Ga naar inhoud

vicky_i

Lid
  • Items

    26
  • Registratiedatum

  • Laatst bezocht

Over vicky_i

  • Verjaardag 24-08-1987

PC Specificaties

  • Besturingssysteem
    windows 7 Home Premium
  • Monitor
    Acer
  • Processor
    Intel Pentium P6200 , 2.13GHZ
  • Geheugen
    6GB DD3 Memory
  • Grafische Kaart
    Intel HD Graphic
  • Harde Schijf
    500 GB HDD Acer

vicky_i's prestaties

  1. Hij opent soms zelfs een venster in internet explorer , eigenlijk gewoon een nieuw tabblad dan , of hij zegt dat flash player niet geïnstalleerd is en dat ik dus op bepaalde sites iets niet kan bekijken terwijl ik dat eigenlijk wel zou moeten kunnen . Was dat logje het enige dat ik moest doen ? Ik heb wel al de hele dag geen problemen gehad met internet explorer ( voor zover ik er op bezig geweest ben toch ) . Mocht het probleem met IE nu echt opgelost zijn dan ben je superhard bedankt ! En ik denk ook wel dat het probleem ermee opgelost is maar ja , ik weet dat nu nog niet , hij is toch al langer bezig zonder weg te vallen dan gewoonlijk ! Ivm die rotzooi , staat er dan nog een boel rotzooi op ? want ik gebruik wel regelmatig de Ccleaner en scan dagelijks , maar of dat voldoende is denk ik niet . Groetjes
  2. Hier is de log , ik heb hem wel 2x moeten starten dus hoop dat het juist is : Zoek.exe Version 4.0.0.4 Updated 26-08-2013 Tool run by Vicky on do 29-08-2013 at 14:16:36,68. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Vicky\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-8-2013 14:19:42 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BEF35424-9F1B-494E-A2CA-542DB53B8DDD} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js: user_pref("browser.startup.homepage", ); user_pref("browser.search.defaultengine", "Ask.com"); Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.search.defaultenginename", "AVG Secure Search"); user_pref("browser.search.selectedEngine", "AVG Secure Search"); Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default ---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ---- ---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ---- ---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from user.js ---- ---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ---- ---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ---- ---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from user.js ---- ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar.babExt", ""); user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=3012_5"); user_pref("extensions.BabylonToolbar.cntry", "BE"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.dfltSrch", false); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.hdrMd5", "188518D2EBF48689AD422320B3155343"); user_pref("extensions.BabylonToolbar.hmpg", false); user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9"); user_pref("extensions.BabylonToolbar.instlDay", "15549"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.29.116:56:25"); user_pref("extensions.BabylonToolbar.newTab", true); user_pref("extensions.BabylonToolbar.newTabUrl", "Babylon Search"); user_pref("extensions.BabylonToolbar.noFFXTlbr", false); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.sg", "czb"); user_pref("extensions.BabylonToolbar.smplGrp", "czb"); user_pref("extensions.BabylonToolbar.srcExt", "ss"); user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google="); user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.29.116:56:25"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5"); user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "Babylon Search"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google="); user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9"); user_pref("extensions.BabylonToolbar.instlDay", "15549"); user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.admin", false); ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "4e0e63bd00000000000074de2bf6f5c9"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15944"); user_pref("extensions.delta.vrsn", "1.8.24.6"); user_pref("extensions.delta.vrsni", "1.8.24.6"); user_pref("extensions.delta.vrsnTs", "1.8.24.621:38:28"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=123605&tsp=4987"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilivid removed from prefs.js ---- ---- Lines ilivid modified from prefs.js ---- ---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ---- ---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\Web Assistant\\\\Firefox\",\"mtime\":1337300953568},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\13.2.0.5\",\"mtime\":1353280183314}}},{\"name\":\"app-global\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487385296},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1337459654001}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487392236},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1352915642216}}}]"); ---- FireFox user.js and prefs.js backups ---- user_29-08-2013_1424_.backup prefs_29-08-2013_1424_.backup ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ---- ---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ---- ---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ---- ---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ---- ---- Lines BabylonToolbar removed from prefs.js ---- ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilivid removed from prefs.js ---- ---- Lines ilivid modified from prefs.js ---- ---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ---- ---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_29-08-2013_1424_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted "C:\user.js" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\Windows\wininit.ini" deleted "C:\user.js" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft" deleted "C:\Program Files\Web Assistant" deleted "C:\ProgramData\BrowserDefender" not deleted "C:\Users\Vicky\AppData\Roaming\BabSolution" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted "C:\Program Files (x86)\Search Results Toolbar" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\1ClickDownload" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\WiseConvert" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Program Files\Web Assistant" deleted "C:\Users\Vicky\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\Users\Vicky\AppData\Roaming\BabSolution" deleted "C:\Users\Vicky\AppData\Roaming\Babylon" deleted "C:\Users\Vicky\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\BrowserDefender" not deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\Wincert" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Vicky\AppData\Local\iLivid" deleted "C:\Users\Vicky\AppData\Local\Conduit" deleted "C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted "C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted "C:\Users\Vicky\AppData\LocalLow\Incredibar.com" deleted "C:\Users\Vicky\AppData\LocalLow\PriceGong" deleted "C:\Users\Vicky\AppData\LocalLow\Conduit" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted "C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Vicky\AppData\Local\Temp ==== 2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe 2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe 2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe 2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe 