014-08-07 15:30:29 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software 2014-08-07 14:53:24 ----D---- C:\rsit 2014-08-06 19:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2014-08-06 19:20:56 ----D---- C:\WINDOWS\system32\XPSViewer 2014-08-06 19:20:09 ----D---- C:\Program Files\Reference Assemblies 2014-08-06 19:18:28 ----N---- C:\WINDOWS\system32\prntvpt.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2014-08-06 19:18:25 ----D---- C:\dec4a3b3339f90200e6f2657a9e372 2014-08-04 22:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$ 2014-08-04 22:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$ 2014-08-04 22:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$ 2014-08-04 22:50:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$ 2014-08-04 22:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$ 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files\DESIGNER 2014-08-04 22:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$ 2014-08-04 22:05:53 ----A---- C:\WINDOWS\imsins.BAK 2014-08-04 22:04:23 ----A---- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 21:38:26 ----D---- C:\Program Files\CCleaner 2014-08-04 19:43:00 ----N---- C:\WINDOWS\system32\xp_eos.exe 2014-08-03 15:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$ ======List of files/folders modified in the last 1 month====== 2014-08-12 13:33:13 ----D---- C:\Program Files\Trend Micro 2014-08-12 13:29:02 ----D---- C:\WINDOWS\Microsoft.NET 2014-08-12 08:40:02 ----SHD---- C:\WINDOWS\Installer 2014-08-12 08:40:02 ----D---- C:\WINDOWS\WinSxS 2014-08-12 08:40:02 ----D---- C:\Config.Msi 2014-08-12 08:40:00 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-08-12 00:10:36 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-08-11 16:33:50 ----D---- C:\WINDOWS\system32\config 2014-08-11 16:33:28 ----D---- C:\WINDOWS\system32\wbem 2014-08-11 16:33:28 ----D---- C:\WINDOWS\Registration 2014-08-11 16:32:50 ----D---- C:\WINDOWS 2014-08-11 16:32:22 ----D---- C:\WINDOWS\system32 2014-08-10 22:45:16 ----D---- C:\WINDOWS\network diagnostic 2014-08-10 22:31:18 ----D---- C:\WINDOWS\system32\drivers 2014-08-10 22:31:15 ----D---- C:\Program Files 2014-08-10 20:32:54 ----SD---- C:\WINDOWS\Tasks 2014-08-10 20:27:12 ----D---- C:\WINDOWS\Prefetch 2014-08-08 17:42:37 ----A---- C:\WINDOWS\win.ini 2014-08-08 16:36:10 ----RSD---- C:\WINDOWS\assembly 2014-08-08 15:18:54 ----D---- C:\Program Files\Common Files\Java 2014-08-08 15:18:08 ----D---- C:\Program Files\Java 2014-08-07 16:16:07 ----D---- C:\WINDOWS\system32\CatRoot2 2014-08-07 16:03:41 ----D---- C:\Program Files\Microsoft Security Client 2014-08-06 19:57:26 ----D---- C:\WINDOWS\inf 2014-08-06 19:57:14 ----D---- C:\WINDOWS\system32\CatRoot 2014-08-06 19:57:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-08-06 19:31:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-08-06 19:20:43 ----D---- C:\WINDOWS\system32\en-US 2014-08-06 19:20:40 ----D---- C:\Program Files\MSBuild 2014-08-06 19:20:29 ----RSD---- C:\WINDOWS\Fonts 2014-08-06 19:19:08 ----D---- C:\WINDOWS\system32\spool 2014-08-05 19:04:40 ----D---- C:\Program Files\Microsoft Silverlight 2014-08-04 22:57:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-08-04 22:52:51 ----D---- C:\WINDOWS\ie8updates 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files 2014-08-04 22:19:59 ----D---- C:\WINDOWS\system32\MRT 2014-08-04 22:13:17 ----D---- C:\WINDOWS\Debug 2014-08-04 22:05:45 ----D---- C:\Program Files\Internet Explorer 2014-08-04 21:21:35 ----D---- C:\Program Files\Google 2014-08-04 21:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2014-08-04 19:32:06 ----D---- C:\Documents and Settings 2014-08-03 15:20:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-08-17 87168] R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R1 {9f93bd66-d3d2-427d-b37f-743603e2388d}Gt;{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt; C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys [2014-07-25 55224] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 SerTVOutCtlr;TOSHIBA Controls Driver -EPIOMngr; C:\WINDOWS\system32\drivers\EPIOMngr.sys [2004-07-30 6400] R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2004-07-29 6400] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-29 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-02-25 8704] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.10; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2011-02-06 15890] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-01-14 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-01-14 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-01-14 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-01-14 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-01-14 87706] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-01-14 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-01-14 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-01-14 99098] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-01-14 100603] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-28 1270572] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-27 2284864] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-08 101833] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2004-12-22 393600] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-22 986624] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-02-11 157056] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-01-08 29184] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 StickyMesger;StickyMesger; \??\C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\catchme.sys [] S3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sffdisk;SFF Storage Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Stuurprogramma volgens SFF-opslagprotocol voor SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-06-16 46080] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\ACS.exe [2004-07-07 36864] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-22 352256] R2 Irmon;Infraroodmonitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-08-08 182696] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912] S2 40030ae4;Supporter; c:\progra~1\suppor~1\SupporterSvc.dll,service [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-03 262320] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- - - - Updated - - - Logfile of random's system information tool 1.10 (written by random/random) Run by Gerda at 2014-08-12 13:33:09 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 135 GB (89%) free of 153 GB Total RAM: 510 MB (13% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:33:17, on 12-8-2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ACS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\G87U6WV0\RSIT[1].exe C:\Program Files\trend micro\Gerda.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOHNtCjEKa5Dd2hrra5r9ZYFNVoXlG-oGyh7x_3hLkVBBFpNAbrym2NQhSkcw0euGgntdURKsKyJzOqxj7OKEVar5-6-PyTv50sdFkcCHkoummsYlZ9n2cEPsx_ove4LNWbyX18h3_5nIA,,&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://istart.webssearches.com/web/?type=ds&ts=1407423989&from=obw&uid=WDCXWD1600BEVE-00A0HT0_WD-WX10E495148951489&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: DesktopWeatherAlerts.lnk = C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe O4 - Startup: Weather Alerts.lnk = C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe O8 - Extra context menu item: &Search - http://tbedits.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm069^YY^nl&si=pconverter&a=E2693A0F-6DE3-4CD5-929D-B4A2AE06A7D7&n=2013021607&cv=2 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296993521765 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe -- End of file - 10237 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task C:\WINDOWS\tasks\bench-S-1-5-21-1705022645-2691431146-1015858574-1007.job - C:\Program Files\Bench\Updater\updater.exe -runmode=checkupdate C:\WINDOWS\tasks\bench-sys.job - C:\Program Files\Bench\Updater\updater.exe -runmode=checkupdate C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\MpIdleTask.