Ga naar inhoud

Preventie


pvn
 Delen

Aanbevolen berichten

Dag allen,

Ik heb een Dell Inspiron laptop 6400 die ik een paar maanden geleden met veel moeite (eerste keer) heb geformatteerd.

Kan je preventief bekijken of alles up-to-date is en goed geïnstalleerd is en of er niets geïnfecteerd is of kan ik beter wachten tot er eventuele problemen opduiken? Mvg,

Peter

RSIT LOG

Logfile of random's system information tool 1.09 (written by random/random)

Run by Peter at 2013-09-17 11:49:51

Microsoft Windows XP Professional Service Pack 3

System drive C: has 30 GB (27%) free of 114 GB

Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:50:02, on 17/09/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\system32\ICO.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\iTouch\iTouch.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Peter\Desktop\VIRUS\RSIT.exe

C:\Program Files\trend micro\Peter.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKCU\..\Run: [DellSystemDetect] C:\Documents and Settings\Peter\Start Menu\Programs\Dell\Dell System Detect.appref-ms

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth.lnk = ?

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.dell.com

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll

O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll

O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: BitGuard - Unknown owner - C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

--

End of file - 12010 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\BitGuard.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{2072EA55-B9B4-4954-B93F-503F9DE86B6D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]

Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2013-05-22 587104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]

Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]

WOT Helper - C:\Program Files\WOT\WOT.dll [2012-08-02 1335872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2012-08-02 1335872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]

"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]

"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]

"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328]

"EEventManager"=C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2006-10-12 102400]

"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824]

"PMX Daemon"=C:\WINDOWS\system32\ICO.EXE [2006-11-08 49152]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]

"zBrowser Launcher"=C:\Program Files\iTouch\iTouch.exe [2004-03-18 892928]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DellSystemDetect"=C:\Documents and Settings\Peter\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-06-13 370]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]

C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

C:\Program Files\Dell\QuickSet\Quickset.exe [2007-05-14 1191936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]

C:\Documents and Settings\Peter\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-06-13 370]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]

C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.0.lnk]

C:\PROGRA~1\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE [2010-11-19 174064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Peter^Start Menu^Programs^Startup^EvernoteClipper.lnk]

C:\PROGRA~1\Evernote\Evernote\EVERNO~2.EXE [2013-05-22 1089888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WajamUpdater"=2

"Skype C2C Service"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Peter\Start Menu\Programs\Startup

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2006-05-23 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

"C:\Documents and Settings\Peter\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Peter\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

======List of files/folders created in the last 3 months======

2013-09-17 11:49:52 ----D---- C:\Program Files\trend micro

2013-09-17 11:49:51 ----D---- C:\rsit

2013-09-16 09:17:23 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

2013-09-14 02:08:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$

2013-09-14 02:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$

2013-09-14 02:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

2013-09-13 17:33:54 ----D---- C:\Documents and Settings\All Users\Application Data\BitGuard

2013-09-01 14:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$

2013-09-01 13:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$

2013-09-01 13:47:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$

2013-09-01 13:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$

2013-09-01 13:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$

2013-07-25 03:13:44 ----A---- C:\WINDOWS\system32\drivers\usbser.sys

2013-07-25 03:13:20 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll

2013-07-25 03:13:08 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$

2013-07-21 23:18:01 ----D---- C:\Documents and Settings\Peter\Application Data\GemistDownloader

2013-07-21 23:04:09 ----D---- C:\Program Files\GemistDownloader

2013-07-21 16:54:46 ----D---- C:\Documents and Settings\Peter\Application Data\Spotify

2013-07-19 01:50:21 ----D---- C:\Program Files\WOT

2013-07-19 01:06:10 ----D---- C:\Documents and Settings\Peter\Application Data\LavasoftStatistics

2013-07-19 01:04:34 ----A---- C:\WINDOWS\system32\sbbd.exe

2013-07-19 01:04:34 ----A---- C:\WINDOWS\system32\drivers\gfibto.sys

2013-07-19 01:04:31 ----D---- C:\Documents and Settings\Peter\Application Data\Ad-Aware Antivirus

2013-07-18 23:33:57 ----D---- C:\Documents and Settings\All Users\Application Data\Licenses