2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe 2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe 2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE ====== C:\Windows\SysWOW64 ===== 2013-08-20 07:27:27 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-08-20 07:27:26 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-08-20 07:27:25 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-20 07:27:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-08-20 07:27:25 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-08-20 07:27:25 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-08-20 07:27:24 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-08-20 07:27:23 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-08-20 07:27:22 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-08-20 07:27:21 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-08-20 07:27:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-08-20 07:27:19 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-08-20 07:27:19 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-08-20 07:27:18 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-08-20 07:27:13 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-08-19 11:45:21 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-08-19 11:45:20 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-19 11:45:20 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-08-19 11:45:04 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-08-19 11:45:02 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2013-08-19 11:43:36 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-20 07:27:27 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-08-20 07:27:26 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-08-20 07:27:25 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-08-20 07:27:25 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-08-20 07:27:25 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-08-20 07:27:25 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-08-20 07:27:25 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-08-20 07:27:24 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-08-20 07:27:23 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-08-20 07:27:22 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-08-20 07:27:22 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-08-20 07:27:20 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-08-20 07:27:19 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-08-20 07:27:19 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-08-20 07:27:16 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-08-20 07:27:15 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-08-19 11:45:22 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-08-19 11:45:21 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-08-19 11:45:20 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-08-19 11:45:20 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-08-19 11:45:04 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-08-19 11:45:02 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2013-08-19 11:43:36 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL ====== C:\Windows\Sysnative\drivers ===== 2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2013-08-19 11:43:34 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-08-19 11:43:34 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== 2013-08-27 19:29:15 600AD6B878A025883CFFAB47DEE45F87 3200 ----a-w- C:\Windows\Sysnative\Tasks\{08BF7A00-7AB1-41D1-BEA9-254C0B1D06E4} 2013-08-27 19:24:02 6A55AF0AD097D676CDD29CC2E7BEDD6B 3196 ----a-w- C:\Windows\Sysnative\Tasks\{6AFE08A9-EE6B-4653-8E72-D80F31E091F6} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-29 03:16:34 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-25 03:40:23 -------- d-----w- C:\Program Files (x86)\Gmail Account Password Hacker 2013-08-25 02:51:00 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2013-08-25 02:50:59 -------- d-----w- C:\Program Files (x86)\AVG Secure Search ======= C: ===== ====== C:\Users\Vicky\AppData\Roaming ====== 2013-08-25 02:51:17 -------- d-----w- C:\users\Vicky\AppData\Local\AVG Secure Search 2013-08-25 02:51:06 -------- d-----w- C:\users\Vicky\AppData\Locallow\AVG Secure Search ====== C:\Users\Vicky ====== 2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe 2013-08-27 19:02:10 -------- d-----w- C:\ProgramData\BrowserDefender 2013-08-25 02:51:00 -------- d-----w- C:\ProgramData\AVG Secure Search 2013-08-25 02:49:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe ====== C: exe-files == 2013-08-29 03:16:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Vicky.exe 2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe 2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe 2013-08-27 20:02:38 77FDA6678AEACFA196E5DDDC4FC2742C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I0PCBOG.exe 2013-08-27 19:53:06 EF0341C438A93DB02D793445B8F746E3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I45QSXT.exe 2013-08-27 19:53:06 A175834A36CE08722A83C7D58C929547 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I4LZ4G9.exe 2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe 2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe 2013-08-27 19:27:27 F01447D544EC5C472D8C5456E73C78D1 2245128 ----a-w- C:\PASS BREAKER\PASS BREAKER.exe 2013-08-27 19:02:14 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe 2013-08-27 19:02:13 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe 2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe 2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe 2013-08-26 04:09:06 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.5.0\DriverInstaller.exe 2013-08-26 04:08:54 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.5.0\ScriptHelper.exe 2013-08-26 04:08:52 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe 2013-08-26 04:08:50 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ToolbarUpdater.exe 2013-08-26 04:08:50 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ScriptHelper.exe 2013-08-26 04:08:50 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller_64.exe 2013-08-26 04:08:50 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\lip.exe 2013-08-26 04:08:50 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\Uninstall.exe 2013-08-26 04:08:50 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\vprot.exe 2013-08-26 04:08:50 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller.exe 2013-08-26 04:08:50 2C1B0965CB65797001053D8956F9CD54 2226864 ----a-w- C:\Windows\Temp\avg_a06404\avg-secure-search-installer.exe 2013-08-26 04:08:50 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\PostInstall.exe 2013-08-26 04:08:50 01A17E294876ECB573AD32530961F29B 573616 ----a-w- C:\Windows\Temp\avg_a06404\ConfigFiles\MachineIdCreator.exe 2013-08-26 04:08:46 A8893D3F119C8143B2FC53F5CF21EE01 4547608 ----a-w- C:\Windows\Temp\{E2F131AF-3C99-41C9-817E-C34B87253705}.exe 2013-08-25 03:40:28 8B4614F20714CB9C5EB3C900E6188E48 83187 ----a-w- C:\Program Files (x86)\Gmail Account Password Hacker\Uninstal.exe 2013-08-25 03:38:36 69B8F0BA1A143F5BC0BD8635FCC93038 361833 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R4LZ4G9.exe 2013-08-25 02:51:04 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.4.0\DriverInstaller.exe 2013-08-25 02:51:02 