Ga naar inhoud

RTIS logje


Aanbevolen berichten

Mijn zus zei dat er enkele problemen waren op de pc van onze ouders.

hieronder vindt u een RTIs logje.

zelf weet ik verder niets over de "problemen".

alvast bedankt

Logfile of random's system information tool 1.09 (written by random/random)

Run by Pc at 2013-10-04 11:41:31

Microsoft Windows XP Professional Service Pack 3

System drive C: has 3 GB (5%) free of 76 GB

Total RAM: 2038 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:41:52, on 4-10-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\SvcHost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\WINDOWS\System32\SvcHost.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

C:\WINDOWS\System32\SvcHost.exe

C:\WINDOWS\System32\SvcHost.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Pc\Mijn documenten\Downloads\RSIT.exe

C:\Program Files\trend micro\Pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.00000

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm255^YYA^be&si=CLDQvqagrLgCFYjC3godyhgAbw&a=B71B2B89-118D-4479-8A1A-394FEE53DE29&n=2013071306&cv=1

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - Error 404 Not Found

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340906291407

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: BgGamingMonitor.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)

O23 - Service: Google Update Service (gupdate1c9856b84a72a34) (gupdate1c9856b84a72a34) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--

End of file - 14203 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\dsmonitor.job

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229547456.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://home.sweetim.com/?crg=3.1010000.00000"

prefs.js - "extensions.enabledItems" - "antiphishing@bullguard:1.1, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, wtxpcom@mybrowserbar.com:4.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

"39ffxtbr@MapsGalaxy_39.com"=C:\Program Files\MapsGalaxy_39\bar\1.bin

"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

"antiphishing@bullguard"=c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]

"Description"=DivX® Player Plugin for VOD Content

"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]

"Description"=DivX Plus Web Player

"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin]

"Description"=MapsGalaxy Plugin

"Path"=C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]

"Description"=Office Live Update v1.3

"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]

"Description"=Google Updater

"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]

"Description"=VideoDownloadConverter Plugin

"Path"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]

"Description"=Zylom Games Player 1.00

"Path"=C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]

"Description"=Yahoo! activeX Plug-in Bridge

"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

AskHPRFF.js

nsIQTScriptablePlugin.xpt

nsIZylomPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

npDivxPlayerPlugin.dll

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npzylomgamesplayer.dll

nsIDivxPlayerPlugin.xpt

QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

BearShareWebSearch.xml

yahoo.xml

C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\extensions\

{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}]

Toolbar BHO - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll [2013-07-13 712264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]

Toolbar BHO - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll [2013-07-13 712264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-04-02 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}]

Search Assistant BHO - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll [2013-07-13 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-21 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-09 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]

Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-07-13 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0974BA1E-64EC-11DE-B2A5-E43756D89593}

{364ea597-e728-4ce4-bb4a-ed846ef47970} - MapsGalaxy - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll [2013-07-13 712264]

{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-07-13 712264]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-21 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-04-01 1404928]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-04-01 94208]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-04-01 77824]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-04-01 114688]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-01-31 77824]

"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2013-09-16 858976]

"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576]

"DATAMNGR"=C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE [2010-10-19 983480]

"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2013-07-24 1879392]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-03-28 450560]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"MapsGalaxy Search Scope Monitor"=C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe [2013-07-13 44784]

"MapsGalaxy_39 Browser Plugin Loader"=C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe [2013-07-13 30096]

"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-07-13 44784]

"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-07-13 30096]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-18 39408]

"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]

C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

C:\Program Files\uTorrent\uTorrent.exe [2011-04-25 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office Snelzoeken.lnk]

C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-09-01 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Office Opstarten.lnk]

C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-09-01 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Menu Start^Programma's^Opstarten^MagicDisc.lnk]

C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" BgGamingMonitor.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2006-04-01 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:aomx"

"C:\Program Files\The Odyssey Online Classic\Odyssey.exe"="C:\Program Files\The Odyssey Online Classic\Odyssey.exe:*:Enabled:Odyssey Classic"

"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

"C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOps.exe"="C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"

"C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe"="C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic Heroes VI"

"C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\tvnserver.exe"="C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"

"C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\vncviewer.exe"="C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

"msacm.siren"=sirenacm.dll

"vidc.DIVX"=DivX.dll

"vidc.yv12"=DivX.dll

======List of files/folders created in the last 3 months======

2013-10-04 11:41:33 ----D---- C:\Program Files\trend micro

2013-10-04 11:41:31 ----D---- C:\rsit

2013-08-14 11:05:52 ----D---- C:\WINDOWS\system32\MRT

2013-07-21 13:48:02 ----D---- C:\Program Files\Mozilla Firefox

2013-07-21 12:57:35 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla

2013-07-21 12:57:34 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-07-21 12:51:51 ----A---- C:\WINDOWS\system32\javaws.exe