2013-07-18 23:33:54 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2013-07-18 23:33:46 ----D---- C:\Program Files\SpywareBlaster

2013-07-14 15:00:32 ----D---- C:\WINDOWS\system32\MRT

2013-07-13 23:56:05 ----D---- C:\Program Files\Microsoft Silverlight

2013-07-12 17:05:35 ----D---- C:\Documents and Settings\Peter\Application Data\Malwarebytes

2013-07-12 17:04:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-07-12 17:04:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2013-07-12 17:04:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-07-12 02:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904_WM11$

2013-07-12 02:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$

2013-07-12 02:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2850851$

2013-07-12 02:47:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$

2013-07-11 14:35:41 ----D---- C:\WINDOWS\system32\Extensions

2013-07-11 14:35:40 ----D---- C:\WINDOWS\system32\searchplugins

2013-07-11 14:34:00 ----D---- C:\Program Files\Mozilla Firefox

2013-07-11 14:30:38 ----D---- C:\Documents and Settings\Peter\Application Data\Babylon

2013-07-11 14:30:38 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon

2013-07-11 14:30:21 ----D---- C:\Program Files\MediaHuman

2013-07-11 14:30:21 ----D---- C:\Documents and Settings\Peter\Application Data\OpenCandy

2013-07-02 17:04:38 ----D---- C:\Program Files\NL SPELLING VOOR OFFICE 2K

2013-07-02 17:04:35 ----D---- C:\Program Files\VERTAAL NL ENG SPA FRA

2013-07-02 16:20:24 ----D---- C:\VDWB

2013-07-02 16:20:24 ----A---- C:\WINDOWS\xref.ini

2013-07-02 16:20:24 ----A---- C:\WINDOWS\wtapi.ini

2013-07-02 16:20:24 ----A---- C:\WINDOWS\vdsywin.ini

2013-07-02 16:20:24 ----A---- C:\WINDOWS\vdhnwin.ini

2013-07-02 16:20:24 ----A---- C:\WINDOWS\UNINSTAL.EXE

2013-07-02 16:10:27 ----D---- C:\Program Files\Euroglot

2013-06-28 17:41:35 ----D---- C:\Documents and Settings\All Users\Application Data\Panasonic

2013-06-28 11:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

2013-06-28 11:35:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2013-06-28 02:48:40 ----D---- C:\Program Files\Common Files\Panasonic

2013-06-28 02:48:24 ----D---- C:\Program Files\Panasonic

2013-06-28 02:48:11 ----D---- C:\Program Files\Microsoft Synchronization Services

2013-06-28 02:48:10 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2013-06-28 01:24:27 ----N---- C:\WINDOWS\system32\spmsg.dll

2013-06-28 01:24:26 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2013-06-28 01:24:10 ----D---- C:\Program Files\Windows Media Connect 2

2013-06-28 01:23:54 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2013-06-26 23:01:21 ----D---- C:\Documents and Settings\Peter\Application Data\Google

2013-06-26 22:59:06 ----D---- C:\Program Files\Google

2013-06-23 12:23:28 ----A---- C:\WINDOWS\ModemLog_PC Connectivity Bluetooth Modem.txt

2013-06-22 01:55:55 ----D---- C:\Program Files\Common Files\PCSuite

2013-06-22 01:53:42 ----D---- C:\Documents and Settings\All Users\Application Data\Installations

2013-06-22 01:27:39 ----D---- C:\Documents and Settings\Peter\Application Data\Nokia Suite

2013-06-22 01:27:35 ----D---- C:\Documents and Settings\Peter\Application Data\Nokia

2013-06-21 23:55:34 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$

2013-06-21 23:05:26 ----A---- C:\itouch_config_crash_info.txt

2013-06-21 22:01:03 ----D---- C:\Documents and Settings\Peter\Application Data\Apple Computer

2013-06-21 22:00:48 ----A---- C:\WINDOWS\iTouch.ini

2013-06-21 20:12:36 ----D---- C:\Program Files\Evernote

2013-06-21 19:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2013-06-21 19:27:25 ----D---- C:\Program Files\Common Files\Apple