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job - C:\Program Files\RCP\RegCleanPro.exe -default ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-01-14 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-02-16 62864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-10-30 192512] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-12-01 1077327] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-28 88363] "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-01-21 675840] "TPNF"=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2004-11-29 53248] "TOSHIBA Accessibility"=C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [2004-12-07 24576] "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-12-23 28672] "SVPWUTIL"=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2005-02-25 65536] "Zooming"=C:\WINDOWS\system32\ZoomingHook.exe [2004-07-14 24576] "TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2005-02-16 28672] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-01-21 266240] "SmoothView"=C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe [2004-11-15 118784] "TFncKy"=TFncKy.exe [] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2004-11-12 73728] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-01-14 122939] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-22 339968] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] "VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-02-16 42536] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-03-02 65536] C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten DesktopWeatherAlerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe Weather Alerts.lnk - C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-22 61440] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-08-11 16:33:01 ----D---- C:\Program Files\VideoDownloadConverter_4z 2014-08-11 16:33:01 ----D---- C:\Documents and Settings\Gerda\Application Data\VideoDownloadConverter_4z 2014-08-11 16:33:00 ----D---- C:\Program Files\Giant Savings Extension 2014-08-11 16:33:00 ----D---- C:\Program Files\DealPly 2014-08-11 16:33:00 ----D---- C:\Program Files\cosstminn 2014-08-11 16:33:00 ----D---- C:\Program Files\ComPlus Applications 2014-08-11 16:32:59 ----D---- C:\Program Files\MyPC Backup 2014-08-11 16:32:58 ----D---- C:\SUPPORT 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\webssearches 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\Babylon 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\Gerda\Application Data\BabSolution 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect 2014-08-11 16:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\Ask 2014-08-11 16:32:48 ----SHD---- C:\RECYCLER 2014-08-11 16:32:26 ----D---- C:\Program Files\FLVM Player 2014-08-11 16:32:24 ----D---- C:\Program Files\Zebar 2014-08-10 21:56:51 ----D---- C:\AdwCleaner 2014-08-10 18:56:16 ----D---- C:\Documents and Settings\Gerda\Application Data\Protect 2014-08-10 18:54:55 ----D---- C:\Documents and Settings\Gerda\Application Data\{1EDE0D83-B129-4ABC-923B-725D5B0C0DAC} 2014-08-09 19:24:54 ----D---- C:\RECYCLER(2) 2014-08-09 19:00:45 ----D---- C:\WINDOWS\Temp 2014-08-08 15:18:46 ----A---- C:\WINDOWS\system32\javaws.exe 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\javaw.exe 2014-08-08 15:18:34 ----A---- C:\WINDOWS\system32\java.exe 2014-08-08 07:23:27 ----D---- C:\zoek_backup 2014-08-07 22:00:53 ----D---- C:\0f0b43306f7d6932ea0a7992c9fdf0f5 2014-08-07 20:01:28 ----D---- C:\6ac175bc091376da9a251c 2014-08-07 15:30:29 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software 2014-08-07 14:53:24 ----D---- C:\rsit 2014-08-06 19:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2014-08-06 19:20:56 ----D---- C:\WINDOWS\system32\XPSViewer 2014-08-06 19:20:09 ----D---- C:\Program Files\Reference Assemblies 2014-08-06 19:18:28 ----N---- C:\WINDOWS\system32\prntvpt.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2014-08-06 19:18:25 ----D---- C:\dec4a3b3339f90200e6f2657a9e372 2014-08-04 22:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$ 2014-08-04 22:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$ 2014-08-04 22:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$ 2014-08-04 22:50:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$ 2014-08-04 22:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$ 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files\DESIGNER 2014-08-04 22:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$ 2014-08-04 22:05:53 ----A---- C:\WINDOWS\imsins.BAK 2014-08-04 22:04:23 ----A---- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 21:38:26 ----D---- C:\Program Files\CCleaner 2014-08-04 19:43:00 ----N---- C:\WINDOWS\system32\xp_eos.exe 2014-08-03 15:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$ ======List of files/folders modified in the last 1 month====== 2014-08-12 13:33:13 ----D---- C:\Program Files\Trend Micro 2014-08-12 13:29:02 ----D---- C:\WINDOWS\Microsoft.NET 2014-08-12 08:40:02 ----SHD---- C:\WINDOWS\Installer 2014-08-12 08:40:02 ----D---- C:\WINDOWS\WinSxS 2014-08-12 08:40:02 ----D---- C:\Config.Msi 2014-08-12 08:40:00 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-08-12 00:10:36 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-08-11 16:33:50 ----D---- C:\WINDOWS\system32\config 2014-08-11 16:33:28 ----D---- C:\WINDOWS\system32\wbem 2014-08-11 16:33:28 ----D---- C:\WINDOWS\Registration 2014-08-11 16:32:50 ----D---- C:\WINDOWS 2014-08-11 16:32:22 ----D---- C:\WINDOWS\system32 2014-08-10 22:45:16 ----D---- C:\WINDOWS\network diagnostic 2014-08-10 22:31:18 ----D---- C:\WINDOWS\system32\drivers 2014-08-10 22:31:15 ----D---- C:\Program Files 2014-08-10 20:32:54 ----SD---- C:\WINDOWS\Tasks 2014-08-10 20:27:12 ----D---- C:\WINDOWS\Prefetch 2014-08-08 17:42:37 ----A---- C:\WINDOWS\win.ini 2014-08-08 16:36:10 ----RSD---- C:\WINDOWS\assembly 2014-08-08 15:18:54 ----D---- C:\Program Files\Common Files\Java 2014-08-08 15:18:08 ----D---- C:\Program Files\Java 2014-08-07 16:16:07 ----D---- C:\WINDOWS\system32\CatRoot2 2014-08-07 16:03:41 ----D---- C:\Program Files\Microsoft Security Client 2014-08-06 19:57:26 ----D---- C:\WINDOWS\inf 2014-08-06 19:57:14 ----D---- C:\WINDOWS\system32\CatRoot 2014-08-06 19:57:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-08-06 19:31:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-08-06 19:20:43 ----D---- C:\WINDOWS\system32\en-US 2014-08-06 19:20:40 ----D---- C:\Program Files\MSBuild 2014-08-06 19:20:29 ----RSD---- C:\WINDOWS\Fonts 2014-08-06 19:19:08 ----D---- C:\WINDOWS\system32\spool 2014-08-05 19:04:40 ----D---- C:\Program Files\Microsoft Silverlight 2014-08-04 22:57:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-08-04 22:52:51 ----D---- C:\WINDOWS\ie8updates 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files 2014-08-04 22:19:59 ----D---- C:\WINDOWS\system32\MRT 2014-08-04 22:13:17 ----D---- C:\WINDOWS\Debug 2014-08-04 22:05:45 ----D---- C:\Program Files\Internet Explorer 2014-08-04 21:21:35 ----D---- C:\Program Files\Google 2014-08-04 21:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2014-08-04 19:32:06 ----D---- C:\Documents and Settings 2014-08-03 15:20:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-08-17 87168] R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R1 {9f93bd66-d3d2-427d-b37f-743603e2388d}Gt;{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt; C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys [2014-07-25 55224] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 SerTVOutCtlr;TOSHIBA Controls Driver -EPIOMngr; C:\WINDOWS\system32\drivers\EPIOMngr.sys [2004-07-30 6400] R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2004-07-29 6400] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-29 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-02-25 8704] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.10; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2011-02-06 15890] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-01-14 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-01-14 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-01-14 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-01-14 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-01-14 87706] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-01-14 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-01-14 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-01-14 99098] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-01-14 100603] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-28 1270572] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-27 2284864] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-08 101833] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2004-12-22 393600] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-22 986624] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-02-11 157056] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-01-08 29184] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 StickyMesger;StickyMesger; \??\C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\catchme.sys [] S3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sffdisk;SFF Storage Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Stuurprogramma volgens SFF-opslagprotocol voor SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-06-16 46080] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\ACS.exe [2004-07-07 36864] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-22 352256] R2 Irmon;Infraroodmonitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-08-08 182696] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912] S2 40030ae4;Supporter; c:\progra~1\suppor~1\SupporterSvc.dll,service [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-03 262320] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Hersteld naar 9 augustus 2014. Zo op het eerste gezicht werkt alles weer. Pfffff -zucht

