vicky_i
-
Items
26 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door vicky_i
-
-
Hier is de log , ik heb hem wel 2x moeten starten dus hoop dat het juist is :
Zoek.exe Version 4.0.0.4 Updated 26-08-2013
Tool run by Vicky on do 29-08-2013 at 14:16:36,68.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vicky\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]
==== System Restore Info ======================
29-8-2013 14:19:42 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BEF35424-9F1B-494E-A2CA-542DB53B8DDD} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully
HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js:
user_pref("browser.startup.homepage", );
user_pref("browser.search.defaultengine", "Ask.com");
Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js:
user_pref("browser.startup.homepage", "Google");
user_pref("browser.search.defaulturl", "Google=");
user_pref("browser.newtab.url", "Google");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "Google=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.search.defaultenginename", "AVG Secure Search");
user_pref("browser.search.selectedEngine", "AVG Secure Search");
Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "Google");
user_pref("browser.search.defaulturl", "Google=");
user_pref("browser.newtab.url", "Google");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "Google=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default
---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ----
---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ----
---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from user.js ----
---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ----
---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ----
---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from user.js ----
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=3012_5");
user_pref("extensions.BabylonToolbar.cntry", "BE");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.hdrMd5", "188518D2EBF48689AD422320B3155343");
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9");
user_pref("extensions.BabylonToolbar.instlDay", "15549");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.29.116:56:25");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "Babylon Search");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.sg", "czb");
user_pref("extensions.BabylonToolbar.smplGrp", "czb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google=");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.29.116:56:25");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "Babylon Search");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25");
---- Lines BabylonToolbar modified from prefs.js ----
---- Lines BabylonToolbar removed from user.js ----
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google=");
user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9");
user_pref("extensions.BabylonToolbar.instlDay", "15549");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.admin", false);
---- Lines delta removed from prefs.js ----
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "4e0e63bd00000000000074de2bf6f5c9");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15944");
user_pref("extensions.delta.vrsn", "1.8.24.6");
user_pref("extensions.delta.vrsni", "1.8.24.6");
user_pref("extensions.delta.vrsnTs", "1.8.24.621:38:28");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "nl");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta_i.babTrack", "affID=123605&tsp=4987");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);
---- Lines ask.com removed from prefs.js ----
---- Lines ask.com modified from prefs.js ----
---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----
---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----
---- Lines ilivid removed from prefs.js ----
---- Lines ilivid modified from prefs.js ----
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\Web Assistant\\\\Firefox\",\"mtime\":1337300953568},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\13.2.0.5\",\"mtime\":1353280183314}}},{\"name\":\"app-global\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487385296},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1337459654001}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487392236},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1352915642216}}}]");
---- FireFox user.js and prefs.js backups ----
user_29-08-2013_1424_.backup
prefs_29-08-2013_1424_.backup
ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user.js not found
---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ----
---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ----
---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ----
---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ----
---- Lines BabylonToolbar removed from prefs.js ----
---- Lines BabylonToolbar modified from prefs.js ----
---- Lines delta removed from prefs.js ----
---- Lines delta modified from prefs.js ----
---- Lines ask.com removed from prefs.js ----
---- Lines ask.com modified from prefs.js ----
---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----
---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----
---- Lines ilivid removed from prefs.js ----
---- Lines ilivid modified from prefs.js ----
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ----
---- FireFox user.js and prefs.js backups ----
prefs_29-08-2013_1424_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
==== Deleting Files \ Folders ======================
"C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted
"C:\user.js" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
"C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
"C:\Program Files (x86)\Mozilla Firefox\user.js" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted
"C:\Windows\wininit.ini" deleted
"C:\user.js" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft" deleted
"C:\Program Files\Web Assistant" deleted
"C:\ProgramData\BrowserDefender" not deleted
"C:\Users\Vicky\AppData\Roaming\BabSolution" deleted
"C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted
"C:\Program Files (x86)\Search Results Toolbar" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted
"C:\Program Files (x86)\1ClickDownload" deleted
"C:\Program Files (x86)\Yontoo" deleted
"C:\Program Files (x86)\WiseConvert" deleted
"C:\Program Files (x86)\Conduit" deleted
"C:\Program Files\Web Assistant" deleted
"C:\Users\Vicky\AppData\Roaming\DVDVideoSoftIEHelpers" deleted
"C:\Users\Vicky\AppData\Roaming\BabSolution" deleted
"C:\Users\Vicky\AppData\Roaming\Babylon" deleted
"C:\Users\Vicky\AppData\Roaming\OpenCandy" deleted
"C:\ProgramData\BrowserDefender" not deleted
"C:\ProgramData\boost_interprocess" deleted
"C:\ProgramData\Wincert" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Babylon" deleted
"C:\Users\Vicky\AppData\Local\iLivid" deleted
"C:\Users\Vicky\AppData\Local\Conduit" deleted
"C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted
"C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted
"C:\Users\Vicky\AppData\LocalLow\Incredibar.com" deleted
"C:\Users\Vicky\AppData\LocalLow\PriceGong" deleted
"C:\Users\Vicky\AppData\LocalLow\Conduit" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Vicky\AppData\Local\Temp ====
2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe
2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe
2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe
2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe
2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe
2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe
2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE
====== C:\Windows\SysWOW64 =====