2013-06-21 19:27:09 ----D---- C:\Program Files\Apple Software Update

2013-06-21 19:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

2013-06-21 19:23:59 ----D---- C:\Program Files\QuickTime

2013-06-21 19:00:44 ----D---- C:\Program Files\Logitech

2013-06-21 18:57:56 ----A---- C:\WINDOWS\system32\drivers\LHidUsb.sys

2013-06-21 18:57:56 ----A---- C:\WINDOWS\system32\drivers\LCcfltr.sys

2013-06-21 18:57:55 ----A---- C:\WINDOWS\system32\drivers\itchfltr.sys

2013-06-21 18:57:54 ----A---- C:\itouch_crash_info.txt

2013-06-21 18:57:53 ----D---- C:\Program Files\iTouch

2013-06-21 18:57:53 ----A---- C:\WINDOWS\system32\MSVCI70.DLL

2013-06-21 12:33:57 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2013-06-21 12:28:52 ----D---- C:\Program Files\Microsoft Security Client

2013-06-21 11:35:21 ----D---- C:\Documents and Settings\Peter\Application Data\AVG2013

2013-06-21 11:33:08 ----D---- C:\WINDOWS\Minidump

2013-06-20 17:20:56 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2013

2013-06-20 17:15:16 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

2013-06-20 15:46:10 ----D---- C:\Documents and Settings\All Users\Application Data\ODIR

2013-06-20 15:26:56 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL

2013-06-20 15:26:55 ----D---- C:\Program Files\ODIR

2013-06-20 15:25:16 ----D---- C:\Documents and Settings\Peter\Application Data\MP3SkypeRecorder

2013-06-20 15:25:01 ----D---- C:\Program Files\MP3 Skype Recorder

2013-06-20 14:41:34 ----D---- C:\Documents and Settings\All Users\Application Data\UDL

2013-06-20 14:40:51 ----D---- C:\Program Files\Epson Software

2013-06-20 14:39:39 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\PICSDK2.dll

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\PICSDK.ini

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\PICSDK.dll

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\PICEntry.dll

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EpPicPrt.dll

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPrinterDB.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_PT.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_IT.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_GE.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_FR.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_ES.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_EN.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_DU.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_CF.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPresetData_BP.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern6.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern5.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern4.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern3.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern2.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern131.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern121.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPICPattern1.dat

2013-06-20 14:31:48 ----A---- C:\WINDOWS\system32\EPPicMgr.dll

2013-06-20 14:30:55 ----A---- C:\WINDOWS\CDEBX300DEFGIPS.ini

2013-06-20 14:17:41 ----A---- C:\WINDOWS\system32\escwiad.dll

2013-06-20 14:01:40 ----D---- C:\Documents and Settings\Peter\Application Data\FastStone

2013-06-19 14:56:58 ----D---- C:\Program Files\Common Files\Adobe

2013-06-19 14:56:58 ----D---- C:\Program Files\Adobe

2013-06-19 14:56:41 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2013-06-19 14:33:16 ----A---- C:\WINDOWS\DEBUGSM.INI

2013-06-19 10:40:51 ----A---- C:\WINDOWS\system32\drivers\HWiNFO32.SYS

2013-06-19 10:40:42 ----D---- C:\Program Files\HWiNFO32

2013-06-19 10:21:01 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$

2013-06-18 23:02:48 ----D---- C:\Documents and Settings\Peter\Application Data\Windows Search

2013-06-18 22:51:58 ----D---- C:\Documents and Settings\Peter\Application Data\EPSON