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.4.0\ScriptHelper.exe 2013-08-25 02:51:00 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe 2013-08-25 02:50:59 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe 2013-08-25 02:50:59 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe 2013-08-25 02:50:59 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe 2013-08-25 02:50:59 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe 2013-08-25 02:50:57 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller_64.exe 2013-08-25 02:50:57 B387C48CDDB2CC5A9D0D9BBCCBFC50D8 640176 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller.exe 2013-08-25 02:50:57 94BA6BFC9227C59FD0969C54C102D14C 641200 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\PostInstall.exe 2013-08-25 02:50:57 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ScriptHelper.exe 2013-08-25 02:50:57 8869725DD27C46270A8EC56101C1FDF8 920240 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\lip.exe 2013-08-25 02:50:57 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ToolbarUpdater.exe 2013-08-25 02:50:57 6F8DAE4F43AF2F070292198CEAE16995 2285232 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\vprot.exe 2013-08-25 02:50:57 4F11E85CAE13A8881746B8FBB189EAA6 2196656 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\avg-secure-search-installer.exe 2013-08-25 02:50:57 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\Uninstall.exe 2013-08-25 02:50:57 0CA44A7F835FCD0B45B5360119A56566 572592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ConfigFiles\MachineIdCreator.exe 2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe 2013-08-25 02:50:33 FCAD3F53F501D80F444B92AC72A5A164 466608 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller.exe 2013-08-25 02:50:33 DF54FD732F04503A7C72285EA46E9037 1228976 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\avg-secure-search-installer.exe 2013-08-25 02:50:33 CCAC95DD3E5763AF41F074F1E3DBB0FF 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller_64.exe 2013-08-25 02:50:33 BF3479A3BE727D029321BD7601E8EAE1 1008816 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ToolbarUpdater.exe 2013-08-25 02:50:33 B48EE9A609A699B9FC8476444B988D0D 662192 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\lip.exe 2013-08-25 02:50:33 81A4A3692AA20B590CC643CB7E4D786A 1223344 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\vprot.exe 2013-08-25 02:50:33 5EC8F26F556E29B534607FDEBA7CD767 1380016 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ScriptHelper.exe 2013-08-25 02:50:33 5AD26C4F28D6D0F005E86D3F9A1CCA0C 1053872 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\Uninstall.exe 2013-08-25 02:50:33 57E3A9692DFDF4770ACB62F546B7F7EC 511664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\PostInstall.exe 2013-08-25 02:50:33 3984CFC8A3E3A1F09CC2657A4DF99C32 501424 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ConfigFiles\MachineIdCreator.exe 2013-08-25 02:49:13 55018D7287E4519AB084A3DAD68E97FE 341040 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgndisa.exe 2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe 2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE === C: other files == 2013-08-27 19:53:24 A3DCBE772B3C04A26FD07ABFCD6E781F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I78T4BW.zip 2013-08-27 19:53:24 889C036F2F4FF4BCA55DC8BC8E33B7E4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IHB1U54.zip 2013-08-27 19:53:24 239331BB0EEB77FD0D43D2711ADF65C8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IUN6S9J.zip 2013-08-27 19:27:27 D25D6E0DFE526AED99EC54035022EB6A 119688 ----a-w- C:\PASS BREAKER\PASS.com 2013-08-27 19:27:27 3F5BF11C972707414C5076BC7E8B4BE5 38792 ----a-w- C:\PASS BREAKER\PASSS.com 2013-08-27 19:26:51 A26255EAA2B524671CAB1456542E1952 6173974 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RHB1U54.zip 2013-08-27 19:03:42 94A5279AF49FCA6CD0B75D94B94C2B0B 2247449 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R78T4BW.zip 2013-08-27 19:01:16 9680FA2C72D3C8A311BE2AF3A5658763 2319198 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RUN6S9J.zip 2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\CBA677A9-BAB0-7891-9B7D-9DB0B7975820\Latest\Delta.crx 2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\877025C1-BAB0-7891-A5A7-A0B6CB046942\Latest\Delta.crx 2013-08-26 04:08:50 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx64.sys 2013-08-26 04:08:50 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx86.sys 2013-08-26 04:08:49 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\Windows\Temp\avg_a06404\ProgData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx 2013-08-26 04:08:49 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\data.zip 2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-08-25 02:50:59 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip 2013-08-25 02:50:57 BB83BDE5C9EB8A1B932D4A8374758EF8 37664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx86.sys 2013-08-25 02:50:57 5294DEE34D094B14D7E2697E9BB880B5 257167 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx 2013-08-25 02:50:57 18AAAC7ED383C465E319B5DD07D0A0B6 45856 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx64.sys 2013-08-25 02:50:56 264F8E1A89771B80D9F2985A68BAA8C3 178115 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\data.zip 2013-08-25 02:50:33 A64D0F9E1D19C3D57E79AAA0EF7A284E 40736 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx64.sys 2013-08-25 02:50:33 56E9703A6F7D60B9862FB95253753C5A 34592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx86.sys 2013-08-25 02:50:32 DA5604B49CBCF95E555E88BA2E13AEA8 237719 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgData\AVG Secure Search\ChromeExt\15.1.0.2\avg.crx 2013-08-25 02:50:17 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "MCCNL Sepang ModemListener"="C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nero MediaHome 4] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nero MediaHome 4" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nero\\Nero MediaHome 4\\NeroMediaHome.exe\" /AUTORUN" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2013 15:23] C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\B8E97F67-9FD6-46AD-B075-D261AFD597E3.exe [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default - Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 - Search-Results Toolbar - %ProfilePath%\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\staged - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default 6BE1D348BE7547113EF27B26777917CC - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll - Shockwave Flash ==== Deleting Files \ Folders ====================== "C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[] jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click12.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Fotomodel Vicky Iliaens" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Fotomodel Vicky Iliaens" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Vicky\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\ProgramData\BrowserDefender" not found "C:\ProgramData\BrowserDefender" not found ==== EOF on do 29-08-2013 at 14:32:56,81 ====================== Mijn computer doet nu wel nog vreemdere dingen dan voorheen eigenlijk , enig idee waarom ? Kan het te maken hebben met de hijack-tools enzo ? alvast bedankt !