Nog even een aanvulling op de vorige : Volgens mij is het mis gegaan bij opdracht #34 . Daarna kreeg ik het scherm webpagina kan niet ...... Stond er in foto # 31 iets aangevinkt wat niet moest misschien ? ik vind dit echt balen , want we zaten heel dicht bij een leuk draaiende computer . Mocht ik iets fout hebben gedaan , dan sorry !

En toen had ik ook een mooi logje . Maar toen ik het wilde versturen naar jullie was alles weg , en kreeg het beeld : de webpagina kan niet worden weergegeven , en moet ik de verbindingsproblemen vast stellen . De uitkomst daarvan is : er kan geen internetverbinding via HTTP,HTTPS, of FTP wordengemaakt. Dit wordt waarschijnlijk veroorzaakt door de instellingen van de firewall op deze computer . Controleer de instellingen van de firewall voor HTTP poort ( 80 HTTPS- poort ( 21 ) Als ik firewall controleer staat deze gewoon aangevinkt

De foto die ik meestuurde , is het resultaat van scannen . Moet ik de vinkjes weg halen ? Of moet ik zoals het nu staat op verwijderen klikken ?

ik krijg nu dit scherm Hoe verder ?,moet ikook mappen -bestanden-snelkoppelingen - taken - register -enz doen ?

En dat is het nu, als ik er op klik , en klik op openen dan krijg ik een scherm dat het niet mag Dat negeer ik dan en dan komt er een scherm waar ik niet zie waar ik mee verder kom Ik heb 2 foto,s gemaakt , 1 van het dat het niet mag , en de 2 e als ik toch doorga

Ik dubbelklik op download : AdwCleaner Dan krijg ik een schermpje waar ik kan kiezen : openen - openen in nieuw tabblad - openen in nieuw venster - doel opslaan als - doel afdrukken - snelkoppeling kopieren - bloggen met windows live - email verzenden met windows live - vertalen met live search - alleaccelators - aan favorieten toevoegen - eigenschappen Verder staan er nog vaag : knippen - kopieren - plakken

Hoe kan ik Adw cleaner naar mijn bureaublad kopieren ? En hoe krijg ik : Als administrator uitvoeren ? En als ik Adw cleaner aanklik krijg ik een bericht dat er een probleem is met het beveiligingscertificaat .

Zoek.exe v5.0.0.0 Updated 04-August-2014 Tool run by Gerda on zo 10-08-2014 at 10:32:40,85. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\DOCUME~1\Gerda\LOCALS~1\Temp\Rar$EX66.960\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-08-08-134842.log 27170 bytes C:\zoek-results2014-08-09-091355.log 38616 bytes C:\zoek-results2014-08-09-170307.log 22387 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 6. [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] 7. "VideoDownloadConverter Search Scope Monitor"=- ==== Deleting Files \ Folders ====================== 3. C:\Program Files\Zebar not found 4. C:\Program Files\FLVM Player not found 5. C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player not found ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-08-04 20:05:53 6F78A5B98BCA1C83D9E44E3065BA54C4 1355 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\Gerda\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-08-08 13:18:46 6818CC5AEB477497480269CE627DDF17 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-08-08 13:18:34 49E203776C2ACB289385168A9058EE9E 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\System32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\System32\java.exe 2014-08-06 17:18:28 180E1D44727EB72CB11EC5953C5E4C52 117760 ------w- C:\WINDOWS\System32\prntvpt.dll 2014-08-06 17:18:27 89B23B4BE691942072E0E3F7EDEB33B6 1676288 ------w- C:\WINDOWS\System32\xpssvcs.dll 2014-08-06 17:18:27 81C4B0077427391D582FBB1B6B9578CB 575488 ------w- C:\WINDOWS\System32\xpsshhdr.dll 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\System32\xp_eos.exe ====== C:\WINDOWS\system32\drivers ===== 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\System32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys ====== C:\WINDOWS\Tasks ====== 2014-08-07 14:09:43 7EC88B8F8F8CEBF26404E22D2FDD2197 366 ---ha-w- C:\WINDOWS\Tasks\MpIdleTask.job 2014-08-05 17:05:52 E348873E426AFFFD720380826C8D39C9 222 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job 2014-08-05 17:05:48 3B7F9D918D68E7933EFD4D5B149575F0 216 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job 2014-08-04 20:38:04 F510302C830B49A6B33AB9E5D1DD7EE1 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-08-06 17:20:09 -------- d-----w- C:\Program Files\Reference Assemblies 2014-08-04 20:47:47 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-08-04 18:56:41 -------- d-----w- C:\Program Files\Zebar 2014-08-04 18:53:42 -------- d-----w- C:\Program Files\FLVM Player ======= C: ===== ====== C:\Documents and Settings\Gerda\Application Data ====== 2014-08-08 13:28:14 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun 2014-08-07 17:34:54 5FFBB9F997E5955E76AAF90329C58344 69232 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-08-04 18:54:12 -------- d-----w- C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player ====== C:\Documents and Settings\Gerda ====== 2014-08-04 19:45:24 -------- d--h--r- C:\Documents and Settings\Gerda\Onlangs geopend 2014-08-04 18:55:03 -------- d-----w- C:\Documents and Settings\Gerda\AppData ====== C: exe-files == 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\system32\javaws.exe 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\system32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\system32\java.exe 2014-08-08 13:18:18 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-08-08 13:18:18 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-08-08 13:18:18 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-08-08 13:18:18 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-08-08 13:18:18 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-08-08 13:18:18 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-08-08 13:18:18 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-08-08 13:18:17 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-08-08 13:18:17 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-08-08 13:18:17 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-08-08 13:18:17 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-08-08 13:18:17 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-08-08 13:18:17 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-08-08 13:18:17 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-08-08 13:18:17 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-08-08 13:18:15 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-08-08 13:18:15 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-08-08 13:18:15 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-08-08 13:18:15 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-08-08 13:18:15 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-08-08 13:18:15 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-08-08 13:17:37 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Documents and Settings\Gerda\Application Data\Sun\Java\jre1.7.0_67\lzma.exe 2014-08-07 13:20:48 718476F73BC55A62BCAFDDA22395728A 239384 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowse.exe 2014-08-07 12:53:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Gerda.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 ------w- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2014-08-04 20:53:08 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2964358-IE8\spuninst\spuninst.exe 2014-08-04 20:05:39 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\spuninst\spuninst.exe 2014-08-04 20:05:34 9690B079450A711BC1942D0E1FD7AC37 174592 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\ie4uinit.exe 2014-08-04 20:04:23 763960F8A4C8F0F3C9859AF143BA0271 96536 ----a-w- C:\Program Files\Zebar\bin\Zebar.BrowserAdapter.exe 2014-08-04 20:02:23 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\bin\utilZebar.exe 2014-08-04 18:58:34 269F314B87E6222A20E5F745B6B89783 2869264 ----a-w- C:\Program Files\Zebar\dotNetFx35setup.exe 2014-08-04 18:57:30 D8E577E956B7C248B6A1733169A3D2E5 241151 ----a-w- C:\Program Files\Zebar\ZebarUninstall.exe 2014-08-04 18:57:29 91188398D2511562E4B55319984172CB 1123608 ----a-w- C:\Program Files\Zebar\Zebar.FirstRun.exe 2014-08-04 18:54:17 AEDF260AD28B751B8B748A2ADBD01300 44253 ----a-w- C:\Program Files\FLVM Player\Uninstaller.exe 2014-08-04 18:31:30 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\updateZebar.exe 2014-08-04 18:31:30 734B0546EE0BCDBA1E0BEDCC505386B3 135960 ----a-w- C:\Program Files\Zebar\updater.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 -c----w- C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\system32\xp_eos.exe === C: other files == 2014-08-08 13:18:19 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 20:04:20 3B5B087A4BE2B128FFA2014FBF4F9485 372356 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowseG.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" "AGRSMMSG"="AGRSMMSG.exe" "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" "TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL" "Zooming"="ZoomingHook.exe" "TCtryIOHook"="TCtrlIOHook.exe" "TPSMain"="TPSMain.exe" "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" "TFncKy"="TFncKy.exe" "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "VideoDownloadConverter Search Scope Monitor"="C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe /m=2 /w /h" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" ==== Startup Folders ====================== 2014-08-07 15:07:59 1181 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\DesktopWeatherAlerts.lnk 2014-08-07 15:09:10 1149 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\Weather Alerts.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03-08-2014 15:21] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\MpIdleTask.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=355 folders=73 237634023 bytes) ==== EOF on zo 10-08-2014 at 10:38:04,32 ======================