2013-06-18 19:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$

2013-06-18 19:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB953155$

2013-06-18 19:36:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2290570$

2013-06-18 19:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$

2013-06-18 19:18:34 ----D---- C:\Program Files\Windows Desktop Search

2013-06-18 19:18:33 ----D---- C:\WINDOWS\system32\GroupPolicy

2013-06-18 19:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$

2013-06-18 19:14:10 ----D---- C:\Program Files\Kernel Outlook PST Viewer

2013-06-18 18:31:21 ----A---- C:\WINDOWS\system32\E_DCINST.DLL

2013-06-18 18:31:17 ----A---- C:\WINDOWS\system32\E_FLBEJE.DLL

2013-06-18 18:31:17 ----A---- C:\WINDOWS\system32\E_FD4BEJE.DLL

2013-06-18 18:23:23 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys

2013-06-18 17:52:21 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON

2013-06-18 17:39:36 ----A---- C:\WINDOWS\system32\eswiaml.dll

2013-06-18 17:39:36 ----A---- C:\WINDOWS\system32\eswia66.dll

2013-06-18 17:39:36 ----A---- C:\WINDOWS\system32\esint66.dll

2013-06-18 17:39:36 ----A---- C:\WINDOWS\system32\esdevapp.exe

2013-06-18 17:39:36 ----A---- C:\WINDOWS\system32\escdev.dll

2013-06-18 17:39:33 ----D---- C:\Program Files\epson

2013-06-18 17:34:06 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys

2013-06-18 17:08:21 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys

2013-06-18 03:25:32 ----D---- C:\WINDOWS\system32\XPSViewer

2013-06-18 03:25:26 ----D---- C:\Program Files\MSBuild

2013-06-18 03:25:10 ----D---- C:\Program Files\Reference Assemblies

2013-06-18 03:24:35 ----N---- C:\WINDOWS\system32\prntvpt.dll

2013-06-18 03:24:34 ----N---- C:\WINDOWS\system32\xpsshhdr.dll

2013-06-18 03:24:33 ----N---- C:\WINDOWS\system32\xpssvcs.dll

2013-06-18 03:24:33 ----D---- C:\f1a583aff4bdca1f8825

2013-06-18 01:32:41 ----D---- C:\Documents and Settings\Peter\Application Data\ATI

2013-06-18 01:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2124261$

2013-06-18 01:29:16 ----HDC---- C:\WINDOWS\$NtUninstallKB976323$

2013-06-18 01:29:10 ----D---- C:\WINDOWS\ServicePackFiles

2013-06-18 01:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2491683$

2013-06-18 01:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB970483$

2013-06-18 01:13:35 ----D---- C:\Documents and Settings\Peter\Application Data\aignes

2013-06-18 00:55:04 ----D---- C:\Program Files\FastStone Image Viewer

2013-06-18 00:28:57 ----D---- C:\Program Files\AM-DeadLink

2013-06-18 00:14:18 ----D---- C:\Documents and Settings\Peter\Application Data\PC Suite

2013-06-18 00:14:15 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite

2013-06-18 00:13:08 ----D---- C:\Program Files\Common Files\Nokia

2013-06-18 00:13:08 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia

2013-06-18 00:12:31 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys

2013-06-18 00:12:18 ----D---- C:\Program Files\PC Connectivity Solution

2013-06-18 00:11:59 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys

2013-06-18 00:11:58 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys

2013-06-18 00:11:57 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys

2013-06-18 00:11:55 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll

2013-06-18 00:11:55 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2013-06-18 00:11:55 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys

2013-06-18 00:11:55 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll

2013-06-18 00:11:39 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

2013-06-18 00:10:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2013-06-18 00:09:31 ----D---- C:\WINDOWS\system32\drivers\UMDF

2013-06-18 00:09:22 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2013-06-18 00:08:05 ----D---- C:\Program Files\Nokia

2013-06-18 00:08:05 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache

======List of files/folders modified in the last 3 months======

2013-09-17 11:49:52 ----RD---- C:\Program Files

2013-09-17 11:49:52 ----D---- C:\WINDOWS\Prefetch

2013-09-17 11:44:54 ----D---- C:\WINDOWS\Temp

2013-09-17 11:27:12 ----D---- C:\WINDOWS\system32\inetsrv

2013-09-17 11:11:15 ----D---- C:\WINDOWS\system32

2013-09-16 13:39:00 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-09-16 11:24:11 ----HD---- C:\WINDOWS\inf

2013-09-16 09:27:36 ----SD---- C:\WINDOWS\Tasks

2013-09-16 09:20:59 ----D---- C:\WINDOWS

2013-09-16 09:18:06 ----D---- C:\WINDOWS\system32\CatRoot2

2013-09-16 09:18:01 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt

2013-09-16 01:55:17 ----D---- C:\WINDOWS\Debug

2013-09-15 16:53:18 ----SHD---- C:\WINDOWS\Installer

2013-09-15 16:53:18 ----SHD---- C:\Config.Msi

2013-09-15 16:53:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-09-14 12:18:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-09-14 02:10:08 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-09-14 02:10:05 ----D---- C:\Program Files\Internet Explorer