2013-08-20 07:27:27 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-08-20 07:27:26 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-08-20 07:27:25 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-20 07:27:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-08-20 07:27:25 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-08-20 07:27:25 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-08-20 07:27:24 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-08-20 07:27:23 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-08-20 07:27:22 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-08-20 07:27:21 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-08-20 07:27:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-08-20 07:27:19 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-08-20 07:27:19 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-08-20 07:27:18 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-08-20 07:27:13 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-08-19 11:45:21 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-08-19 11:45:20 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-08-19 11:45:20 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2013-08-19 11:45:04 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2013-08-19 11:45:02 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2013-08-19 11:43:36 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-08-20 07:27:27 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-08-20 07:27:26 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-08-20 07:27:25 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-08-20 07:27:25 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-08-20 07:27:25 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-08-20 07:27:25 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-08-20 07:27:25 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-08-20 07:27:24 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-08-20 07:27:23 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-08-20 07:27:22 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-08-20 07:27:22 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-08-20 07:27:20 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-08-20 07:27:19 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-08-20 07:27:19 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-08-20 07:27:16 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-08-20 07:27:15 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-08-19 11:45:22 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll
2013-08-19 11:45:21 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll
2013-08-19 11:45:20 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2013-08-19 11:45:20 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2013-08-19 11:45:04 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2013-08-19 11:45:02 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2013-08-19 11:43:36 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL
====== C:\Windows\Sysnative\drivers =====
2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys
2013-08-19 11:43:34 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-08-19 11:43:34 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
====== C:\Windows\Tasks ======
2013-08-27 19:29:15 600AD6B878A025883CFFAB47DEE45F87 3200 ----a-w- C:\Windows\Sysnative\Tasks\{08BF7A00-7AB1-41D1-BEA9-254C0B1D06E4}
2013-08-27 19:24:02 6A55AF0AD097D676CDD29CC2E7BEDD6B 3196 ----a-w- C:\Windows\Sysnative\Tasks\{6AFE08A9-EE6B-4653-8E72-D80F31E091F6}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-08-29 03:16:34 -------- d-----w- C:\Program Files\trend micro
======= C:\Program Files (x86) =====
2013-08-25 03:40:23 -------- d-----w- C:\Program Files (x86)\Gmail Account Password Hacker
2013-08-25 02:51:00 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-08-25 02:50:59 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
======= C: =====
====== C:\Users\Vicky\AppData\Roaming ======
2013-08-25 02:51:17 -------- d-----w- C:\users\Vicky\AppData\Local\AVG Secure Search
2013-08-25 02:51:06 -------- d-----w- C:\users\Vicky\AppData\Locallow\AVG Secure Search
====== C:\Users\Vicky ======
2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe
2013-08-27 19:02:10 -------- d-----w- C:\ProgramData\BrowserDefender
2013-08-25 02:51:00 -------- d-----w- C:\ProgramData\AVG Secure Search
2013-08-25 02:49:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe
====== C: exe-files ==
2013-08-29 03:16:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Vicky.exe
2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe
2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe
2013-08-27 20:02:38 77FDA6678AEACFA196E5DDDC4FC2742C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I0PCBOG.exe
2013-08-27 19:53:06 EF0341C438A93DB02D793445B8F746E3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I45QSXT.exe
2013-08-27 19:53:06 A175834A36CE08722A83C7D58C929547 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I4LZ4G9.exe
2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe
2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe
2013-08-27 19:27:27 F01447D544EC5C472D8C5456E73C78D1 2245128 ----a-w- C:\PASS BREAKER\PASS BREAKER.exe
2013-08-27 19:02:14 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
2013-08-27 19:02:13 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe
2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe
2013-08-26 04:09:06 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.5.0\DriverInstaller.exe
2013-08-26 04:08:54 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.5.0\ScriptHelper.exe
2013-08-26 04:08:52 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
2013-08-26 04:08:50 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ToolbarUpdater.exe
2013-08-26 04:08:50 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ScriptHelper.exe
2013-08-26 04:08:50 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller_64.exe
2013-08-26 04:08:50 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\lip.exe
2013-08-26 04:08:50 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\Uninstall.exe
2013-08-26 04:08:50 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\vprot.exe
2013-08-26 04:08:50 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller.exe
2013-08-26 04:08:50 2C1B0965CB65797001053D8956F9CD54 2226864 ----a-w- C:\Windows\Temp\avg_a06404\avg-secure-search-installer.exe
2013-08-26 04:08:50 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\PostInstall.exe
2013-08-26 04:08:50 01A17E294876ECB573AD32530961F29B 573616 ----a-w- C:\Windows\Temp\avg_a06404\ConfigFiles\MachineIdCreator.exe
2013-08-26 04:08:46 A8893D3F119C8143B2FC53F5CF21EE01 4547608 ----a-w- C:\Windows\Temp\{E2F131AF-3C99-41C9-817E-C34B87253705}.exe
2013-08-25 03:40:28 8B4614F20714CB9C5EB3C900E6188E48 83187 ----a-w- C:\Program Files (x86)\Gmail Account Password Hacker\Uninstal.exe
2013-08-25 03:38:36 69B8F0BA1A143F5BC0BD8635FCC93038 361833 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R4LZ4G9.exe
2013-08-25 02:51:04 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.4.0\DriverInstaller.exe
2013-08-25 02:51:02 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.4.0\ScriptHelper.exe
2013-08-25 02:51:00 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
2013-08-25 02:50:59 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe
2013-08-25 02:50:59 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe
2013-08-25 02:50:59 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe
2013-08-25 02:50:59 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe
2013-08-25 02:50:57 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller_64.exe
2013-08-25 02:50:57 B387C48CDDB2CC5A9D0D9BBCCBFC50D8 640176 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller.exe
2013-08-25 02:50:57 94BA6BFC9227C59FD0969C54C102D14C 641200 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\PostInstall.exe
2013-08-25 02:50:57 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ScriptHelper.exe
2013-08-25 02:50:57 8869725DD27C46270A8EC56101C1FDF8 920240 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\lip.exe
2013-08-25 02:50:57 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ToolbarUpdater.exe
2013-08-25 02:50:57 6F8DAE4F43AF2F070292198CEAE16995 2285232 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\vprot.exe
2013-08-25 02:50:57 4F11E85CAE13A8881746B8FBB189EAA6 2196656 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\avg-secure-search-installer.exe
2013-08-25 02:50:57 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\Uninstall.exe