Zoek.exe v5.0.0.0 Updated 04-August-2014 Tool run by Gerda on za 09-08-2014 at 18:38:12,04. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\DOCUME~1\Gerda\LOCALS~1\Temp\Rar$EX84.328\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-08-134842.log 27170 bytes C:\zoek-results2014-08-09-091355.log 38616 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 6. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VideoDownloadConverter Search Scope Monitor"=- ==== Deleting Files \ Folders ====================== 2. C:\Program Files\MyPC Backup not found 3. C:\Program Files\Zebar not found 4. C:\Program Files\cosstminn not found 5. C:\Documents and Settings\Gerda\Application Data\webssearches not found ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-08-04 20:05:53 6F78A5B98BCA1C83D9E44E3065BA54C4 1355 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\Gerda\LOCALS~1\Temp ==== 2014-08-07 15:03:01 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\vcredist_x86.exe 2014-08-07 15:02:48 23128747B91B2F635A46B252F84C2EE1 5553368 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\BackupSetup.exe 2014-08-07 15:01:54 5CC99B42315686C0046EA44A69862C55 10200072 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\91407423675\1_Offer_15.exe 2014-08-07 15:01:14 B950B7D00028A589F3A6B9889DE51782 809856 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\rdms.exe 2014-08-07 09:33:06 386C66D3274A86E54D8463744BF25ED8 172179 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\1954544_stp\Generic_vo.exe 2014-08-04 18:55:06 AB29E25D21305D5BC1E7D23DC0E57000 5693496 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\optprosetup.exe 2014-08-04 18:53:59 60C86C38C11E191AAB741213232929CF 5870656 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\OptimizerPro.exe 2014-08-04 18:53:51 15515D70A1DCCEDE65C3242A3CD96B1B 290705 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\VOPackage.exe 2014-08-04 18:53:42 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\RegClean_0307-7366cb4a.exe 2014-08-04 18:53:31 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\systemsspeedup_0307-cd6becd7.exe 2014-08-04 18:53:21 0D0485EE935ACE396096EAB7FDE9A8BF 473688 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\Zebar_0104-57366623.exe 2014-08-04 18:53:17 8E21CF282EDB9C01A422690769EAB7DA 413184 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\CostMinInstaller.exe 2014-08-04 18:53:15 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:53:06 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\s2059.exe 2014-08-04 18:51:50 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:51:36 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\s1765.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\7271119_stp\Generic_vo.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\275509_stp\Generic_vo.exe ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-08-08 13:18:46 6818CC5AEB477497480269CE627DDF17 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-08-08 13:18:34 49E203776C2ACB289385168A9058EE9E 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\System32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\System32\java.exe 2014-08-06 17:18:28 180E1D44727EB72CB11EC5953C5E4C52 117760 ------w- C:\WINDOWS\System32\prntvpt.dll 2014-08-06 17:18:27 89B23B4BE691942072E0E3F7EDEB33B6 1676288 ------w- C:\WINDOWS\System32\xpssvcs.dll 2014-08-06 17:18:27 81C4B0077427391D582FBB1B6B9578CB 575488 ------w- C:\WINDOWS\System32\xpsshhdr.dll 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\System32\xp_eos.exe ====== C:\WINDOWS\system32\drivers ===== 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\System32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys ====== C:\WINDOWS\Tasks ====== 2014-08-07 14:09:43 7EC88B8F8F8CEBF26404E22D2FDD2197 366 ---ha-w- C:\WINDOWS\Tasks\MpIdleTask.job 2014-08-05 17:05:52 2E5391B5A1BEA1AE47A3C02D25089F94 222 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job 2014-08-05 17:05:48 3B7F9D918D68E7933EFD4D5B149575F0 216 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job 2014-08-04 20:38:04 F510302C830B49A6B33AB9E5D1DD7EE1 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-08-06 17:20:09 -------- d-----w- C:\Program Files\Reference Assemblies 2014-08-04 20:47:47 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-08-04 18:56:41 -------- d-----w- C:\Program Files\Zebar 2014-08-04 18:53:42 -------- d-----w- C:\Program Files\FLVM Player ======= C: ===== ====== C:\Documents and Settings\Gerda\Application Data ====== 2014-08-08 13:28:14 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun 2014-08-07 17:34:54 5FFBB9F997E5955E76AAF90329C58344 69232 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-08-04 18:54:12 -------- d-----w- C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player ====== C:\Documents and Settings\Gerda ====== 2014-08-04 19:45:24 -------- d--h--r- C:\Documents and Settings\Gerda\Onlangs geopend 2014-08-04 18:55:03 -------- d-----w- C:\Documents and Settings\Gerda\AppData ====== C: exe-files == 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\system32\javaws.exe 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\system32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\system32\java.exe 2014-08-08 13:18:18 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-08-08 13:18:18 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-08-08 13:18:18 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-08-08 13:18:18 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-08-08 13:18:18 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-08-08 13:18:18 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-08-08 13:18:18 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-08-08 13:18:17 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-08-08 13:18:17 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-08-08 13:18:17 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-08-08 13:18:17 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-08-08 13:18:17 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-08-08 13:18:17 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-08-08 13:18:17 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-08-08 13:18:17 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-08-08 13:18:15 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-08-08 13:18:15 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-08-08 13:18:15 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-08-08 13:18:15 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-08-08 13:18:15 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-08-08 13:18:15 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-08-08 13:17:37 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Documents and Settings\Gerda\Application Data\Sun\Java\jre1.7.0_67\lzma.exe 2014-08-07 15:03:01 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\vcredist_x86.exe 2014-08-07 15:02:48 23128747B91B2F635A46B252F84C2EE1 5553368 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\BackupSetup.exe 2014-08-07 15:01:54 5CC99B42315686C0046EA44A69862C55 10200072 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\91407423675\1_Offer_15.exe 2014-08-07 15:01:14 B950B7D00028A589F3A6B9889DE51782 809856 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\rdms.exe 2014-08-07 13:20:48 718476F73BC55A62BCAFDDA22395728A 239384 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowse.exe 2014-08-07 12:53:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Gerda.exe 2014-08-07 09:33:06 386C66D3274A86E54D8463744BF25ED8 172179 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\1954544_stp\Generic_vo.exe 2014-08-06 19:12:58 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\RECYCLER\S-1-5-21-1705022645-2691431146-1015858574-1007\Dc6.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 ------w- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2014-08-04 20:53:08 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2964358-IE8\spuninst\spuninst.exe 2014-08-04 20:05:39 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\spuninst\spuninst.exe 2014-08-04 20:05:34 9690B079450A711BC1942D0E1FD7AC37 174592 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\ie4uinit.exe 2014-08-04 20:04:23 763960F8A4C8F0F3C9859AF143BA0271 96536 ----a-w- C:\Program Files\Zebar\bin\Zebar.BrowserAdapter.exe 2014-08-04 20:02:23 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\bin\utilZebar.exe 2014-08-04 18:58:34 269F314B87E6222A20E5F745B6B89783 2869264 ----a-w- C:\Program Files\Zebar\dotNetFx35setup.exe 2014-08-04 18:57:30 D8E577E956B7C248B6A1733169A3D2E5 241151 ----a-w- C:\Program Files\Zebar\ZebarUninstall.exe 2014-08-04 18:57:29 91188398D2511562E4B55319984172CB 1123608 ----a-w- C:\Program Files\Zebar\Zebar.FirstRun.exe 2014-08-04 18:55:06 AB29E25D21305D5BC1E7D23DC0E57000 5693496 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\optprosetup.exe 2014-08-04 18:54:17 AEDF260AD28B751B8B748A2ADBD01300 44253 ----a-w- C:\Program Files\FLVM Player\Uninstaller.exe 2014-08-04 18:53:59 60C86C38C11E191AAB741213232929CF 5870656 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\OptimizerPro.exe 2014-08-04 18:53:51 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\RECYCLER\S-1-5-21-1705022645-2691431146-1015858574-1007\Dc2.exe 2014-08-04 18:53:51 15515D70A1DCCEDE65C3242A3CD96B1B 290705 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\VOPackage.exe 2014-08-04 18:53:42 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\RegClean_0307-7366cb4a.exe 2014-08-04 18:53:31 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\systemsspeedup_0307-cd6becd7.exe 2014-08-04 18:53:21 0D0485EE935ACE396096EAB7FDE9A8BF 473688 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\Zebar_0104-57366623.exe 2014-08-04 18:53:17 8E21CF282EDB9C01A422690769EAB7DA 413184 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\CostMinInstaller.exe 2014-08-04 18:53:15 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:53:06 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\s2059.exe 2014-08-04 18:51:50 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:51:36 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\s1765.exe 2014-08-04 18:31:30 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\updateZebar.exe 2014-08-04 18:31:30 734B0546EE0BCDBA1E0BEDCC505386B3 135960 ----a-w- C:\Program Files\Zebar\updater.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 -c----w- C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\system32\xp_eos.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\7271119_stp\Generic_vo.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\275509_stp\Generic_vo.exe === C: other files == 2014-08-08 13:18:19 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 20:04:20 3B5B087A4BE2B128FFA2014FBF4F9485 372356 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowseG.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" "AGRSMMSG"="AGRSMMSG.exe" "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" "TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL" "Zooming"="ZoomingHook.exe" "TCtryIOHook"="TCtrlIOHook.exe" "TPSMain"="TPSMain.exe" "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" "TFncKy"="TFncKy.exe" "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "VideoDownloadConverter Search Scope Monitor"="C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe /m=2 /w /h" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" ==== Startup Folders ====================== 2014-08-07 15:07:59 1181 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\DesktopWeatherAlerts.lnk 2014-08-07 15:09:10 1149 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\Weather Alerts.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03-08-2014 15:21] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\MpIdleTask.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [08-08-2014 07:10] ==== Chrome Look ====================== YouTube - Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\Temp ==== Chromium Startpages ====================== C:\Documents and Settings\Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "Gadgetbox Search", ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{FAC8F604-A79A-48DA-B412-EE9BE4FD461A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="{searchTerms - Google Search}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {FAC8F604-A79A-48DA-B412-EE9BE4FD461A} Google Url="{searchTerms} - Google Search" ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Gerda\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=355 folders=73 237634023 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Gerda\Local Settings\temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Gerda\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on za 09-08-2014 at 19:03:07,75 ======================