2013-09-14 01:54:41 ----A---- C:\WINDOWS\system32\MRT.exe

2013-09-10 01:40:52 ----D---- C:\WINDOWS\system32\FxsTmp

2013-09-09 13:16:22 ----D---- C:\WINDOWS\system32\NtmsData

2013-09-04 02:07:15 ----D---- C:\WINDOWS\CCleaner Back Up

2013-09-01 16:07:38 ----RSD---- C:\WINDOWS\assembly

2013-09-01 16:07:38 ----D---- C:\WINDOWS\Microsoft.NET

2013-09-01 14:15:00 ----D---- C:\WINDOWS\ie8updates

2013-09-01 13:52:31 ----D---- C:\WINDOWS\WinSxS

2013-09-01 13:51:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-28 11:48:41 ----D---- C:\WINDOWS\system32\ReinstallBackups

2013-08-28 11:48:41 ----D---- C:\WINDOWS\system32\drivers

2013-08-09 03:56:45 ----A---- C:\WINDOWS\system32\themeui.dll

2013-08-08 08:05:59 ----N---- C:\WINDOWS\system32\occache.dll

2013-08-08 08:05:59 ----N---- C:\WINDOWS\system32\mstime.dll

2013-08-08 08:05:59 ----N---- C:\WINDOWS\system32\licmgr10.dll

2013-08-08 08:05:59 ----N---- C:\WINDOWS\system32\jsproxy.dll

2013-08-08 08:05:59 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\wininet.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\urlmon.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\url.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\mshtmled.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\mshtml.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\msfeeds.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\iertutil.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\iepeers.dll

2013-08-08 08:05:59 ----A---- C:\WINDOWS\system32\ieframe.dll

2013-08-08 08:05:58 ----A---- C:\WINDOWS\system32\corpol.dll

2013-08-08 05:32:54 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2013-08-07 19:41:35 ----D---- C:\MDT

2013-08-05 15:30:32 ----A---- C:\WINDOWS\system32\ole32.dll

2013-08-03 14:18:38 ----N---- C:\WINDOWS\system32\wmvdecod.dll

2013-07-23 12:25:04 ----SD---- C:\Documents and Settings\Peter\Application Data\Microsoft

2013-07-23 12:18:53 ----D---- C:\WINDOWS\SHELLNEW

2013-07-18 23:28:40 ----D---- C:\Program Files\Common Files

2013-07-17 02:46:31 ----A---- C:\WINDOWS\system32\tzchange.exe

2013-07-16 03:49:17 ----D---- C:\Documents and Settings\Peter\Application Data\Skype

2013-07-13 23:56:22 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2013-07-10 12:37:53 ----A---- C:\WINDOWS\system32\usp10.dll

2013-07-04 05:03:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe

2013-07-04 04:08:30 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

2013-07-04 02:06:57 ----D---- C:\WINDOWS\security

2013-07-03 12:44:17 ----SH---- C:\boot.ini

2013-07-03 12:44:17 ----A---- C:\WINDOWS\win.ini

2013-07-03 12:44:17 ----A---- C:\WINDOWS\system.ini

2013-07-02 17:52:21 ----D---- C:\Program Files\Unknown Device Identifier

2013-07-02 17:23:13 ----D---- C:\WINDOWS\system

2013-07-02 17:16:17 ----RSD---- C:\WINDOWS\Fonts

2013-07-01 00:35:28 ----D---- C:\WINDOWS\pss

2013-06-28 03:02:16 ----D---- C:\WINDOWS\system32\CatRoot

2013-06-28 02:53:55 ----D---- C:\Program Files\Windows Media Player

2013-06-28 02:48:14 ----HD---- C:\Program Files\InstallShield Installation Information