2013-08-25 02:50:57 0CA44A7F835FCD0B45B5360119A56566 572592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ConfigFiles\MachineIdCreator.exe
2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe
2013-08-25 02:50:33 FCAD3F53F501D80F444B92AC72A5A164 466608 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller.exe
2013-08-25 02:50:33 DF54FD732F04503A7C72285EA46E9037 1228976 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\avg-secure-search-installer.exe
2013-08-25 02:50:33 CCAC95DD3E5763AF41F074F1E3DBB0FF 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller_64.exe
2013-08-25 02:50:33 BF3479A3BE727D029321BD7601E8EAE1 1008816 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ToolbarUpdater.exe
2013-08-25 02:50:33 B48EE9A609A699B9FC8476444B988D0D 662192 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\lip.exe
2013-08-25 02:50:33 81A4A3692AA20B590CC643CB7E4D786A 1223344 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\vprot.exe
2013-08-25 02:50:33 5EC8F26F556E29B534607FDEBA7CD767 1380016 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ScriptHelper.exe
2013-08-25 02:50:33 5AD26C4F28D6D0F005E86D3F9A1CCA0C 1053872 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\Uninstall.exe
2013-08-25 02:50:33 57E3A9692DFDF4770ACB62F546B7F7EC 511664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\PostInstall.exe
2013-08-25 02:50:33 3984CFC8A3E3A1F09CC2657A4DF99C32 501424 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ConfigFiles\MachineIdCreator.exe
2013-08-25 02:49:13 55018D7287E4519AB084A3DAD68E97FE 341040 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgndisa.exe
2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe
2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE
=== C: other files ==
2013-08-27 19:53:24 A3DCBE772B3C04A26FD07ABFCD6E781F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I78T4BW.zip
2013-08-27 19:53:24 889C036F2F4FF4BCA55DC8BC8E33B7E4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IHB1U54.zip
2013-08-27 19:53:24 239331BB0EEB77FD0D43D2711ADF65C8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IUN6S9J.zip
2013-08-27 19:27:27 D25D6E0DFE526AED99EC54035022EB6A 119688 ----a-w- C:\PASS BREAKER\PASS.com
2013-08-27 19:27:27 3F5BF11C972707414C5076BC7E8B4BE5 38792 ----a-w- C:\PASS BREAKER\PASSS.com
2013-08-27 19:26:51 A26255EAA2B524671CAB1456542E1952 6173974 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RHB1U54.zip
2013-08-27 19:03:42 94A5279AF49FCA6CD0B75D94B94C2B0B 2247449 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R78T4BW.zip
2013-08-27 19:01:16 9680FA2C72D3C8A311BE2AF3A5658763 2319198 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RUN6S9J.zip
2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\CBA677A9-BAB0-7891-9B7D-9DB0B7975820\Latest\Delta.crx
2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\877025C1-BAB0-7891-A5A7-A0B6CB046942\Latest\Delta.crx
2013-08-26 04:08:50 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx64.sys
2013-08-26 04:08:50 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx86.sys
2013-08-26 04:08:49 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\Windows\Temp\avg_a06404\ProgData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx
2013-08-26 04:08:49 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\data.zip
2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-08-25 02:50:59 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip
2013-08-25 02:50:57 BB83BDE5C9EB8A1B932D4A8374758EF8 37664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx86.sys
2013-08-25 02:50:57 5294DEE34D094B14D7E2697E9BB880B5 257167 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx
2013-08-25 02:50:57 18AAAC7ED383C465E319B5DD07D0A0B6 45856 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx64.sys
2013-08-25 02:50:56 264F8E1A89771B80D9F2985A68BAA8C3 178115 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\data.zip
2013-08-25 02:50:33 A64D0F9E1D19C3D57E79AAA0EF7A284E 40736 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx64.sys
2013-08-25 02:50:33 56E9703A6F7D60B9862FB95253753C5A 34592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx86.sys
2013-08-25 02:50:32 DA5604B49CBCF95E555E88BA2E13AEA8 237719 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgData\AVG Secure Search\ChromeExt\15.1.0.2\avg.crx
2013-08-25 02:50:17 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"MCCNL Sepang ModemListener"="C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"
"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nero MediaHome 4]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nero MediaHome 4"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nero\\Nero MediaHome 4\\NeroMediaHome.exe\" /AUTORUN"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2013 15:23]
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\B8E97F67-9FD6-46AD-B075-D261AFD597E3.exe []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default
- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5
- Search-Results Toolbar - %ProfilePath%\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\extensions\staged
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default
6BE1D348BE7547113EF27B26777917CC - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll - Shockwave Flash
==== Deleting Files \ Folders ======================
"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]
jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click12.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Fotomodel Vicky Iliaens"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Fotomodel Vicky Iliaens"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully
==== HijackThis Entries ======================
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Vicky\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found
"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found
"C:\ProgramData\BrowserDefender" not found
"C:\ProgramData\BrowserDefender" not found
==== EOF on do 29-08-2013 at 14:32:56,81 ======================
Mijn computer doet nu wel nog vreemdere dingen dan voorheen eigenlijk , enig idee waarom ? Kan het te maken hebben met de hijack-tools enzo ?
alvast bedankt !
-
Hey ,
Bedankt voor je reactie , had al rondgekeken maar vond niet zo meteen een oplossing .
Hier is de log ( wel lang he ? )
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vicky at 2013-08-29 05:16:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (31%) free of 463 GB
Total RAM: 5813 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:16:39, on 29-8-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Vicky.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - (no file)
R3 - URLSearchHook: (no name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11146 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=24ac0011-9e3a-4f61-8fc4-3d2c232a0e2a /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f4b8481b-e785-445a-b001-7a303c2ab07a-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe" -start
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "145653779-1046690077-93042660013855400471511417261622959385-1391086703-1938059911
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe" start
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=72725b19-56a4-446f-8aa3-d94d10012351 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\24a0d72f-09b0-417d-850c-ee0a362ebc51-974-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5200
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe -Embedding
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {EAF7E937-5DCD-49B1-9C11-DE89631ABD33}
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Vicky\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
"C:\Windows\system32\schtasks.exe" /create /tn "BrowserDefendert" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start BrowserDefendert" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "-1529313953131027354-564523101406650943-991915618-1914365789-1625768932397484133
"C:\Windows\system32\notepad.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Vicky\Documents\I should have known from the start and embrace when im angry.txt