Hoe en waarom weet ik niet , maar ik heb eerder wel een log kunnen verzenden , maar ik weet echt niet meer hoe ik dat voor elkaar heb gekregen . Ik ga dus naar zoek exe , en dan ga ik de code selecteren , en dan kopieren Dan ga ik naar word , en doe ctrl = v Maar hoe verder , en dan gaat hij dus zoeken , en als dat logje klaar is hoe krijg ik deze in het grote scherm?

Zoek.exe v5.0.0.0 Updated 07-August-2014 Tool run by Gerda on vr 08-08-2014 at 15:31:56,71. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\0JRBYD4P\zoek[2].exe [scan all users] [script inserted] ==== System Restore Info ====================== 8-8-2014 15:41:08 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\focusbase deleted successfully C:\Documents and Settings\Default User\Application Data\AdobeUM deleted successfully C:\Documents and Settings\Default User\Application Data\Symantec deleted successfully C:\Documents and Settings\Gerda\Application Data\AdobeUM deleted successfully C:\Documents and Settings\Gerda\Application Data\BabylonToolbar deleted successfully C:\Documents and Settings\Gerda\Application Data\Symantec deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully HKEY_CLASSES_ROOT\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UpdaterSvcZebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UpdaterSvcZebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Zebar deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VideoDownloadConverter_4zService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VideoDownloadConverter_4zService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6236E2B5-1BC1-2CD3-76D9-631EAFABC24D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf8c409e-f507-4f95-b6dd-bf1eecf85c9d}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VideoDownloadConverter_4z Browser Plugin Loader"=- ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Application Data\Systweak deleted C:\4eabd783f092732bc14cafd83d34b4 deleted C:\Documents and Settings\Gerda\Application Data\Systweak deleted C:\Program Files\Supporter deleted C:\Documents and Settings\All Users\Application Data\c328a512a6b40fee deleted C:\Documents and Settings\All Users\Application Data\cosstminn deleted "C:\WINDOWS\system32\roboot.exe" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-08-04 20:05:53 6F78A5B98BCA1C83D9E44E3065BA54C4 1355 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\Gerda\LOCALS~1\Temp ==== 2014-08-07 15:03:01 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\vcredist_x86.exe 2014-08-07 15:02:48 23128747B91B2F635A46B252F84C2EE1 5553368 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\BackupSetup.exe 2014-08-07 15:01:54 5CC99B42315686C0046EA44A69862C55 10200072 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\91407423675\1_Offer_15.exe 2014-08-07 15:01:14 B950B7D00028A589F3A6B9889DE51782 809856 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\rdms.exe 2014-08-07 09:33:06 386C66D3274A86E54D8463744BF25ED8 172179 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\1954544_stp\Generic_vo.exe 2014-08-04 18:55:06 AB29E25D21305D5BC1E7D23DC0E57000 5693496 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\optprosetup.exe 2014-08-04 18:53:59 60C86C38C11E191AAB741213232929CF 5870656 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\OptimizerPro.exe 2014-08-04 18:53:51 15515D70A1DCCEDE65C3242A3CD96B1B 290705 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\VOPackage.exe 2014-08-04 18:53:42 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\RegClean_0307-7366cb4a.exe 2014-08-04 18:53:31 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\systemsspeedup_0307-cd6becd7.exe 2014-08-04 18:53:21 0D0485EE935ACE396096EAB7FDE9A8BF 473688 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\Zebar_0104-57366623.exe 2014-08-04 18:53:17 8E21CF282EDB9C01A422690769EAB7DA 413184 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\CostMinInstaller.exe 2014-08-04 18:53:15 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:53:06 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\s2059.exe 2014-08-04 18:51:50 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:51:36 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\s1765.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\7271119_stp\Generic_vo.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\275509_stp\Generic_vo.exe 2014-08-03 13:21:00 !HASH: COULD NOT OPEN FILE !!!!! 231584 ----a-w- C:\Documents and Settings\NetworkService\Local Settings\temp\9401e5f9e96928afc6b6106573\MPSigStub.exe 2014-08-03 13:06:45 26932B588F2502854D808D80CFB5633D 100976376 ----a-w- C:\Documents and Settings\NetworkService\Local Settings\temp\mpam-bd0594e4.exe ====== Java Cache ===== 2014-08-08 13:28:27 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-409432aa ====== C:\WINDOWS\system32 ===== 2014-08-08 13:18:46 6818CC5AEB477497480269CE627DDF17 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-08-08 13:18:34 49E203776C2ACB289385168A9058EE9E 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\System32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\System32\java.exe 2014-08-06 17:18:28 180E1D44727EB72CB11EC5953C5E4C52 117760 ------w- C:\WINDOWS\System32\prntvpt.dll 2014-08-06 17:18:27 89B23B4BE691942072E0E3F7EDEB33B6 1676288 ------w- C:\WINDOWS\System32\xpssvcs.dll 2014-08-06 17:18:27 81C4B0077427391D582FBB1B6B9578CB 575488 ------w- C:\WINDOWS\System32\xpsshhdr.dll 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\System32\xp_eos.exe ====== C:\WINDOWS\system32\drivers ===== 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\System32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys ====== C:\WINDOWS\Tasks ====== 2014-08-07 14:09:43 7EC88B8F8F8CEBF26404E22D2FDD2197 366 ---ha-w- C:\WINDOWS\Tasks\MpIdleTask.job 2014-08-05 17:05:52 80E28ECFE995078453B46DA678C0F9CE 222 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job 2014-08-05 17:05:48 3B7F9D918D68E7933EFD4D5B149575F0 216 ----a-w- C:\WINDOWS\Tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job 2014-08-04 20:38:04 F510302C830B49A6B33AB9E5D1DD7EE1 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-08-07 15:03:27 -------- d-----w- C:\Program Files\MyPC Backup 2014-08-06 17:20:09 -------- d-----w- C:\Program Files\Reference Assemblies 2014-08-04 20:47:47 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-08-04 18:56:41 -------- d-----w- C:\Program Files\Zebar 2014-08-04 18:54:36 -------- d-----w- C:\Program Files\cosstminn 2014-08-04 18:53:42 -------- d-----w- C:\Program Files\FLVM Player ======= C: ===== ====== C:\Documents and Settings\Gerda\Application Data ====== 2014-08-08 13:28:14 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Sun 2014-08-07 17:34:54 5FFBB9F997E5955E76AAF90329C58344 69232 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-08-07 15:09:41 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\Local_Weather_LLC 2014-08-07 15:09:04 -------- d-----w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Weather Alerts 2014-08-07 15:07:56 -------- d-----w- C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts 2014-08-07 15:06:43 -------- d-----w- C:\Documents and Settings\Gerda\Application Data\webssearches 2014-08-04 18:54:12 -------- d-----w- C:\Documents and Settings\Gerda\Menu Start\Programma's\FLVM Player ====== C:\Documents and Settings\Gerda ====== 2014-08-04 19:45:24 -------- d--h--r- C:\Documents and Settings\Gerda\Onlangs geopend 2014-08-04 18:55:03 -------- d-----w- C:\Documents and Settings\Gerda\AppData ====== C: exe-files == 2014-08-08 13:18:46 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\WINDOWS\system32\javaws.exe 2014-08-08 13:18:34 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\WINDOWS\system32\javaw.exe 2014-08-08 13:18:34 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\WINDOWS\system32\java.exe 2014-08-08 13:18:18 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-08-08 13:18:18 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-08-08 13:18:18 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-08-08 13:18:18 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-08-08 13:18:18 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-08-08 13:18:18 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-08-08 13:18:18 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-08-08 13:18:17 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-08-08 13:18:17 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-08-08 13:18:17 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-08-08 13:18:17 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-08-08 13:18:17 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-08-08 13:18:17 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-08-08 13:18:17 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-08-08 13:18:17 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-08-08 13:18:15 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-08-08 13:18:15 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-08-08 13:18:15 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-08-08 13:18:15 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-08-08 