2013-07-21 12:51:43 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

2013-07-21 12:51:41 ----A---- C:\WINDOWS\system32\javaw.exe

2013-07-21 12:51:41 ----A---- C:\WINDOWS\system32\java.exe

2013-07-14 13:57:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-07-14 08:38:19 ----D---- C:\Documents and Settings\Pc\Application Data\VideoDownloadConverter_4z

2013-07-13 12:24:31 ----D---- C:\Program Files\Video Download Converter

2013-07-13 12:23:54 ----D---- C:\Program Files\VideoDownloadConverter_4z

2013-07-13 12:00:53 ----D---- C:\Documents and Settings\Pc\Application Data\MapsGalaxy_39

2013-07-13 12:00:33 ----D---- C:\Program Files\MapsGalaxy_39

======List of files/folders modified in the last 3 months======

2013-10-04 11:41:50 ----D---- C:\WINDOWS\Prefetch

2013-10-04 11:41:47 ----D---- C:\Documents and Settings\All Users\Application Data\BullGuard

2013-10-04 11:41:33 ----RD---- C:\Program Files

2013-10-04 09:25:02 ----D---- C:\WINDOWS\Temp

2013-10-04 08:36:31 ----SHD---- C:\WINDOWS\Installer

2013-10-04 08:36:24 ----D---- C:\WINDOWS

2013-10-04 08:36:24 ----D---- C:\Config.Msi

2013-10-04 08:36:20 ----SD---- C:\WINDOWS\Tasks

2013-10-04 08:34:09 ----D---- C:\WINDOWS\system32

2013-10-04 08:27:11 ----D---- C:\WINDOWS\system32\LogFiles

2013-10-04 08:26:57 ----D---- C:\WINDOWS\Minidump

2013-10-04 08:19:13 ----D---- C:\WINDOWS\system32\CatRoot2

2013-10-04 06:28:28 ----N---- C:\WINDOWS\SchedLgU.Txt

2013-10-03 17:39:56 ----A---- C:\WINDOWS\entpack.ini

2013-09-18 17:53:53 ----D---- C:\WINDOWS\Debug

2013-09-15 17:55:17 ----HD---- C:\WINDOWS\inf

2013-09-13 18:53:22 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-09-11 14:54:48 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-09-11 14:54:45 ----D---- C:\Program Files\Internet Explorer

2013-09-11 14:54:26 ----D---- C:\WINDOWS\ie8updates

2013-09-11 14:42:44 ----A---- C:\WINDOWS\system32\MRT.exe

2013-08-18 12:31:08 ----D---- C:\Excel

2013-08-18 11:32:41 ----A---- C:\WINDOWS\NeroDigital.ini

2013-08-14 11:12:19 ----RSD---- C:\WINDOWS\assembly

2013-08-14 11:05:13 ----D---- C:\WINDOWS\Microsoft.NET

2013-08-14 10:59:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-14 10:58:52 ----D---- C:\WINDOWS\WinSxS

2013-08-13 15:40:44 ----D---- C:\Word

2013-08-09 03:56:37 ----A---- C:\WINDOWS\system32\themeui.dll

2013-08-08 11:35:46 ----A---- C:\WINDOWS\system32\iertutil.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\wininet.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\urlmon.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\url.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\occache.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mstime.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mshtmled.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mshtml.dll

2013-08-08 08:05:45 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\msfeeds.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\licmgr10.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\jsproxy.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\iepeers.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\ieframe.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\corpol.dll

2013-08-08 02:04:27 ----N---- C:\WINDOWS\system32\ie4uinit.exe

2013-08-05 15:30:18 ----A---- C:\WINDOWS\system32\ole32.dll

2013-08-04 15:23:33 ----D---- C:\Documents and Settings\Pc\Application Data\uTorrent

2013-08-03 17:33:36 ----D---- C:\Program Files\CCleaner

2013-08-03 01:48:38 ----N---- C:\WINDOWS\system32\wmvdecod.dll

2013-07-24 12:12:37 ----A---- C:\WINDOWS\system32\BGLsp.dll

2013-07-24 12:12:35 ----A---- C:\WINDOWS\system32\BgGamingMonitor.dll

2013-07-21 17:06:27 ----D---- C:\WINDOWS\Help

2013-07-21 12:51:21 ----A---- C:\WINDOWS\system32\npDeployJava1.dll

2013-07-21 12:51:21 ----A---- C:\WINDOWS\system32\deployJava1.dll

2013-07-21 12:51:15 ----D---- C:\Program Files\Java

2013-07-17 17:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files

2013-07-17 02:46:31 ----N---- C:\WINDOWS\system32\tzchange.exe

2013-07-14 08:38:01 ----D---- C:\Documents and Settings\Pc\Application Data\Systweak