C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:1250760 /prefetch:2
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Windows\system32\notepad.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe150_ Global\UsGthrCtrlFltPipeMssGthrPipe150 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Vicky\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default
prefs.js - "browser.startup.homepage" -
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"{8E9E3331-D360-4f87-8803-52DE43566502}"=C:\Program Files\Web Assistant\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
staged
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
bing.xml
bolcom-nl.xml
google.xml
marktplaats-nl.xml
Search_Results.xml
wikipedia-nl.xml
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\
{f34c9277-6577-4dff-b2d7-7d58092f272f}
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\
askcom.xml
babylon.xml
delta.xml
Search_Results.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-06-28 339456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-06-28 279552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-15 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-15 416024]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-28 2723624]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"MCCNL Sepang ModemListener"=C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [2011-06-20 102400]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-07-01 4411440]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-08-26 2314416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 month======
2013-08-29 05:16:34 ----D---- C:\rsit
2013-08-29 05:16:34 ----D---- C:\Program Files\trend micro
2013-08-27 21:27:27 ----D---- C:\PASS BREAKER
2013-08-27 21:02:10 ----D---- C:\ProgramData\BrowserDefender
2013-08-27 21:02:01 ----D---- C:\Users\Vicky\AppData\Roaming\BabSolution
2013-08-25 05:40:23 ----D---- C:\Program Files (x86)\Gmail Account Password Hacker
2013-08-25 04:51:04 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-08-25 04:51:00 ----D---- C:\ProgramData\AVG Secure Search
2013-08-25 04:50:59 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-08-20 09:27:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-20 09:27:26 ----A---- C:\Windows\system32\ieui.dll
2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-20 09:27:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesetup.dll
2013-08-20 09:27:25 ----A---- C:\Windows\system32\iernonce.dll
2013-08-20 09:27:25 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-20 09:27:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-20 09:27:24 ----A---- C:\Windows\system32\iertutil.dll
2013-08-20 09:27:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-20 09:27:23 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-20 09:27:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript9.dll
2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript.dll
2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-20 09:27:20 ----A---- C:\Windows\system32\urlmon.dll
2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-20 09:27:19 ----A---- C:\Windows\system32\wininet.dll
2013-08-20 09:27:19 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-20 09:27:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-20 09:27:16 ----A---- C:\Windows\system32\ieframe.dll
2013-08-20 09:27:15 ----A---- C:\Windows\system32\mshtml.dll
2013-08-20 09:27:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-19 13:45:22 ----A---- C:\Windows\system32\crypt32.dll
2013-08-19 13:45:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-19 13:45:21 ----A---- C:\Windows\system32\wintrust.dll
2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-19 13:45:04 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-19 13:45:04 ----A---- C:\Windows\system32\tzres.dll
2013-08-19 13:45:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-19 13:45:02 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-19 13:43:36 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-19 13:43:36 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-15 03:01:43 ----D---- C:\Windows\system32\MRT
2013-08-13 21:51:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
======List of files/folders modified in the last 1 month======
2013-08-29 05:16:39 ----D---- C:\Windows\Prefetch
2013-08-29 05:16:36 ----D---- C:\Windows\Temp
2013-08-29 05:16:34 ----RD---- C:\Program Files
2013-08-29 05:07:00 ----D---- C:\ProgramData\MFAData
2013-08-29 04:32:13 ----D---- C:\Users\Vicky\AppData\Roaming\Skype
2013-08-29 01:20:43 ----D---- C:\Windows\tracing
2013-08-28 14:26:34 ----D---- C:\Windows\system32\config
2013-08-27 21:50:57 ----RD---- C:\Program Files (x86)
2013-08-27 21:50:45 ----D---- C:\Windows\system32\Tasks
2013-08-27 21:33:35 ----D---- C:\Program Files\Web Assistant
2013-08-27 21:02:10 ----HD---- C:\ProgramData
2013-08-27 16:08:23 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-27 16:06:42 ----D---- C:\Windows\system32\drivers
2013-08-27 16:06:42 ----D---- C:\Windows\inf
2013-08-27 16:06:39 ----D---- C:\Windows\system32\DriverStore
2013-08-25 04:51:21 ----SHD---- C:\Windows\Installer
2013-08-25 04:51:08 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-25 04:51:00 ----D---- C:\Program Files (x86)\Common Files
2013-08-25 04:50:17 ----D---- C:\ProgramData\AVG2013
2013-08-25 04:49:03 ----SHD---- C:\System Volume Information
2013-08-25 04:18:25 ----D---- C:\Windows
2013-08-25 04:12:53 ----D---- C:\Windows\system32\catroot2
2013-08-24 01:59:54 ----D---- C:\Windows\Panther
2013-08-24 01:59:54 ----D---- C:\Windows\debug
2013-08-21 22:47:55 ----D---- C:\Windows\System32
2013-08-21 22:47:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-21 21:35:19 ----D---- C:\Windows\rescache
2013-08-21 15:23:26 ----D---- C:\Windows\SysWOW64
2013-08-21 15:23:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-21 02:37:49 ----D---- C:\Windows\Microsoft.NET
2013-08-21 02:37:28 ----RSD---- C:\Windows\assembly
2013-08-20 21:39:20 ----D---- C:\Windows\winsxs
2013-08-20 21:37:05 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-08-20 21:37:05 ----D---- C:\Windows\system32\nl-NL
2013-08-20 21:37:04 ----D---- C:\Program Files\Internet Explorer
2013-08-20 21:37:04 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-20 09:27:45 ----D---- C:\Windows\system32\catroot
2013-08-20 09:21:17 ----A---- C:\Windows\system32\MRT.exe
2013-08-19 23:25:47 ----D---- C:\Windows\Tasks
2013-08-19 23:25:47 ----D---- C:\Windows\SYSWOW64\wbem
2013-08-19 23:25:47 ----D---- C:\Windows\system32\wfp
2013-08-19 23:25:47 ----D---- C:\Windows\AppPatch
2013-08-19 23:25:45 ----D---- C:\Windows\system32\wbem
2013-08-19 23:25:45 ----D---- C:\Windows\system32\CodeIntegrity
2013-08-19 23:25:36 ----D---- C:\Windows\AppCompat
2013-08-19 23:25:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-08-19 23:25:03 ----D---- C:\Windows\registration
2013-08-19 23:13:22 ----D---- C:\Windows\system32\NDF
2013-08-10 11:49:34 ----D---- C:\Users\Vicky\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-07-10 45880]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-08-26 45856]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-10-27 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-10-27 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-10-27 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-28 1417776]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 ASNDIS4;ASNDIS4 Protocol Driver; \??\C:\Windows\syswow64\ASNDIS4.SYS []
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\jrdusbser.sys [2011-06-20 120832]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-09-16 325656]
R2 MCCNL Sepang Modem Device Helper;MCCNL Sepang Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [2011-06-20 49752]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-09-16 2538520]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-08-26 1643184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-07-25 1432080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-12 655624]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736]
-----------------EOF-----------------
-
Beste leden en beheerders ,
Ik heb al een tijdje problemen met mijn internet explorer .