2013-06-28 01:24:03 ----D---- C:\WINDOWS\Help

2013-06-23 17:29:27 ----D---- C:\WINDOWS\repair

2013-06-23 17:29:21 ----D---- C:\WINDOWS\Registration

2013-06-23 17:25:32 ----D---- C:\Documents and Settings\Peter\Application Data\Roxio

2013-06-23 16:37:02 ----D---- C:\Program Files\CCleaner

2013-06-22 01:56:25 ----D---- C:\Program Files\DIFX

2013-06-22 01:56:21 ----DC---- C:\WINDOWS\system32\DRVSTORE

2013-06-21 19:24:01 ----SD---- C:\WINDOWS\Downloaded Program Files

2013-06-21 18:57:54 ----D---- C:\Program Files\Common Files\Logitech

2013-06-21 13:16:35 ----D---- C:\WINDOWS\Network Diagnostic

2013-06-21 11:32:55 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software

2013-06-20 13:39:03 ----D---- C:\WINDOWS\system32\en-US

2013-06-19 15:26:08 ----D---- C:\WINDOWS\system32\wbem

2013-06-19 15:00:08 ----D---- C:\Documents and Settings\Peter\Application Data\Adobe

2013-06-19 09:27:24 ----D---- C:\WINDOWS\system32\Logfiles

2013-06-18 18:52:32 ----D---- C:\Documents and Settings\Peter\Application Data\PDF Architect

2013-06-18 17:39:33 ----D---- C:\WINDOWS\twain_32

2013-06-18 03:24:52 ----D---- C:\WINDOWS\system32\spool

2013-06-18 01:33:09 ----D---- C:\WINDOWS\system32\config

2013-06-18 01:29:14 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-02-08 245048]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-02-08 39224]

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-07-21 99176]

R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-07-19 13560]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-07-24 36528]

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]

R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840]

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]

R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]

R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]

R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-06-12 21361]

R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []

R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]

R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]

R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400]

R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]

R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]

R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544]

R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]

R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]

R2 s24trans;WLAN-transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]

R2 XAudio;XAudio; C:\WINDOWS\system32\DRIVERS\xaudio.sys [2006-08-04 8192]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-23 1578496]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]

R3 btaudio;Bluetooth-audioapparaat; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-24 328237]

R3 BTDriver;Bluetooth virtuele-communicatiestuurprogramma; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-24 30427]

R3 BTKRNL;Bluetooth bus-enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-24 851434]

R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-24 148900]

R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-24 66488]

R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]

R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2005-05-25 158464]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]

R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960]

R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]

R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]

R3 LCcfltr;Logitech USB Filter Driver; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [2004-03-03 14095]

R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2004-03-03 37887]

R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2006-01-04 1389056]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]

R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]

R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696]

R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]

S0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-02-08 96568]

S0 cerc6;cerc6; C:\WINDOWS\system32\drivers\cerc6.sys []

S1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-02-08 170808]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]

S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]

S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-12-20 27008]

S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-12-20 36736]

S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]

S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-12-20 69376]

S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]

S3 NETw4x32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]

S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]

S3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-03-27 74752]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]

S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]

S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys []

S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-14 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-23 409600]

R2 BitGuard;BitGuard; C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-09-13 3029472]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-24 266295]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624]

R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]

R2 Iprip;RIP Listener; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328]

R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744]

R2 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456]

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]

R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]

R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]

R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-10-08 356352]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26 116648]

S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]

S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [2006-08-04 386560]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-14 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]

S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]

S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Hey Peter,

lang geleden. ;-)

Er is toch al wat rotzooi op deze laptop geraakt.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.


  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{08C06D61-F1F3-4799-86F8-BE1A89362C85};c
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client];r
C:\Program Files\Babylon;fs
C:\Documents and Settings\Peter\Application Data\Babylon;fs
C:\Documents and Settings\All Users\Application Data\Babylon;fs
C:\Documents and Settings\Peter\Application Data\OpenCandy;fs
autoclean;
startupall; 
filesrcm;


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Jion,

Hier ben ik weer en hopelijk kunnen we die rotzooi opruimen.