2013-07-14 08:29:37 ----D---- C:\WINDOWS\system32\Adobe

2013-07-14 08:29:37 ----D---- C:\Documents and Settings\Pc\Application Data\Adobe

2013-07-14 08:29:34 ----D---- C:\WINDOWS\system32\Macromed

2013-07-14 08:29:34 ----D---- C:\Documents and Settings\Pc\Application Data\Macromedia

2013-07-12 08:29:48 ----D---- C:\Program Files\Microsoft Silverlight

2013-07-11 21:37:52 ----D---- C:\WINDOWS\pchealth

2013-07-11 21:29:12 ----D---- C:\WINDOWS\system32\XPSViewer

2013-07-10 12:37:49 ----A---- C:\WINDOWS\system32\usp10.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]

R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-15 43528]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-17 82380]

R1 BdSpy;BdSpy; C:\WINDOWS\system32\DRIVERS\BdSpy.sys [2013-03-21 66160]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\WINDOWS\system32\DRIVERS\NSKernel.sys [2012-03-01 789960]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\WINDOWS\system32\DRIVERS\NSNetmon.sys [2012-03-01 19272]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]

R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2013-02-25 33888]

R3 afwcore;afwcore; C:\WINDOWS\system32\DRIVERS\afwcore.sys [2013-02-25 284768]

R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-04-01 134272]

R3 dc3d;MS Hardware Device Detection Driver (USB); C:\WINDOWS\system32\DRIVERS\dc3d.sys [2011-08-01 45288]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-04-01 830684]

R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]

R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2011-08-01 40936]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2006-04-01 732928]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-04-01 260352]

R3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2013-02-25 343456]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]

S3 Profos;Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys []

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BsBackup;BullGuard backup service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-09-16 376672]

R2 BsFileScan;BullGuard on-access service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsFire;BullGuard firewall service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsMailProxy;BullGuard e-mail monitoring service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsMain;BullGuard main service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-09-16 212320]

R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-09-16 287584]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-21 182184]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-03-13 66872]

R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-03-13 103736]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]

R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]

S2 gupdate1c9856b84a72a34;Google Update Service (gupdate1c9856b84a72a34); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-02 133104]

S2 MapsGalaxy_39Service;MapsGalaxyService; C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe [2013-07-13 42504]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-07-13 42504]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe []

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-02 133104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-21 117144]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Uw zus heeft ongetwijfeld gelijk ... er is héél wat mis op deze PC.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {EF99BD32-C1FB-11D2-892F-0090271D4F88};c
 {26842a09-ffa8-4e2c-ae12-0c80f01c3295};c
 C:\Program Files\MapsGalaxy_39;fs
 {93a3111f-4f74-4ed8-895e-d9708497629e};c
 C:\Program Files\VideoDownloadConverter_4z;fs
 {1e91a655-bb4b-4693-a05e-2edebc4c9d89};c
 {312f84fb-8970-4fd3-bddb-7012eac4afc9};c
 {5C255C8A-E604-49b4-9D64-90988571CECB};c
 {71c1d63a-c944-428a-a5bd-ba513190e5d2};c
 {c547c6c2-561b-4169-a2a5-20ba771ca93b};c
 {0974BA1E-64EC-11DE-B2A5-E43756D89593};c
 {364ea597-e728-4ce4-bb4a-ed846ef47970};c
 {48586425-6bb7-4f51-8dc6-38c88e3ebb58};c
 DATAMNGR;s
 KernelFaultCheck;s
 MapsGalaxy Search Scope Monitor;s
 MapsGalaxy_39 Browser Plugin Loader;s
 VideoDownloadConverter Search Scope Monitor;s
 VideoDownloadConverter_4z Browser Plugin Loader;s
 {FB5F1910-F110-11d2-BB9E-00C04F795683};c
 {1E54D648-B804-468d-BC78-4AFFED8E262E};c
 MapsGalaxy_39Service;s
 VideoDownloadConverter_4zService;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin];r
 C:\Program Files\Mozilla Firefox\components\AskHPRFF.js;f
 C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 "DATAMNGR"=-;r
 "KernelFaultCheck"=-;r
 "MapsGalaxy Search Scope Monitor"=-;r
 "MapsGalaxy_39 Browser Plugin Loader"=-;r
 "VideoDownloadConverter Search Scope Monitor"=-;r
 "VideoDownloadConverter_4z Browser Plugin Loader"=-;r
 C:\Documents and Settings\Pc\Application Data\VideoDownloadConverter_4z;fs
 C:\Program Files\Video Download Converter;fs
 C:\Documents and Settings\Pc\Application Data\MapsGalaxy_39;fs
 startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Defaults
  • Reset Chrome
  • Reset IE proxy
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hartelijk dank voor uw antwoord.