Het begon met het traag laden van pagina's , nadien sloten de pagina's vanzelf en kreeg ik de melding dat het programma niet meer werkte , meldingen zoals : ' dit tabblad is gesloten en opnieuw geopend vanwege een probleem met deze pagina ' .
In het begin dacht ik dat het aan facebook lag , daar die pagina wel geregeld fout liep destijds , maar ondertussen werd het alleen maar erger ,
het begon vooral met multimedia-site's , zoals youtube en indien ik foto's wou bewerken online , wou de foto niet uploaden .
Als ik dan na herhaaldelijke pogingen de foto online kreeg , kreeg ik een pagina in het grijs met een uitroepteken , alsof het adobe flash player was .
Ik kreeg in het begin dan de melding dat ie.dll niet meer werkte en nu sinds vandaag kreeg ik de melding dat ieframe.dll niet meer werkt .
Ik weet niet goed waar het probleem aan kan liggen , ik gebruik verder ook als antivirus AVG en heb die regelmatig laten scannen , maar die vind helemaal niets .
Hiernaast gebruik ik ook Ccleaner om de overbodige en tijdelijke bestanden te verwijderen .
Ik hoop dat iemand me raad weet want dit is verre van fijn natuurlijk .
Alvast dank bij voorbaat
-
hallo ,
het wil gewoon niet meer opstarten , gaat niet meer open , zonder foutmeldingen .
gisteren speelde hij plots zonder probleem weer muziek af , en nu weer niet meer ,
het is inderdaad versie 11 ,
Groetjes
-
ik weet eigenlijk niet welke versie het is , maar de computer zegt wel iedere keer dat de nieuwste updates al geïnstalleerd zijn , foutmeldingen krijg ik niet nee , het is gewoon als ik erop klik dat het niet eens meer opent , ook als ik op muziek ofzo klik gaat het niet meer open ,
Groetjes
-
hallo ,
mijn windows media player werkt plots niet meer ,
weet iemand aub raad ?
ik ken echt niet veel van pc's ,
Groetjes ,
Vicky
-
hey Kape ,
Heb gezocht , maar dat staat niet op mijn pc ,
Groetjes
-
en vandaag weer die melding gekregen dll werkt ni meer
-
Dit is een Windows-onderdeel. Kan je (normaal) herstellen door in de zoekbalk de opdracht sfc /scannow te tikken. Onderweg wordt naar de Windows-CD gevraagd. Die kan je alvast klaarhouden.
doet helaas helemaal niks en mijn antivirus , als ik er op klik reageert ook niet of hij geeft weer dat er vanalles ontbreekt ,
Groetjes
-
heb dat gedaan nu en ik heb toch niet meteen nog meldingen , maar ik ben wel mijn virusscaner zoek geraakt ,
die stond niet op cd , is via het net , maar wel een met licentie natuurlijk , wat moet ik nu doen ?
hij zegt dat er iets van ontbreekt ofzo
Groetjes
-
ik heb zo geen knopje met uitvoeren helaas , heb windows vista he
op welk mag ik dan wel drukken ?
Groetjes
-
dat krijg ik niet meer ,
maar het was wel meer dan dat ,
her en der begon ik meldingen te krijgen dat dat programma niet meer werkte , dan was het windows verkenner dat niet meer werkte etc ,
nu heb ik geen probs , behalve men virusscanner die ik niet meer kan opstarten , tips ?
-
logje van HijackThis :
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 21:04:40, on 19/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [sysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
--
End of file - 8011 bytes
en een logje van die combofix of kittyfix :
ComboFix 09-12-18.03 - vicky iliaens 19/12/2009 20:18:58.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1918.990 [GMT 1:00]
Gestart vanuit: c:\users\vicky iliaens\Downloads\KittyFix.exe
gebruikte Opdracht switches :: c:\users\vicky iliaens\Desktop\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\KGB
c:\program files\KGB\German.lng
c:\program files\KGB\Help\English\alarms.htm
c:\program files\KGB\Help\English\clipboard.htm
c:\program files\KGB\Help\English\computer.htm
c:\program files\KGB\Help\English\delivery.htm
c:\program files\KGB\Help\English\filters.htm
c:\program files\KGB\Help\English\Help.chm
c:\program files\KGB\Help\English\internet.htm
c:\program files\KGB\Help\English\invisible.htm
c:\program files\KGB\Help\English\keyboard.htm
c:\program files\KGB\Help\English\log_size.htm
c:\program files\KGB\Help\English\logging.htm
c:\program files\KGB\Help\English\password.htm
c:\program files\KGB\Help\English\programs.htm
c:\program files\KGB\Help\English\screenshot.htm
c:\program files\KGB\Help\English\settings_node.htm
c:\program files\KGB\Help\English\update.htm
c:\program files\KGB\Help\English\users_node.htm
c:\program files\KGB\Help\German\Help.chm
c:\program files\KGB\Help\German\update.htm
c:\program files\KGB\Help\Russian\alarms.htm
c:\program files\KGB\Help\Russian\clipboard.htm
c:\program files\KGB\Help\Russian\computer.htm
c:\program files\KGB\Help\Russian\delivery.htm
c:\program files\KGB\Help\Russian\filters.htm
c:\program files\KGB\Help\Russian\Help.chm
c:\program files\KGB\Help\Russian\internet.htm
c:\program files\KGB\Help\Russian\invisible.htm
c:\program files\KGB\Help\Russian\keyboard.htm
c:\program files\KGB\Help\Russian\log_size.htm
c:\program files\KGB\Help\Russian\logging.htm
c:\program files\KGB\Help\Russian\password.htm
c:\program files\KGB\Help\Russian\programs.htm
c:\program files\KGB\Help\Russian\screenshot.htm
c:\program files\KGB\Help\Russian\settings_node.htm
c:\program files\KGB\Help\Russian\update.htm
c:\program files\KGB\Help\Russian\users_node.htm
c:\program files\KGB\Help\Spanish\alarms.htm
c:\program files\KGB\Help\Spanish\clipboard.htm
c:\program files\KGB\Help\Spanish\computer.htm
c:\program files\KGB\Help\Spanish\delivery.htm
c:\program files\KGB\Help\Spanish\filters.htm
c:\program files\KGB\Help\Spanish\Help.chm
c:\program files\KGB\Help\Spanish\internet.htm
c:\program files\KGB\Help\Spanish\invisible.htm
c:\program files\KGB\Help\Spanish\keyboard.htm
c:\program files\KGB\Help\Spanish\log_size.htm
c:\program files\KGB\Help\Spanish\logging.htm
c:\program files\KGB\Help\Spanish\password.htm
c:\program files\KGB\Help\Spanish\programs.htm
c:\program files\KGB\Help\Spanish\screenshot.htm
c:\program files\KGB\Help\Spanish\settings_node.htm
c:\program files\KGB\Help\Spanish\update.htm
c:\program files\KGB\Help\Spanish\users_node.htm
c:\program files\KGB\Images\english.gif
c:\program files\KGB\Images\german.gif
c:\program files\KGB\Images\russian.gif
c:\program files\KGB\key.bin
c:\program files\KGB\libeay32.dll
c:\program files\KGB\logstart.vbs
c:\program files\KGB\loguninstall.vbs
c:\program files\KGB\Mpk.dll
c:\program files\KGB\MPK.exe
c:\program files\KGB\Mpk64.dll
c:\program files\KGB\MPK64.exe
c:\program files\KGB\MPKView.exe
c:\program files\KGB\Romanian.lng
c:\program files\KGB\Russian.lng
c:\program files\KGB\self_copy.vbs
c:\program files\KGB\Spanish.lng
c:\program files\KGB\sqlite3.dll
c:\program files\KGB\ssleay32.dll
c:\program files\KGB\unins000.dat
c:\program files\KGB\unins000.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-11-19 to 2009-12-19 ))))))))))))))))))))))))))))))
.