13:18:15 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-08-08 13:18:15 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-08-08 13:17:46 068014C9EACAD27DD8BC8CAF6BDECB06 918440 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\B95FLT1T\JavaSetup7u67[1].exe 2014-08-08 13:17:37 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Documents and Settings\Gerda\Application Data\Sun\Java\jre1.7.0_67\lzma.exe 2014-08-08 13:17:19 068014C9EACAD27DD8BC8CAF6BDECB06 918440 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\0JRBYD4P\JavaSetup7u67[2].exe 2014-08-07 19:02:49 068014C9EACAD27DD8BC8CAF6BDECB06 918440 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\0JRBYD4P\JavaSetup7u67[1].exe 2014-08-07 15:09:04 3CAB8C3D08FA5967BBC86D7C3334D6DC 52339 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\uninstall.exe 2014-08-07 15:07:57 252AE4CDABAE46180699207C80147872 146097 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsuninstall.exe 2014-08-07 15:07:54 7503BB28DCFAEE54DAED5B25C5798558 482152 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\1R8EON0Q\DesktopWeatherAlertsSetup[1].exe 2014-08-07 15:07:01 357A3A310BC75B9B57A7292847896015 528384 ----a-w- C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe 2014-08-07 15:06:43 1608D54DC69EA7E763CDAB78F71CAFD6 1856512 ----a-w- C:\Documents and Settings\Gerda\Application Data\webssearches\UninstallManager.exe 2014-08-07 15:03:01 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\vcredist_x86.exe 2014-08-07 15:02:48 23128747B91B2F635A46B252F84C2EE1 5553368 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\BackupSetup.exe 2014-08-07 15:01:54 5CC99B42315686C0046EA44A69862C55 10200072 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\91407423675\1_Offer_15.exe 2014-08-07 15:01:50 AAC45B337DAF3F301EAE9BFCC7C3F66E 392973 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\B95FLT1T\VuuPC-Installer[1].exe 2014-08-07 15:01:14 B950B7D00028A589F3A6B9889DE51782 809856 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\rdms.exe 2014-08-07 13:20:48 718476F73BC55A62BCAFDDA22395728A 239384 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowse.exe 2014-08-07 12:53:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Gerda.exe 2014-08-07 09:33:06 386C66D3274A86E54D8463744BF25ED8 172179 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\1954544_stp\Generic_vo.exe 2014-08-06 19:12:58 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\RECYCLER\S-1-5-21-1705022645-2691431146-1015858574-1007\Dc6.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe 2014-08-06 17:18:27 9CAC2BEE7724FC829567400EE751856A 597504 ------w- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2014-08-06 17:17:59 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\XDK05EBH\dotnetfx35setup[1].exe 2014-08-04 20:53:08 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2964358-IE8\spuninst\spuninst.exe 2014-08-04 20:05:39 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\spuninst\spuninst.exe 2014-08-04 20:05:34 9690B079450A711BC1942D0E1FD7AC37 174592 -c----w- C:\WINDOWS\ie8updates\KB2936068-IE8\ie4uinit.exe 2014-08-04 20:04:23 763960F8A4C8F0F3C9859AF143BA0271 96536 ----a-w- C:\Program Files\Zebar\bin\Zebar.BrowserAdapter.exe 2014-08-04 20:02:23 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\bin\utilZebar.exe 2014-08-04 18:58:34 269F314B87E6222A20E5F745B6B89783 2869264 ----a-w- C:\Program Files\Zebar\dotNetFx35setup.exe 2014-08-04 18:57:30 D8E577E956B7C248B6A1733169A3D2E5 241151 ----a-w- C:\Program Files\Zebar\ZebarUninstall.exe 2014-08-04 18:57:29 91188398D2511562E4B55319984172CB 1123608 ----a-w- C:\Program Files\Zebar\Zebar.FirstRun.exe 2014-08-04 18:55:06 AB29E25D21305D5BC1E7D23DC0E57000 5693496 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\optprosetup.exe 2014-08-04 18:54:17 AEDF260AD28B751B8B748A2ADBD01300 44253 ----a-w- C:\Program Files\FLVM Player\Uninstaller.exe 2014-08-04 18:53:59 60C86C38C11E191AAB741213232929CF 5870656 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\OptimizerPro.exe 2014-08-04 18:53:51 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\RECYCLER\S-1-5-21-1705022645-2691431146-1015858574-1007\Dc2.exe 2014-08-04 18:53:51 15515D70A1DCCEDE65C3242A3CD96B1B 290705 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\VOPackage.exe 2014-08-04 18:53:42 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\RegClean_0307-7366cb4a.exe 2014-08-04 18:53:31 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\systemsspeedup_0307-cd6becd7.exe 2014-08-04 18:53:21 0D0485EE935ACE396096EAB7FDE9A8BF 473688 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\Zebar_0104-57366623.exe 2014-08-04 18:53:17 8E21CF282EDB9C01A422690769EAB7DA 413184 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\CostMinInstaller.exe 2014-08-04 18:53:15 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:53:06 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n2059\s2059.exe 2014-08-04 18:51:50 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\FLVMPlayerSetup-c45490cb.exe 2014-08-04 18:51:36 2A29384AFF2E8D557DCEAD05CADFED5D 216648 ----atw- C:\Documents and Settings\Gerda\Local Settings\temp\n1765\s1765.exe 2014-08-04 18:31:30 AA188DF322701F202AF185611DC3BB60 323352 ----a-w- C:\Program Files\Zebar\updateZebar.exe 2014-08-04 18:31:30 734B0546EE0BCDBA1E0BEDCC505386B3 135960 ----a-w- C:\Program Files\Zebar\updater.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 -c----w- C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-08-04 17:43:00 DDC2FD95F1B3A55CDDD0D91F0D7B3122 13312 ------w- C:\WINDOWS\system32\xp_eos.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\7271119_stp\Generic_vo.exe 2014-08-04 16:39:04 AA923F5D569DF958FC443E428F78F4BE 172020 ------w- C:\Documents and Settings\Gerda\Local Settings\temp\is45637729\275509_stp\Generic_vo.exe 2014-08-03 13:21:00 !HASH: COULD NOT OPEN FILE !!!!! 231584 ----a-w- C:\Documents and Settings\NetworkService\Local Settings\temp\9401e5f9e96928afc6b6106573\MPSigStub.exe 2014-08-03 13:06:45 26932B588F2502854D808D80CFB5633D 100976376 ----a-w- C:\Documents and Settings\NetworkService\Local Settings\temp\mpam-bd0594e4.exe === C: other files == 2014-08-08 13:19:06 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\B95FLT1T\java[1].com 2014-08-08 13:18:19 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 2014-08-08 13:16:53 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\QZ0KCZ4V\www.java[1].com 2014-08-08 13:05:15 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\QZ0KCZ4V\www.systweak[1].com 2014-08-08 12:47:21 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\0JRBYD4P\www.contenko[2].com 2014-08-08 12:46:45 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\1R8EON0Q\istart.webssearches[1].com 2014-08-08 05:27:00 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\QZ0KCZ4V\www.tuneuppro[1].com 2014-08-07 19:59:22 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\QZ0KCZ4V\w.prize44[1].com 2014-08-07 19:27:46 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\B95FLT1T\www.casino[1].com 2014-08-07 18:47:53 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\1R8EON0Q\www.thatrendsystem[1].com 2014-08-07 17:31:29 7215EE9C7D9DC229D2921A40E899EC5F 1 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\QZ0KCZ4V\powerbundle.systweak[1].com 2014-08-07 14:58:37 ED43F0DF4E0371F51B48AA8B56E874E1 22027 ----a-w- C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\B95FLT1T\www.avg[1].com 2014-08-04 20:04:23 708DB5076348BAE2FCA8A773EBEF76A6 55224 ----a-w- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 20:04:20 3B5B087A4BE2B128FFA2014FBF4F9485 372356 ----a-w- C:\Program Files\Zebar\bin\Zebar.PurBrowseG.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-1705022645-2691431146-1015858574-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" "AGRSMMSG"="AGRSMMSG.exe" "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" "TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL" "Zooming"="ZoomingHook.exe" "TCtryIOHook"="TCtrlIOHook.exe" "TPSMain"="TPSMain.exe" "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" "TFncKy"="TFncKy.exe" "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "VideoDownloadConverter Search Scope Monitor"="C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe /m=2 /w /h" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" ==== Startup Folders ====================== 2014-08-07 15:07:59 1181 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\DesktopWeatherAlerts.lnk 2014-08-07 15:09:10 1149 ----a-w- C:\Documents and Settings\Gerda\Menu Start\Programma's\Opstarten\Weather Alerts.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03-08-2014 15:21] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-01-2012 11:17] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\MpIdleTask.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=143 folders=14 186280429 bytes) ==== EOF on vr 08-08-2014 at 15:48:42,34 ====================== - - - Updated - - - Ik heb zojuist een logje gestuurd , alleen weet ik niet of dit de goeie is . Volgens mij had ik te laat : do a quick scan en auto clean aangevinkt . Kunnen jullie dat zoen ?