Het logje:

Zoek.exe Version 4.0.0.4 Updated 14-September-2013

Tool run by Peter on di 17/09/2013 at 13:27:17,90.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Peter\Desktop\VIRUS\ZOEK\zoek.exe [script inserted]

==== System Restore Info ======================

17/09/2013 13:28:17 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Deleting Files \ Folders ======================

"C:\Program Files\Babylon" not found

"C:\WINDOWS\wininit.ini" deleted

"C:\Documents and Settings\Peter\Application Data\iolo" deleted

"C:\Documents and Settings\Peter\Application Data\Babylon" deleted

"C:\Documents and Settings\All Users\Application Data\Babylon" deleted

"C:\Documents and Settings\Peter\Application Data\OpenCandy" deleted

"C:\Documents and Settings\Peter\Application Data\Babylon" deleted

"C:\Documents and Settings\Peter\Application Data\OpenCandy" deleted

"C:\Documents and Settings\All Users\Application Data\Babylon" deleted

"C:\WINDOWS\System32\searchplugins" deleted

"C:\WINDOWS\System32\Extensions" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Peter\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

2013-09-16 07:17:23 A2847CEAC26601E308B7BA2BCC1E0A92 320336 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

2013-09-16 07:17:46 35D2FAE9D519B44E3A0DF0C2364DE1A1 280 ----a-w- C:\WINDOWS\Tasks\BitGuard.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-09-17 09:49:52 -------- d-----w- C:\Program Files\trend micro

======= C: =====

====== C:\Documents and Settings\Peter\Application Data ======

2013-09-16 07:20:24 DC6AFB1A61387232BB40F85B664DD97A 87032 ----a-w- C:\Documents and Settings\Peter\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-09-13 15:34:37 -------- d-----w- C:\Documents and Settings\Peter\Start Menu\Programs\BitGuard

====== C:\Documents and Settings\Peter ======

2013-09-15 23:55:17 -------- d--h--r- C:\Documents and Settings\Peter\Recent

====== C: exe-files ==

2013-09-17 09:49:53 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Peter.exe

2013-09-17 09:49:27 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Peter\Desktop\VIRUS\RSIT.exe

2013-09-17 09:49:17 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\EW0P2WQO\RSIT[1].exe

2013-09-14 00:09:58 78141AD888BA82E3ABC854D229A59F07 231288 -c----w- C:\WINDOWS\ie8updates\KB2870699-IE8\spuninst\spuninst.exe

2013-09-14 00:09:53 6571E4D577A52E7C982FA11D2ABD4DA0 174592 -c----w- C:\WINDOWS\ie8updates\KB2870699-IE8\ie4uinit.exe

2013-09-13 15:34:36 7F8BECFB26F2655E281406C6C341F416 3029472 ----a-w- C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe

2013-09-13 15:34:25 7F8BECFB26F2655E281406C6C341F416 3029472 ----a-w- C:\Documents and Settings\All Users\Application Data\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"

"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe"

"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless"

"PMX Daemon"="ICO.EXE"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"zBrowser Launcher"="C:\Program Files\iTouch\iTouch.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"=""

"hkey"="HKLM"

"command"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell QuickSet]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Quickset"

"hkey"="HKLM"

"command"="C:\\Program Files\\Dell\\QuickSet\\Quickset.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSystemDetect]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellSystemDetect"

"hkey"="HKCU"

"command"="C:\\Documents and Settings\\Peter\\Start Menu\\Programs\\Dell\\Dell System Detect.appref-ms"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kernel and Hardware Abstraction Layer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="KHALMNPR"

"hkey"="HKLM"

"command"="KHALMNPR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msmsgs"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NokiaSuite.exe"

"hkey"="HKCU"

"command"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PCSuite"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.0.lnk]

"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\PHOTOfunSTUDIO 6.0.lnk"

"backup"="C:\\WINDOWS\\pss\\PHOTOfunSTUDIO 6.0.lnkCommon Startup"

"command"="C:\\PROGRA~1\\COMMON~1\\PANASO~1\\PHOTOF~1\\AUTOST~1.EXE -e \"C:\\Program Files\\Panasonic\\PHOTOfunSTUDIO 6.0\\PHOTOfunSTUDIO.exe\""

"item"="PHOTOfunSTUDIO 6.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Peter^Start Menu^Programs^Startup^EvernoteClipper.lnk]