2009-12-19 19:31 . 2009-12-19 19:37 -------- d-----w- c:\users\vicky iliaens\AppData\Local\temp
2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Gast\AppData\Local\temp
2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-19 19:31 . 2009-12-19 19:31 -------- d-----w- c:\users\Bruno\AppData\Local\temp
2009-12-16 14:12 . 2009-12-16 14:12 388096 ----a-r- c:\users\vicky iliaens\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2009-12-16 14:12 . 2009-12-16 14:12 -------- d-----w- c:\program files\TrendMicro
2009-12-14 04:33 . 2009-12-14 04:33 249856 ------w- c:\windows\Setup1.exe
2009-12-14 04:33 . 2009-12-14 04:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-14 03:44 . 2009-12-14 03:44 -------- d-----w- c:\program files\Recuva
2009-12-13 16:06 . 2009-12-13 16:06 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-13 05:25 . 2009-12-13 05:25 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-13 02:06 . 2009-12-14 03:14 -------- d-----w- c:\program files\PowerDataRecovery
2009-12-13 02:05 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-13 02:05 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-13 02:05 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-13 02:03 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-13 02:03 . 2009-10-01 01:01 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-12-13 02:03 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-12-13 02:03 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-13 02:03 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-12-13 02:03 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-12-13 02:03 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-13 02:03 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-12-13 02:03 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-12-13 02:03 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-13 02:03 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-12-13 02:03 . 2009-10-01 01:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-12-13 02:03 . 2009-10-01 01:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-12-13 02:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-13 02:01 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-13 02:01 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-12 23:08 . 2009-12-17 01:46 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\skypePM
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\ca-ES
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\eu-ES
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\vi-VN
2009-12-12 20:04 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-12-12 20:04 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-12-12 20:04 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-12-12 20:04 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-12-12 20:04 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-12-12 20:04 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-12-12 20:04 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-12-12 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-12-12 20:04 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-12-12 19:41 . 2009-04-11 06:32 43496 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-12-12 19:40 . 2009-04-11 06:28 286720 ----a-w- c:\windows\system32\rasapi32.dll
2009-12-12 19:39 . 2009-04-11 06:28 677376 ----a-w- c:\windows\system32\imapi2fs.dll
2009-12-12 19:07 . 2009-12-12 19:07 -------- d-----w- c:\windows\system32\EventProviders
2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----r- c:\program files\Skype
2009-12-12 12:22 . 2009-12-12 22:52 -------- d-----w- c:\programdata\hostsvr
2009-12-10 02:07 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 02:07 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 02:07 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 16:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-11-26 02:02 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 07:08 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 07:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 19:33 . 2008-03-02 02:01 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-12-19 19:32 . 2009-01-22 23:48 8365088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-19 19:32 . 2009-01-22 23:48 68528 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-19 19:32 . 2009-01-22 23:48 6216 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-19 19:32 . 2009-01-22 23:48 1196064 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-12-19 19:28 . 2009-06-16 23:33 -------- d-sh--w- c:\programdata\MPK
2009-12-19 19:08 . 2008-11-27 20:24 -------- d-----w- c:\programdata\Kaspersky Lab
2009-12-19 18:32 . 2007-09-14 12:47 667114 ----a-w- c:\windows\system32\perfh013.dat
2009-12-19 18:32 . 2007-09-14 12:47 126648 ----a-w- c:\windows\system32\perfc013.dat
2009-12-17 06:49 . 2008-03-12 02:49 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Skype
2009-12-13 05:25 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-13 05:25 . 2009-12-13 05:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-12-13 05:24 . 2009-12-13 05:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-12 23:08 . 2009-12-12 23:08 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-12-12 22:53 . 2009-08-07 22:15 -------- d-----w- c:\program files\Unlocker
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-12-12 20:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-12-12 15:27 . 2008-03-12 02:47 -------- d-----w- c:\programdata\Skype
2009-12-12 13:11 . 2008-07-21 05:29 -------- d-----w- c:\program files\Samsung
2009-12-09 01:30 . 2007-09-14 03:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 04:30 . 2009-02-08 20:29 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Audacity
2009-12-04 00:33 . 2008-06-15 10:26 5288 ----a-w- c:\users\vicky iliaens\AppData\Roaming\wklnhst.dat
2009-11-21 06:40 . 2009-12-09 16:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 16:21 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 16:21 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 16:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 11:10 . 2008-11-27 19:58 680 ----a-w- c:\users\vicky iliaens\AppData\Local\d3d9caps.dat
2009-11-02 19:42 . 2009-10-02 22:34 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-14 13:11 . 2008-11-27 20:24 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 13:11 . 2008-11-27 20:24 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-01 01:02 . 2009-12-13 02:04 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-12-13 02:04 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-12-13 02:04 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-12-13 02:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-12-13 02:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-12-13 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-12-13 02:04 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-12-13 02:04 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-12-13 02:04 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-12-13 02:04 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-12-13 02:04 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-12-13 02:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-12-13 02:04 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-12-13 02:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-12-13 02:04 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-12-13 02:04 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-12-13 02:04 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-12-13 02:04 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-12-13 02:04 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-12-13 02:04 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-12-13 02:04 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-12-13 02:04 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-12-13 02:04 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-12-13 02:04 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-12-13 02:04 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-12-13 02:04 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-12-13 02:04 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-12-13 02:04 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-12-13 02:04 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-12-13 02:04 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2007-09-14 13:09 . 2007-09-14 12:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-05 201992]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SysMon"="c:\programdata\SysMon\SysMon.dll" [2008-01-24 626688]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-05-24 11:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-22 12:49 13539872 ----a-w- c:\windows\System32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-22 12:49 92704 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
2007-02-15 11:59 118784 ----a-w- c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
2007-04-07 00:56 54936 ----a-w- c:\windows\System32\jureg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]
2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(
:99,31,99,d3,6d,7b,ca,01R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19:02 26640]
S2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [1/10/2008 23:18 10240]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [26/06/2008 13:21 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [6/08/2009 0:35 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-19 20:37
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(9164)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Voltooingstijd: 2009-12-19 20:44:25 - machine werd herstart
ComboFix-quarantined-files.txt 2009-12-19 19:44
ComboFix2.txt 2009-12-19 17:53
Pre-Run: 160.390.119.424 bytes beschikbaar
Post-Run: 160.125.366.272 bytes beschikbaar
Current=1 Default=1 Failed=0 LastKnownGood=51 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,
20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,
40,41,42,43,44,45,46,47,48,49,50,51
- - End Of File - - DF1A87CD65DE0BDE89586E608247504F
-
een bijkomend probleem opeens is dat mijn virusscanner kaspersky niet meer werkt en dat er componenten zouden ontbreken ?