Logfile of random's system information tool 1.10 (written by random/random) Run by Gerda at 2014-08-07 14:53:24 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 134 GB (88%) free of 153 GB Total RAM: 510 MB (30% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:53:54, on 7-8-2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ACS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Documents and Settings\Gerda\Application Data\VOPackage\VOsrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Zebar\updateZebar.exe C:\Program Files\Zebar\updater.exe C:\Program Files\Zebar\bin\utilZebar.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Gerda\Local Settings\Temporary Internet Files\Content.IE5\1R8EON0Q\RSIT[1].exe C:\Program Files\trend micro\Gerda.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: cosstminn - {6236E2B5-1BC1-2CD3-76D9-631EAFABC24D} - C:\Program Files\cosstminn\cz7ynHGCR.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Zebar - {cf8c409e-f507-4f95-b6dd-bf1eecf85c9d} - C:\Program Files\Zebar\Zebarbho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Search - http://tbedits.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm069^YY^nl&si=pconverter&a=E2693A0F-6DE3-4CD5-929D-B4A2AE06A7D7&n=2013021607&cv=2 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296993521765 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: VO Service component (servervo) - Unknown owner - C:\Documents and Settings\Gerda\Application Data\VOPackage\VOsrv.exe O23 - Service: Update Zebar - Unknown owner - C:\Program Files\Zebar\updateZebar.exe O23 - Service: UpdaterSvcZebar - Unknown owner - C:\Program Files\Zebar\updater.exe O23 - Service: Util Zebar - Unknown owner - C:\Program Files\Zebar\bin\utilZebar.exe O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe -- End of file - 9229 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\MpIdleTask.job - c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}] Toolbar BHO - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll [2013-02-16 707728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-01-14 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6236E2B5-1BC1-2CD3-76D9-631EAFABC24D}] cosstminn - C:\Program Files\cosstminn\cz7ynHGCR.dll [2014-08-04 452096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}] Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-02-16 62864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf8c409e-f507-4f95-b6dd-bf1eecf85c9d}] Zebar - C:\Program Files\Zebar\Zebarbho.dll [2014-08-04 249624] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-08-28 79856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-02-16 707728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-10-30 192512] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-12-01 1077327] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-28 88363] "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-01-21 675840] "TPNF"=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2004-11-29 53248] "TOSHIBA Accessibility"=C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [2004-12-07 24576] "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-12-23 28672] "SVPWUTIL"=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2005-02-25 65536] "Zooming"=C:\WINDOWS\system32\ZoomingHook.exe [2004-07-14 24576] "TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2005-02-16 28672] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-01-21 266240] "SmoothView"=C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe [2004-11-15 118784] "TFncKy"=TFncKy.exe [] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2004-11-12 73728] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-01-14 122939] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-22 339968] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] "VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-02-16 42536] "VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-02-16 30096] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-03-02 65536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-22 61440] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-08-07 14:53:24 ----D---- C:\rsit 2014-08-06 19:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2014-08-06 19:20:56 ----D---- C:\WINDOWS\system32\XPSViewer 2014-08-06 19:20:09 ----D---- C:\Program Files\Reference Assemblies 2014-08-06 19:18:28 ----N---- C:\WINDOWS\system32\prntvpt.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2014-08-06 19:18:27 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2014-08-06 19:18:25 ----D---- C:\dec4a3b3339f90200e6f2657a9e372 2014-08-04 22:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$ 2014-08-04 22:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$ 2014-08-04 22:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$ 2014-08-04 22:50:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$ 2014-08-04 22:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$ 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files\DESIGNER 2014-08-04 22:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$ 2014-08-04 22:05:53 ----A---- C:\WINDOWS\imsins.BAK 2014-08-04 22:04:23 ----A---- C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys 2014-08-04 21:38:26 ----D---- C:\Program Files\CCleaner 2014-08-04 21:03:34 ----D---- C:\Documents and Settings\All Users\Application Data\Systweak 2014-08-04 20:58:36 ----D---- C:\4eabd783f092732bc14cafd83d34b4 2014-08-04 20:57:41 ----D---- C:\Documents and Settings\Gerda\Application Data\VOPackage 2014-08-04 20:57:12 ----D---- C:\Documents and Settings\Gerda\Application Data\Systweak 2014-08-04 20:56:41 ----D---- C:\Program Files\Zebar 2014-08-04 20:56:27 ----D---- C:\Program Files\Supporter 2014-08-04 20:56:17 ----A---- C:\WINDOWS\system32\roboot.exe 2014-08-04 20:55:17 ----D---- C:\Documents and Settings\All Users\Application Data\c328a512a6b40fee 2014-08-04 20:55:14 ----D---- C:\Documents and Settings\All Users\Application Data\cosstminn 2014-08-04 20:54:36 ----D---- C:\Program Files\cosstminn 2014-08-04 20:53:42 ----D---- C:\Program Files\FLVM Player 2014-08-04 19:43:00 ----N---- C:\WINDOWS\system32\xp_eos.exe 2014-08-03 15:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$ ======List of files/folders modified in the last 1 month====== 2014-08-07 14:53:53 ----D---- C:\Program Files\Trend Micro 2014-08-07 14:49:05 ----RD---- C:\Program Files 2014-08-07 14:27:19 ----SD---- C:\WINDOWS\Tasks 2014-08-07 14:25:51 ----A---- C:\WINDOWS\win.ini 2014-08-07 14:19:53 ----D---- C:\WINDOWS\Temp 2014-08-07 14:17:56 ----D---- C:\WINDOWS\system32\CatRoot2 2014-08-06 21:17:51 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-08-06 21:04:31 ----RSD---- C:\WINDOWS\assembly 2014-08-06 21:03:05 ----D---- C:\WINDOWS\Microsoft.NET 2014-08-06 20:01:41 ----D---- C:\WINDOWS 2014-08-06 19:57:26 ----D---- C:\WINDOWS\inf 2014-08-06 19:57:14 ----D---- C:\WINDOWS\system32\CatRoot 2014-08-06 19:57:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-08-06 19:54:38 ----SHD---- C:\WINDOWS\Installer 2014-08-06 19:54:38 ----D---- C:\Config.Msi 2014-08-06 19:31:06 ----D---- C:\WINDOWS\system32 2014-08-06 19:31:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-08-06 19:30:35 ----D---- C:\WINDOWS\WinSxS 2014-08-06 19:20:40 ----D---- C:\Program Files\MSBuild 2014-08-06 19:20:29 ----RSD---- C:\WINDOWS\Fonts 2014-08-06 19:19:08 ----D---- C:\WINDOWS\system32\spool 2014-08-05 19:04:40 ----D---- C:\Program Files\Microsoft Silverlight 2014-08-04 22:57:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-08-04 22:52:51 ----D---- C:\WINDOWS\ie8updates 2014-08-04 22:47:47 ----D---- C:\Program Files\Common Files 2014-08-04 22:26:13 ----D---- C:\WINDOWS\system32\drivers 2014-08-04 22:26:12 ----D---- C:\Program Files\Microsoft Security Client 2014-08-04 22:13:17 ----D---- C:\WINDOWS\Debug 2014-08-04 22:05:45 ----D---- C:\Program Files\Internet Explorer 2014-08-04 21:21:35 ----D---- C:\Program Files\Google 2014-08-04 21:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2014-08-04 19:32:06 ----SHD---- C:\RECYCLER 2014-08-04 19:32:06 ----D---- C:\Documents and Settings 2014-08-03 15:20:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-08-17 87168] R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R1 {9f93bd66-d3d2-427d-b37f-743603e2388d}Gt;{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt; C:\WINDOWS\system32\drivers\{9f93bd66-d3d2-427d-b37f-743603e2388d}Gt.sys [2014-07-25 55224] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 SerTVOutCtlr;TOSHIBA Controls Driver -EPIOMngr; C:\WINDOWS\system32\drivers\EPIOMngr.sys [2004-07-30 6400] R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2004-07-29 6400] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-29 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-02-25 8704] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.10; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2011-02-06 15890] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-01-14 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-01-14 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-01-14 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-01-14 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-01-14 87706] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-01-14 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-01-14 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-01-14 99098] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-01-14 100603] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-28 1270572] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-27 2284864] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-08 101833] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2004-12-22 393600] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-22 986624] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-02-11 157056] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-01-08 29184] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 StickyMesger;StickyMesger; \??\C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\catchme.sys [] S3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sffdisk;SFF Storage Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Stuurprogramma volgens SFF-opslagprotocol voor SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-06-16 46080] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 40030ae4;Supporter; c:\progra~1\suppor~1\SupporterSvc.dll [2014-08-04 174416] R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\ACS.exe [2004-07-07 36864] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-22 352256] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 Irmon;Infraroodmonitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-08-28 153584] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] R2 servervo;VO Service component; C:\Documents and Settings\Gerda\Application Data\VOPackage\VOsrv.exe [2014-08-04 73728] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912] R2 Update Zebar;Update Zebar; C:\Program Files\Zebar\updateZebar.exe [2014-08-06 323352] R2 UpdaterSvcZebar;UpdaterSvcZebar; C:\Program Files\Zebar\updater.exe [2014-08-04 135960] R2 Util Zebar;Util Zebar; C:\Program Files\Zebar\bin\utilZebar.exe [2014-08-06 323352] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-02-16 42504] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-03 262320] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-29 135664] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Ok , maar ik loop al tegen het probleem aan dat mijn schijf productherstel niet doet wat we verwacht hadden . Ik had eerst met het afsluiten dat er updates waren , en dat duurde en duurde , maaruiteoidelijk was het zo dat ik met het schijfje er in kon afsluiten zonder aangekondigde updates . Maar bij het opstarten komt niet het bericht , waarna ik F12 moet in drukken . Ik heb een paar keer geprobeerd , maar het lukt niet . Verder had ik bij de beveiliging naar geschiedenis gekeken , enjawel , een heel rijtje troyaanse virussen .Ik heb ze laten verwijderen , maar misschien had ik ze voor je moeten laten staan ? Dus alles bij elkaar ben ik maar heel weinig verder gekomen .