  3. Hey , Bedankt voor je reactie , had al rondgekeken maar vond niet zo meteen een oplossing . Hier is de log ( wel lang he ? ) Logfile of random's system information tool 1.09 (written by random/random) Run by Vicky at 2013-08-29 05:16:34 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 144 GB (31%) free of 463 GB Total RAM: 5813 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 5:16:39, on 29-8-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\trend micro\Vicky.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - (no file) R3 - URLSearchHook: (no name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11146 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=24ac0011-9e3a-4f61-8fc4-3d2c232a0e2a /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f4b8481b-e785-445a-b001-7a303c2ab07a-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" "C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe" -start "C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe" "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2013\avgemca.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "145653779-1046690077-93042660013855400471511417261622959385-1391086703-1938059911 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe" start "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY C:\Windows\system32\igfxext.exe -Embedding "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=72725b19-56a4-446f-8aa3-d94d10012351 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\24a0d72f-09b0-417d-850c-ee0a362ebc51-974-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 5200 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe -Embedding "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\system32\svchost.exe -k SDRSVC taskeng.exe {EAF7E937-5DCD-49B1-9C11-DE89631ABD33} "C:\Program Files\EgisTec IPS\PMMUpdate.exe" "C:\Program Files\EgisTec IPS\EgisUpdate.exe" "C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Vicky\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run "C:\Windows\system32\schtasks.exe" /create /tn "BrowserDefendert" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start BrowserDefendert" /st 00:00:00 \??\C:\Windows\system32\conhost.exe "-1529313953131027354-564523101406650943-991915618-1914365789-1625768932397484133 "C:\Windows\system32\notepad.exe" "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Vicky\Documents\I should have known from the start and embrace when im angry.txt C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503} "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:1250760 /prefetch:2 "C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding "C:\Windows\system32\notepad.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe150_ Global\UsGthrCtrlFltPipeMssGthrPipe150 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 "C:\Users\Vicky\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job =========Mozilla firefox========= ProfilePath - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default prefs.js - "browser.startup.homepage" - "{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox "{8E9E3331-D360-4f87-8803-52DE43566502}"=C:\Program Files\Web Assistant\Firefox [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.262 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.262 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ ffxtlbr@babylon.com staged {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ babylon.xml bing.xml bolcom-nl.xml google.xml marktplaats-nl.xml Search_Results.xml wikipedia-nl.xml C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ ffxtlbr@babylon.com {f34c9277-6577-4dff-b2d7-7d58092f272f} C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\ askcom.xml babylon.xml delta.xml Search_Results.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-06-28 339456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-06-28 279552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-15 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-15 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-15 416024] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-28 2723624] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440] "MCCNL Sepang ModemListener"=C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [2011-06-20 102400] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-07-01 4411440] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-08-26 2314416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-08-09 390144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - .js - open - .txt - open - ======List of files/folders created in the last 1 month====== 2013-08-29 05:16:34 ----D---- C:\rsit 2013-08-29 05:16:34 ----D---- C:\Program Files\trend micro 2013-08-27 21:27:27 ----D---- C:\PASS BREAKER 2013-08-27 21:02:10 ----D---- C:\ProgramData\BrowserDefender 2013-08-27 21:02:01 ----D---- C:\Users\Vicky\AppData\Roaming\BabSolution 2013-08-25 05:40:23 ----D---- C:\Program Files (x86)\Gmail Account Password Hacker 2013-08-25 04:51:04 ----A---- C:\Windows\system32\drivers\avgtpx64.sys 2013-08-25 04:51:00 ----D---- C:\ProgramData\AVG Secure Search 2013-08-25 04:50:59 ----D---- C:\Program Files (x86)\AVG Secure Search 2013-08-20 09:27:26 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-20 09:27:26 ----A---- C:\Windows\system32\ieui.dll 2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-20 09:27:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesetup.dll 2013-08-20 09:27:25 ----A---- C:\Windows\system32\iernonce.dll 2013-08-20 09:27:25 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-20 09:27:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-20 09:27:24 ----A---- C:\Windows\system32\iertutil.dll 2013-08-20 09:27:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-20 09:27:23 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-20 09:27:22 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript9.dll 2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript.dll 