-
dit is de log die ik uitkwam :
ComboFix 09-12-18.03 - vicky iliaens 19/12/2009 18:13:18.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1918.940 [GMT 1:00]
Gestart vanuit: c:\users\vicky iliaens\Downloads\KittyFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
ADS - system32: deleted 12 bytes in 1 streams.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\users\vicky iliaens\AppData\Roaming\Desktopicon
c:\users\vicky iliaens\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF
c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_4dbwk3vzg0jwqwajd3g1keoenv0vowdp\1.5.2.0\user.config
c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_ckqc3jgdmsjkw1foyhjkdx1yso2dt04k\1.5.2.0\user.config
c:\users\vicky iliaens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Productregistratie.lnk
c:\users\vicky iliaens\x.exe
c:\windows\Cursors\aero_link.cur
c:\windows\system32\DEBUG.log
c:\windows\TEMP\logishrd\LVPrcInj07.dll
c:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl . . . . konden niet verwijderd worden
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-11-19 to 2009-12-19 ))))))))))))))))))))))))))))))
.
2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Gast\AppData\Local\temp
2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Bruno\AppData\Local\temp
2009-12-16 14:12 . 2009-12-16 14:12 -------- d-----w- c:\program files\TrendMicro
2009-12-14 04:33 . 2009-12-14 04:33 249856 ------w- c:\windows\Setup1.exe
2009-12-14 04:33 . 2009-12-14 04:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-14 03:44 . 2009-12-14 03:44 -------- d-----w- c:\program files\Recuva
2009-12-13 05:25 . 2009-12-13 05:25 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-13 02:06 . 2009-12-14 03:14 -------- d-----w- c:\program files\PowerDataRecovery
2009-12-13 02:05 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-13 02:05 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-13 02:05 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-13 02:03 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-13 02:03 . 2009-10-01 01:01 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-12-13 02:03 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-12-13 02:03 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-13 02:03 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-12-13 02:03 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-12-13 02:03 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-13 02:03 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-12-13 02:03 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-12-13 02:03 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-13 02:03 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-12-13 02:03 . 2009-10-01 01:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-12-13 02:03 . 2009-10-01 01:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-12-13 02:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-13 02:01 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-13 02:01 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-12 23:08 . 2009-12-17 01:46 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\skypePM
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\ca-ES
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\eu-ES
2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\vi-VN
2009-12-12 20:04 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-12-12 20:04 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-12-12 20:04 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-12-12 20:04 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-12-12 20:04 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-12-12 20:04 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-12-12 20:04 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-12-12 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-12-12 20:04 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-12-12 19:41 . 2009-04-11 06:32 43496 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-12-12 19:40 . 2009-04-11 06:28 286720 ----a-w- c:\windows\system32\rasapi32.dll
2009-12-12 19:39 . 2009-04-11 06:28 677376 ----a-w- c:\windows\system32\imapi2fs.dll
2009-12-12 19:07 . 2009-12-12 19:07 -------- d-----w- c:\windows\system32\EventProviders
2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----r- c:\program files\Skype
2009-12-12 12:22 . 2009-12-12 22:52 -------- d-----w- c:\programdata\hostsvr
2009-12-10 02:07 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 02:07 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 02:07 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 16:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-11-26 02:02 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 07:08 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 07:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 17:35 . 2007-09-14 12:47 667114 ----a-w- c:\windows\system32\perfh013.dat
2009-12-19 17:35 . 2007-09-14 12:47 126648 ----a-w- c:\windows\system32\perfc013.dat
2009-12-19 17:31 . 2008-03-02 02:01 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-12-19 17:30 . 2009-01-22 23:48 8365088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-19 17:30 . 2009-01-22 23:48 68528 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-19 17:30 . 2009-01-22 23:48 6216 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-19 17:30 . 2009-01-22 23:48 1196064 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-12-19 17:29 . 2009-06-16 23:33 -------- d-sh--w- c:\programdata\MPK
2009-12-19 15:01 . 2008-11-27 20:24 -------- d-----w- c:\programdata\Kaspersky Lab
2009-12-17 06:49 . 2008-03-12 02:49 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Skype
2009-12-16 14:12 . 2009-12-16 14:12 388096 ----a-r- c:\users\vicky iliaens\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2009-12-13 16:06 . 2009-12-13 16:06 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-13 05:25 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-13 05:25 . 2009-12-13 05:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-12-13 05:24 . 2009-12-13 05:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-12 23:08 . 2009-12-12 23:08 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-12-12 22:53 . 2009-08-07 22:15 -------- d-----w- c:\program files\Unlocker
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-12-12 20:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-12-12 15:27 . 2008-03-12 02:47 -------- d-----w- c:\programdata\Skype
2009-12-12 13:11 . 2008-07-21 05:29 -------- d-----w- c:\program files\Samsung
2009-12-09 01:30 . 2007-09-14 03:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 04:30 . 2009-02-08 20:29 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Audacity
2009-12-04 00:33 . 2008-06-15 10:26 5288 ----a-w- c:\users\vicky iliaens\AppData\Roaming\wklnhst.dat
2009-11-21 06:40 . 2009-12-09 16:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 16:21 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 16:21 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 16:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 11:10 . 2008-11-27 19:58 680 ----a-w- c:\users\vicky iliaens\AppData\Local\d3d9caps.dat