Ik begrijp uit verschillende schermpjes , dat windows geen ondersteuning meer bied aan XP. Ook de beveiliging Microsoft Security geeft dit aan . Ik heb een schijfje om Microsoft Office Professional Edition 2003 te installeren Want als ik deze niet kan installeren , heb ik ook geen microsoft security ? Maar heeft dit nog wel zin dan ? Ik heb productherstel nog niet gedaan ,maar ik vraag mij af , wat kan ik er straks nog mee ? Want anders is het allemaal een beetje zinloos

En, je kent me denk ik al wel een beetje .En daarom vraag ik , kan ik dit ????????????

Welke schijf moet ik gaan gebruiken ? Wat zijn cursor toetsen ?

Ik zal eerst eens wat gegevens geven : Het gaat om een Toshiba Satellite M40x-286/370 Model :PSM4XE-03V01WDU 15.4/1.5/512 MB/60 GB WL/DVD RWDL De laptop is van 31 - 10 - 2005 Verder heb ik 3 schijfjes van de Toshiba , nl. EXPRESS MEDIA PLAYER RECOVERY CD DVD-ROM PRODUCTHERSTEL 1/2 DVD-ROM PRODUCTHERSTEL 2/2 Maar mag ik een eerlijk advies , is het de moeite waard om hier nog wat mee te doen ? Of zeg je van hij heeft z,n tijd gehad , en zal niet beter/sneller worden als nu . Ik heb gisteravond Ccleaner er over heen laten gaan , dat leverde 2 blz. rotzooi op ( waarschijnlijk nooit iets aan gedaan ) Het gaat mij er om , om de Toshiba zo te krijgen dat je een beetje kunt googlen , en startpagina bezoeken . Maar geen films en muziek en dat soort dingen Wat denken we er van ?

Ja, en dan beginne bij # 20