2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-20 09:27:20 ----A---- C:\Windows\system32\urlmon.dll 2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-20 09:27:19 ----A---- C:\Windows\system32\wininet.dll 2013-08-20 09:27:19 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-20 09:27:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-20 09:27:16 ----A---- C:\Windows\system32\ieframe.dll 2013-08-20 09:27:15 ----A---- C:\Windows\system32\mshtml.dll 2013-08-20 09:27:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-19 13:45:22 ----A---- C:\Windows\system32\crypt32.dll 2013-08-19 13:45:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-19 13:45:21 ----A---- C:\Windows\system32\wintrust.dll 2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-19 13:45:04 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-19 13:45:04 ----A---- C:\Windows\system32\tzres.dll 2013-08-19 13:45:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-19 13:45:02 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-19 13:43:36 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-19 13:43:36 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-08-15 03:01:43 ----D---- C:\Windows\system32\MRT 2013-08-13 21:51:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll ======List of files/folders modified in the last 1 month====== 2013-08-29 05:16:39 ----D---- C:\Windows\Prefetch 2013-08-29 05:16:36 ----D---- C:\Windows\Temp 2013-08-29 05:16:34 ----RD---- C:\Program Files 2013-08-29 05:07:00 ----D---- C:\ProgramData\MFAData 2013-08-29 04:32:13 ----D---- C:\Users\Vicky\AppData\Roaming\Skype 2013-08-29 01:20:43 ----D---- C:\Windows\tracing 2013-08-28 14:26:34 ----D---- C:\Windows\system32\config 2013-08-27 21:50:57 ----RD---- C:\Program Files (x86) 2013-08-27 21:50:45 ----D---- C:\Windows\system32\Tasks 2013-08-27 21:33:35 ----D---- C:\Program Files\Web Assistant 2013-08-27 21:02:10 ----HD---- C:\ProgramData 2013-08-27 16:08:23 ----A---- C:\Windows\SYSWOW64\log.txt 2013-08-27 16:06:42 ----D---- C:\Windows\system32\drivers 2013-08-27 16:06:42 ----D---- C:\Windows\inf 2013-08-27 16:06:39 ----D---- C:\Windows\system32\DriverStore 2013-08-25 04:51:21 ----SHD---- C:\Windows\Installer 2013-08-25 04:51:08 ----D---- C:\Windows\SYSWOW64\drivers 2013-08-25 04:51:00 ----D---- C:\Program Files (x86)\Common Files 2013-08-25 04:50:17 ----D---- C:\ProgramData\AVG2013 2013-08-25 04:49:03 ----SHD---- C:\System Volume Information 2013-08-25 04:18:25 ----D---- C:\Windows 2013-08-25 04:12:53 ----D---- C:\Windows\system32\catroot2 2013-08-24 01:59:54 ----D---- C:\Windows\Panther 2013-08-24 01:59:54 ----D---- C:\Windows\debug 2013-08-21 22:47:55 ----D---- C:\Windows\System32 2013-08-21 22:47:55 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-21 21:35:19 ----D---- C:\Windows\rescache 2013-08-21 15:23:26 ----D---- C:\Windows\SysWOW64 2013-08-21 15:23:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-08-21 02:37:49 ----D---- C:\Windows\Microsoft.NET 2013-08-21 02:37:28 ----RSD---- C:\Windows\assembly 2013-08-20 21:39:20 ----D---- C:\Windows\winsxs 2013-08-20 21:37:05 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-20 21:37:05 ----D---- C:\Windows\system32\nl-NL 2013-08-20 21:37:04 ----D---- C:\Program Files\Internet Explorer 2013-08-20 21:37:04 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-20 09:27:45 ----D---- C:\Windows\system32\catroot 2013-08-20 09:21:17 ----A---- C:\Windows\system32\MRT.exe 2013-08-19 23:25:47 ----D---- C:\Windows\Tasks 2013-08-19 23:25:47 ----D---- C:\Windows\SYSWOW64\wbem 2013-08-19 23:25:47 ----D---- C:\Windows\system32\wfp 2013-08-19 23:25:47 ----D---- C:\Windows\AppPatch 2013-08-19 23:25:45 ----D---- C:\Windows\system32\wbem 2013-08-19 23:25:45 ----D---- C:\Windows\system32\CodeIntegrity 2013-08-19 23:25:36 ----D---- C:\Windows\AppCompat 2013-08-19 23:25:30 ----D---- C:\Program Files\Common Files\Microsoft Shared 2013-08-19 23:25:03 ----D---- C:\Windows\registration 2013-08-19 23:13:22 ----D---- C:\Windows\system32\NDF 2013-08-10 11:49:34 ----D---- C:\Users\Vicky\AppData\Roaming\SoftGrid Client ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-07-10 45880] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-08-26 45856] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-10-27 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-10-27 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-10-27 62776] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-28 1417776] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408] S3 ASNDIS4;ASNDIS4 Protocol Driver; \??\C:\Windows\syswow64\ASNDIS4.SYS [] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\jrdusbser.sys [2011-06-20 120832] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360] R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-09-16 325656] R2 MCCNL Sepang Modem Device Helper;MCCNL Sepang Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [2011-06-20 49752] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-09-16 2538520] R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-08-26 1643184] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-07-25 1432080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416] S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-12 655624] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736] -----------------EOF-----------------