2009-11-02 19:42 . 2009-10-02 22:34 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-14 13:11 . 2008-11-27 20:24 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 13:11 . 2008-11-27 20:24 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-01 01:02 . 2009-12-13 02:04 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-12-13 02:04 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-12-13 02:04 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-12-13 02:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-12-13 02:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-12-13 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-12-13 02:04 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-12-13 02:04 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-12-13 02:04 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-12-13 02:04 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-12-13 02:04 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-12-13 02:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-12-13 02:04 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-12-13 02:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-12-13 02:04 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-12-13 02:04 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-12-13 02:04 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-12-13 02:04 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-12-13 02:04 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-12-13 02:04 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-12-13 02:04 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-12-13 02:04 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-12-13 02:04 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-12-13 02:04 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-12-13 02:04 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-12-13 02:04 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-12-13 02:04 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-12-13 02:04 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-12-13 02:04 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-12-13 02:04 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2007-09-14 13:09 . 2007-09-14 12:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "c:\program files\AGI\common\agcutils.dll" [2008-12-01 688128]
[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
2008-12-01 00:14 688128 ----a-w- c:\program files\AGI\common\agcutils.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-05 201992]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SysMon"="c:\programdata\SysMon\SysMon.dll" [2008-01-24 626688]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Mpk.exe"="c:\program files\KGB\Mpk.exe" [2007-10-09 930304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-05-24 11:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-22 12:49 13539872 ----a-w- c:\windows\System32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-22 12:49 92704 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
2007-02-15 11:59 118784 ----a-w- c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
2007-04-07 00:56 54936 ----a-w- c:\windows\System32\jureg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]
2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(
:99,31,99,d3,6d,7b,ca,01R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19:02 26640]
S2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [1/10/2008 23:18 10240]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [26/06/2008 13:21 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [6/08/2009 0:35 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -
BHO-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
Toolbar-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
HKLM-Run-hostsvr - c:\windows\hostsvr\hostsvr.exe
HKLM-RunOnce-FFTI - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe
MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
MSConfigStartUp-KiweeHook - c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe
MSConfigStartUp-SSC Service Utility - c:\program files\SSC Service Utility\ssc_serv.exe
MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
MSConfigStartUp-TrayServer - c:\program files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
MSConfigStartUp-Uniblue RegistryBooster 2 - c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-19 18:44
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(8520)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Voltooingstijd: 2009-12-19 18:53:16 - machine werd herstart
ComboFix-quarantined-files.txt 2009-12-19 17:53
Pre-Run: 157.879.857.152 bytes beschikbaar
Post-Run: 160.725.065.728 bytes beschikbaar
Current=1 Default=1 Failed=0 LastKnownGood=51 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51
- - End Of File - - ABA3A3994C0C207C9231499094BE54E0
-
zal het eens proberen , mercikes
---------- Post toegevoegd om 17:22 ---------- Vorige post was om 17:08 ----------
nope , werkt allemaal niet , ik probeer op fix te drukken maar hij geeft steeds foutmeldingen
en dan kom ik automatisch op i net uit , ben echt een leek op dit gebied , sorryyyy ( shame shame )
-
oke , heb dat dus gedaan ,
maar kreeg weer inderdaad die melding en kon nu ook geen logfile opslaan dus heb ik het zo gedaan in printscreen :
de vier beelden volgen de lijst gewoon op ( hoop dat je me kan helpen )
-
dit is wat ik steeds krijg , wat moet ik dus doen nu ?
groeten
-
ik kan geen CTRL A doen en er komt te staan dat hij geen log kan vinden ofzo
-
hallo , ik krijg de melding steeds dat windows hostproces Run dll niet meer werkt , wat is dit ?
is dit iets belangrijks en wat kan ik eraan doen ?
Groeten ,
Vicky
-
heb het nog eens geprobeerd en heb toch een 77 files van de 200 kunnen terughalen ,
danku
Groetjes
-
ik heb het net geprobeerd met recuva , maar hij vind niks terug
, alvast bedankt voor je snelle reactie !
-
hallo ,
Ik heb perongeluk mijn map " saved " van mijn downloads in limewire leeggemaakt , alsook prullenbak , had de verkeerde map leeggemaakt en zou graag mijn video's en muziek terughebben , alleen weet ik niet alle namen ,
heb eens met een tool gedaan , maar die vond dat niet ,
kaniemand me helpen please ??
Groetjes
:99,31,99,d3,6d,7b,ca,01
ie.dll ' werkt niet meer ' en ieframe.dll werkt niet meer ... wie weet raad ?
in Archief Internet & Netwerk
Geplaatst:
Hij opent soms zelfs een venster in internet explorer , eigenlijk gewoon een nieuw tabblad dan , of hij zegt dat flash player niet geïnstalleerd is en dat ik dus op bepaalde sites iets niet kan bekijken terwijl ik dat eigenlijk wel zou moeten kunnen . Was dat logje het enige dat ik moest doen ? Ik heb wel al de hele dag geen problemen gehad met internet explorer ( voor zover ik er op bezig geweest ben toch
) .
Mocht het probleem met IE nu echt opgelost zijn dan ben je superhard bedankt ! En ik denk ook wel dat het probleem ermee opgelost is maar ja , ik weet dat nu nog niet , hij is toch al langer bezig zonder weg te vallen dan gewoonlijk !
Ivm die rotzooi , staat er dan nog een boel rotzooi op ? want ik gebruik wel regelmatig de Ccleaner en scan dagelijks , maar of dat voldoende is denk ik niet .
Groetjes