"path"="C:\\Documents and Settings\\Peter\\Start Menu\\Programs\\Startup\\EvernoteClipper.lnk"

"backup"="C:\\WINDOWS\\pss\\EvernoteClipper.lnkStartup"

"command"="C:\\PROGRA~1\\Evernote\\Evernote\\EVERNO~2.EXE "

"item"="EvernoteClipper"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"NokiaSuite.exe"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

"EPSON BX300F Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEJE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_SD6.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\""

"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"

"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"

"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Drag-to-Disc\\DrgToDsc.exe\""

"PCMService"="\"C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe\""

"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

==== Startup Folders ======================

2013-06-17 22:10:33 951 ------w- C:\Documents and Settings\Peter\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/09/2013 12:18]

C:\WINDOWS\tasks\BitGuard.job --a------ C:\WINDOWS\system32\sc.exe [06/02/2009 12:39]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/06/2013 22:59]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/06/2013 22:59]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [20/06/2013 18:05]

C:\WINDOWS\tasks\User_Feed_Synchronization-{2072EA55-B9B4-4954-B93F-503F9DE86B6D}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{C5CA7529-1469-4217-82E5-8BDF374EED31}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{C5CA7529-1469-4217-82E5-8BDF374EED31} Google Url="{searchTerms} - Google zoeken?}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Peter\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Peter\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on di 17/09/2013 at 13:44:19,26 ======================

Link naar reactie
Delen op andere sites


hierbij de checkup

Results of screen317's Security Check version 0.99.73

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Please wait while WMIC is being installed.d

i

s

p

l

a

y

N

a

m

e

ECHO is off.

M

i

c

r

o

s

o

f

t

ECHO is off.

S

e

c

u

r

i

t

y

ECHO is off.

E

s

e

n

t

i

a

l

s

ECHO is off.

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

SpywareBlaster 5.0

TuneUp Utilities Language Pack (nl-NL)

TuneUp Utilities 2013

CCleaner

Adobe Reader XI

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Peter Desktop VIRUS SecurityCheck.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 16% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link naar reactie
Delen op andere sites

Microsoft Security Essentials presteert heel ondermaats.

Ik zou je aanraden om deze te verwijderen (via je Configuratiescherm) en een gratis alternatief te installeren.

HIER vind je de meest frequente scanners met een woordje uitleg.

Download 5217db3eb6d8b-AdwCleaner3.pngAdwCleaner by Xplode naar je bureaublad.


  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites


het log

# AdwCleaner v3.004 - Report created 17/09/2013 at 14:25:54

# Updated 15/09/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Peter - PETER-PC

# Running from : C:\Documents and Settings\Peter\Desktop\VIRUS\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Documents and Settings\All Users\Application Data\BitGuard

Folder Deleted : C:\Documents and Settings\Peter\Start Menu\Programs\BitGuard

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\driverscanner

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

Key Deleted : HKCU\Software\532dad1b134e946

Key Deleted : HKLM\SOFTWARE\532dad1b134e946

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [4619 octets] - [17/09/2013 14:20:25]

AdwCleaner[s0].txt - [4560 octets] - [17/09/2013 14:25:54]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4620 octets] ##########

Link naar reactie
Delen op andere sites

Download de junkware_removal_tool.pngJunkware Removal Tool by Thisisu naar je bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met JRT

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.


  • Dubbelklik op JRT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • De tool zal vervolgens het systeem scannen.
  • De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.
  • Als de scan gereed is zal er een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch worden geopend.
  • Post de inhoud van deze log in je volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

JRT LOG

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.1 (09.15.2013:1)

OS: Microsoft Windows XP x86

Ran by Peter on di 17/09/2013 at 15:06:22,96

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1960408961-2049760794-1177238915-1003\Software\SweetIM

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on di 17/09/2013 at 15:10:07,67

Computer was rebooted

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link naar reactie
Delen op andere sites

Er was me daarnet nog eentje ontsnapt. :embarassed:

Start 51a612a8b27e2-Zoek.pngZoek.exe nogmaals met het onderstaande script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.


  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
     
    {c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8};c
    BitGuard;s
    C:\WINDOWS\tasks\BitGuard.job;fs
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
    "AppInit_DLLs"=-;r
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...