  4. Beste leden en beheerders , Ik heb al een tijdje problemen met mijn internet explorer . Het begon met het traag laden van pagina's , nadien sloten de pagina's vanzelf en kreeg ik de melding dat het programma niet meer werkte , meldingen zoals : ' dit tabblad is gesloten en opnieuw geopend vanwege een probleem met deze pagina ' . In het begin dacht ik dat het aan facebook lag , daar die pagina wel geregeld fout liep destijds , maar ondertussen werd het alleen maar erger , het begon vooral met multimedia-site's , zoals youtube en indien ik foto's wou bewerken online , wou de foto niet uploaden . Als ik dan na herhaaldelijke pogingen de foto online kreeg , kreeg ik een pagina in het grijs met een uitroepteken , alsof het adobe flash player was . Ik kreeg in het begin dan de melding dat ie.dll niet meer werkte en nu sinds vandaag kreeg ik de melding dat ieframe.dll niet meer werkt . Ik weet niet goed waar het probleem aan kan liggen , ik gebruik verder ook als antivirus AVG en heb die regelmatig laten scannen , maar die vind helemaal niets . Hiernaast gebruik ik ook Ccleaner om de overbodige en tijdelijke bestanden te verwijderen . Ik hoop dat iemand me raad weet want dit is verre van fijn natuurlijk . Alvast dank bij voorbaat
  5. hallo , het wil gewoon niet meer opstarten , gaat niet meer open , zonder foutmeldingen . gisteren speelde hij plots zonder probleem weer muziek af , en nu weer niet meer , het is inderdaad versie 11 , Groetjes
  6. ik weet eigenlijk niet welke versie het is , maar de computer zegt wel iedere keer dat de nieuwste updates al geïnstalleerd zijn , foutmeldingen krijg ik niet nee , het is gewoon als ik erop klik dat het niet eens meer opent , ook als ik op muziek ofzo klik gaat het niet meer open , Groetjes
  7. hallo , mijn windows media player werkt plots niet meer , weet iemand aub raad ? ik ken echt niet veel van pc's , Groetjes , Vicky
  8. hey Kape , Heb gezocht , maar dat staat niet op mijn pc , Groetjes
  9. en vandaag weer die melding gekregen dll werkt ni meer
  10. doet helaas helemaal niks en mijn antivirus , als ik er op klik reageert ook niet of hij geeft weer dat er vanalles ontbreekt , Groetjes
  11. heb dat gedaan nu en ik heb toch niet meteen nog meldingen , maar ik ben wel mijn virusscaner zoek geraakt , die stond niet op cd , is via het net , maar wel een met licentie natuurlijk , wat moet ik nu doen ? hij zegt dat er iets van ontbreekt ofzo Groetjes
  12. ik heb zo geen knopje met uitvoeren helaas , heb windows vista he op welk mag ik dan wel drukken ? Groetjes
  13. dat krijg ik niet meer , maar het was wel meer dan dat , her en der begon ik meldingen te krijgen dat dat programma niet meer werkte , dan was het windows verkenner dat niet meer werkte etc , nu heb ik geen probs , behalve men virusscanner die ik niet meer kan opstarten , tips ?
  14. logje van HijackThis : Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 21:04:40, on 19/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe -- End of file - 8011 bytes en een logje van die combofix of kittyfix : ComboFix 09-12-18.03 - vicky iliaens 19/12/2009 20:18:58.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1918.990 [GMT 1:00] Gestart vanuit: c:\users\vicky iliaens\Downloads\KittyFix.exe gebruikte Opdracht switches :: c:\users\vicky iliaens\Desktop\CFScript.txt AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\KGB c:\program files\KGB\German.lng c:\program files\KGB\Help\English\alarms.htm c:\program files\KGB\Help\English\clipboard.htm c:\program files\KGB\Help\English\computer.htm c:\program files\KGB\Help\English\delivery.htm c:\program files\KGB\Help\English\filters.htm c:\program files\KGB\Help\English\Help.chm c:\program files\KGB\Help\English\internet.htm c:\program files\KGB\Help\English\invisible.htm c:\program files\KGB\Help\English\keyboard.htm c:\program files\KGB\Help\English\log_size.htm c:\program files\KGB\Help\English\logging.htm c:\program files\KGB\Help\English\password.htm c:\program files\KGB\Help\English\programs.htm c:\program files\KGB\Help\English\screenshot.htm c:\program files\KGB\Help\English\settings_node.htm c:\program files\KGB\Help\English\update.htm c:\program files\KGB\Help\English\users_node.htm c:\program files\KGB\Help\German\Help.chm c:\program files\KGB\Help\German\update.htm c:\program files\KGB\Help\Russian\alarms.htm c:\program files\KGB\Help\Russian\clipboard.htm c:\program files\KGB\Help\Russian\computer.htm c:\program files\KGB\Help\Russian\delivery.htm c:\program files\KGB\Help\Russian\filters.htm c:\program files\KGB\Help\Russian\Help.chm c:\program files\KGB\Help\Russian\internet.htm c:\program files\KGB\Help\Russian\invisible.htm c:\program files\KGB\Help\Russian\keyboard.htm c:\program files\KGB\Help\Russian\log_size.htm c:\program files\KGB\Help\Russian\logging.htm c:\program files\KGB\Help\Russian\password.htm c:\program files\KGB\Help\Russian\programs.htm c:\program files\KGB\Help\Russian\screenshot.htm c:\program files\KGB\Help\Russian\settings_node.htm c:\program files\KGB\Help\Russian\update.htm c:\program files\KGB\Help\Russian\users_node.htm c:\program files\KGB\Help\Spanish\alarms.htm c:\program files\KGB\Help\Spanish\clipboard.htm c:\program files\KGB\Help\Spanish\computer.htm c:\program files\KGB\Help\Spanish\delivery.htm c:\program files\KGB\Help\Spanish\filters.htm c:\program files\KGB\Help\Spanish\Help.chm c:\program files\KGB\Help\Spanish\internet.htm c:\program files\KGB\Help\Spanish\invisible.htm c:\program files\KGB\Help\Spanish\keyboard.htm c:\program files\KGB\Help\Spanish\log_size.htm c:\program files\KGB\Help\Spanish\logging.htm c:\program files\KGB\Help\Spanish\password.htm c:\program files\KGB\Help\Spanish\programs.htm c:\program files\KGB\Help\Spanish\screenshot.htm c:\program files\KGB\Help\Spanish\settings_node.htm c:\program files\KGB\Help\Spanish\update.htm c:\program files\KGB\Help\Spanish\users_node.htm c:\program files\KGB\Images\english.gif c:\program files\KGB\Images\german.gif c:\program files\KGB\Images\russian.gif c:\program files\KGB\key.bin c:\program files\KGB\libeay32.dll c:\program files\KGB\logstart.vbs c:\program files\KGB\loguninstall.vbs c:\program files\KGB\Mpk.dll c:\program files\KGB\MPK.exe c:\program files\KGB\Mpk64.dll c:\program files\KGB\MPK64.exe c:\program files\KGB\MPKView.exe c:\program files\KGB\Romanian.lng c:\program files\KGB\Russian.lng c:\program files\KGB\self_copy.vbs c:\program files\KGB\Spanish.lng c:\program files\KGB\sqlite3.dll c:\program files\KGB\ssleay32.dll c:\program files\KGB\unins000.dat c:\program files\KGB\unins000.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-19 to 2009-12-19 )))))))))))))))))))))))))))))) . 2009-12-19 19:31 . 2009-12-19 19:37 -------- d-----w- c:\users\vicky iliaens\AppData\Local\temp 2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Gast\AppData\Local\temp 2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Bruno\AppData\Local\temp 2009-12-16 14:12 . 2009-12-16 14:12 388096 ----a-r- c:\users\vicky iliaens\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2009-12-16 14:12 . 2009-12-16 14:12 -------- d-----w- c:\program files\TrendMicro 2009-12-14 04:33 . 2009-12-14 04:33 249856 ------w- c:\windows\Setup1.exe 2009-12-14 04:33 . 2009-12-14 04:33 73216 ----a-w- c:\windows\ST6UNST.EXE 2009-12-14 03:44 . 2009-12-14 03:44 -------- d-----w- c:\program files\Recuva 2009-12-13 16:06 . 2009-12-13 16:06 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-13 05:25 . 2009-12-13 05:25 -------- d-----w- c:\program files\Windows Portable Devices 2009-12-13 02:06 . 2009-12-14 03:14 -------- d-----w- c:\program files\PowerDataRecovery 2009-12-13 02:05 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-12-13 02:05 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-12-13 02:05 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-12-13 02:03 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-12-13 02:03 . 2009-10-01 01:01 33280 ----a-w- c:\windows\system32\WpdConns.dll 2009-12-13 02:03 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-12-13 02:03 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-12-13 02:03 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-12-13 02:03 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-12-13 02:03 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-12-13 02:03 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-12-13 02:03 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-12-13 02:03 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-12-13 02:03 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys 2009-12-13 02:03 . 2009-10-01 01:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll 2009-12-13 02:03 . 2009-10-01 01:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll 2009-12-13 02:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-12-13 02:01 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-12-13 02:01 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-12-12 23:08 . 2009-12-17 01:46 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\skypePM 2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\ca-ES 2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\eu-ES 2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\vi-VN 2009-12-12 20:04 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll 2009-12-12 20:04 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2009-12-12 20:04 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll 2009-12-12 20:04 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-12-12 20:04 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll 2009-12-12 20:04 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll 2009-12-12 20:04 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll 2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll 2009-12-12 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-12-12 20:04 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-12-12 19:41 . 2009-04-11 06:32 43496 ----a-w- c:\windows\system32\drivers\pciidex.sys 2009-12-12 19:40 . 2009-04-11 06:28 286720 ----a-w- c:\windows\system32\rasapi32.dll 2009-12-12 19:39 . 2009-04-11 06:28 677376 ----a-w- c:\windows\system32\imapi2fs.dll 2009-12-12 19:07 . 2009-12-12 19:07 -------- d-----w- c:\windows\system32\EventProviders 2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----w- c:\program files\Common Files\Skype 2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----r- c:\program files\Skype 2009-12-12 12:22 . 2009-12-12 22:52 -------- d-----w- c:\programdata\hostsvr 2009-12-10 02:07 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-10 02:07 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-10 02:07 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-12-09 16:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2009-11-26 02:02 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 07:08 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 07:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-19 19:33 . 2008-03-02 02:01 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-12-19 19:32 . 2009-01-22 23:48 8365088 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-12-19 19:32 . 2009-01-22 23:48 68528 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-12-19 19:32 . 2009-01-22 23:48 6216 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-12-19 19:32 . 2009-01-22 23:48 1196064 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-12-19 19:28 . 2009-06-16 23:33 -------- d-sh--w- c:\programdata\MPK 2009-12-19 19:08 . 2008-11-27 20:24 -------- d-----w- c:\programdata\Kaspersky Lab 2009-12-19 18:32 . 2007-09-14 12:47 667114 ----a-w- c:\windows\system32\perfh013.dat 2009-12-19 18:32 . 2007-09-14 12:47 126648 ----a-w- c:\windows\system32\perfc013.dat 2009-12-17 06:49 . 2008-03-12 02:49 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Skype 2009-12-13 05:25 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-12-13 05:25 . 2009-12-13 05:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2009-12-13 05:24 . 2009-12-13 05:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-12-12 23:08 . 2009-12-12 23:08 56 ---ha-w- c:\programdata\ezsidmv.dat 2009-12-12 22:53 . 2009-08-07 22:15 -------- d-----w- c:\program files\Unlocker 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-12-12 20:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-12-12 15:27 . 2008-03-12 02:47 -------- d-----w- c:\programdata\Skype 2009-12-12 13:11 . 2008-07-21 05:29 -------- d-----w- c:\program files\Samsung 2009-12-09 01:30 . 2007-09-14 03:42 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-05 04:30 . 2009-02-08 20:29 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Audacity 2009-12-04 00:33 . 2008-06-15 10:26 5288 ----a-w- c:\users\vicky iliaens\AppData\Roaming\wklnhst.dat 2009-11-21 06:40 . 2009-12-09 16:21 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 06:34 . 2009-12-09 16:21 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-11-21 06:34 . 2009-12-09 16:21 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-11-21 04:59 . 2009-12-09 16:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-11-19 11:10 . 2008-11-27 19:58 680 ----a-w- c:\users\vicky iliaens\AppData\Local\d3d9caps.dat 2009-11-02 19:42 . 2009-10-02 22:34 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-14 13:11 . 2008-11-27 20:24 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-10-14 13:11 . 2008-11-27 20:24 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-10-01 01:02 . 2009-12-13 02:04 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-10-01 01:02 . 2009-12-13 02:04 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-12-13 02:04 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-09-25 02:10 . 2009-12-13 02:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-09-25 02:07 . 2009-12-13 02:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-09-25 02:04 . 2009-12-13 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2009-09-25 01:49 . 2009-12-13 02:04 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2009-09-25 01:48 . 2009-12-13 02:04 351232 ----a-w- c:\windows\system32\XpsPrint.dll 2009-09-25 01:38 . 2009-12-13 02:04 847360 ----a-w- c:\windows\system32\OpcServices.dll 2009-09-25 01:36 . 2009-12-13 02:04 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2009-09-25 01:35 . 2009-12-13 02:04 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2009-09-25 01:33 . 2009-12-13 02:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2009-09-25 01:33 . 2009-12-13 02:04 829440 ----a-w- c:\windows\system32\d3d10warp.dll 2009-09-25 01:33 . 2009-12-13 02:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2009-09-25 01:32 . 2009-12-13 02:04 252928 ----a-w- c:\windows\system32\dxdiag.exe 2009-09-25 01:31 . 2009-12-13 02:04 519680 ----a-w- c:\windows\system32\d3d11.dll 2009-09-25 01:31 . 2009-12-13 02:04 486912 ----a-w- c:\windows\system32\d3d10level9.dll 2009-09-25 01:31 . 2009-12-13 02:04 161280 ----a-w- c:\windows\system32\d3d10_1.dll 2009-09-25 01:31 . 2009-12-13 02:04 218112 ----a-w- c:\windows\system32\d3d10_1core.dll 2009-09-25 01:31 . 2009-12-13 02:04 1030144 ----a-w- c:\windows\system32\d3d10.dll 2009-09-25 01:31 . 2009-12-13 02:04 828928 ----a-w- c:\windows\system32\d2d1.dll 2009-09-25 01:30 . 2009-12-13 02:04 481792 ----a-w- c:\windows\system32\dxgi.dll 2009-09-25 01:30 . 2009-12-13 02:04 190464 ----a-w- c:\windows\system32\d3d10core.dll 2009-09-25 01:27 . 2009-12-13 02:04 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-25 01:27 . 2009-12-13 02:04 37888 ----a-w- c:\windows\system32\cdd.dll 2009-09-25 01:27 . 2009-12-13 02:04 793088 ----a-w- c:\windows\system32\FntCache.dll 2009-09-25 01:27 . 2009-12-13 02:04 1064448 ----a-w- c:\windows\system32\DWrite.dll 2009-09-24 22:54 . 2009-12-13 02:04 258048 ----a-w- c:\windows\system32\winspool.drv 2009-09-24 22:54 . 2009-12-13 02:04 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2009-09-24 22:54 . 2009-12-13 02:04 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2007-09-14 13:09 . 2007-09-14 12:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-05 201992] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SysMon"="c:\programdata\SysMon\SysMon.dll" [2008-01-24 626688] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2007-05-24 11:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2008-05-22 12:49 13539872 ----a-w- c:\windows\System32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2008-05-22 12:49 92704 ----a-w- c:\windows\System32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro] 2007-02-15 11:59 118784 ----a-w- c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg] 2007-04-07 00:56 54936 ----a-w- c:\windows\System32\jureg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI] 2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "VistaSp2"=hex(:99,31,99,d3,6d,7b,ca,01 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 33808] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19:02 26640] S2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [1/10/2008 23:18 10240] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [26/06/2008 13:21 21504] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [6/08/2009 0:35 54632] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . ------- Bijkomende Scan ------- . mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=Pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\wpclsp.dll DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab FF - ProfilePath - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\ FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q= FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-19 20:37 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(9164) c:\windows\TEMP\logishrd\LVPrcInj01.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\WUDFHost.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe c:\windows\servicing\TrustedInstaller.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2009-12-19 20:44:25 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-19 19:44 ComboFix2.txt 2009-12-19 17:53 Pre-Run: 160.390.119.424 bytes beschikbaar Post-Run: 160.125.366.272 bytes beschikbaar Current=1 Default=1 Failed=0 LastKnownGood=51 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39, 40,41,42,43,44,45,46,47,48,49,50,51 - - End Of File - - DF1A87CD65DE0BDE89586E608247504F
  15. een bijkomend probleem opeens is dat mijn virusscanner kaspersky niet meer werkt en dat er componenten zouden ontbreken ?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.