Hieronder vind u het nieuwe logje.

Zoek.exe Version 4.0.0.4 Updated 27-September-2013

Tool run by Pc on za 05-10-2013 at 11:55:13,18.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode No Internet Access Detected

Launched: C:\Documents and Settings\Pc\Mijn documenten\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

5-10-2013 12:00:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E54D648-B804-468d-BC78-4AFFED8E262E} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{97AA4300-9230-41A7-9F8D-14DC0F653BD6} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1E54D648-B804-468d-BC78-4AFFED8E262E} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{1E54D648-B804-468d-BC78-4AFFED8E262E} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MapsGalaxy_39Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VideoDownloadConverter_4zService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\VideoDownloadConverter_4zService deleted successfully

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\pq6xrqgq.default\prefs.js:

Added to C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\pq6xrqgq.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\8u.default\prefs.js:

Added to C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\8u.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\NetworkService\Application Data\Mozilla\Firefox\Profiles\bx9doqzr.default\prefs.js:

Added to C:\Documents and Settings\NetworkService\Application Data\Mozilla\Firefox\Profiles\bx9doqzr.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\prefs.js:

user_pref("browser.startup.homepage", "http://home.sweetim.com/?crg=3.1010000.00000");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.google.be/firefox");

user_pref("browser.search.defaulturl", "");

user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "http://www.bing.com/search?FORM=VE3D01&q=");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask.com");

user_pref("browser.search.order.1", "Ask.com");

user_pref("sweetim.toolbar.previous.keyword.URL", "http://search.bearshare.com/web?src=ffb&systemid=2&q=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\82d7xnt3.default\prefs.js:

Added to C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\82d7xnt3.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\pq6xrqgq.default

user.js not found

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 removed from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines browser.startup.page removed from prefs.js ----

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\8u.default

user.js not found

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 removed from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines browser.startup.page removed from prefs.js ----

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\NetworkService\Application Data\Mozilla\Firefox\Profiles\bx9doqzr.default

user.js not found

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 removed from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines browser.startup.page removed from prefs.js ----

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default

user.js not found

---- Lines CT2269050 removed from prefs.js ----

user_pref("CommunityToolbar.MiniIPageGadgetSize.http://storage.conduit.com/50/226/CT2269050/Gadgets/6edca03f-e385-483f-92a6-1ac0700af89b.html", "800x708");

user_pref("CommunityToolbar.ToolbarsList", "CT2269050");

user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");

user_pref("CT2269050.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2269050.alertChannelId", "666138");

user_pref("CT2269050.backendstorage.youtubelang", "5553");

user_pref("CT2269050.clientLogIsEnabled", false);

user_pref("CT2269050.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2269050.CTID", "CT2269050");

user_pref("CT2269050.CurrentServerDate", "10-1-2011");

user_pref("CT2269050.DialogsAlignMode", "LTR");

user_pref("CT2269050.DownloadReferralCookieData", "");

user_pref("CT2269050.EMailNotifierPollDate", "Mon Jan 10 2011 21:40:19 GMT+0100");

user_pref("CT2269050.FirstServerDate", "2-9-2010");

user_pref("CT2269050.FirstTime", true);

user_pref("CT2269050.FirstTimeFF3", true);

user_pref("CT2269050.FirstTimeSettingsDone", true);

user_pref("CT2269050.FixPageNotFoundErrors", true);

user_pref("CT2269050.GroupingServerCheckInterval", 1440);

user_pref("CT2269050.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2269050.Initialize", true);

user_pref("CT2269050.InitializeCommonPrefs", true);

user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);

user_pref("CT2269050.InstallationType", "UnknownIntegration");

user_pref("CT2269050.InstalledDate", "Thu Sep 02 2010 18:46:33 GMT+0200");

user_pref("CT2269050.InvalidateCache", false);

user_pref("CT2269050.IsGrouping", false);

user_pref("CT2269050.IsMulticommunity", false);

user_pref("CT2269050.IsOpenThankYouPage", false);

user_pref("CT2269050.IsOpenUninstallPage", false);

user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Jan 10 2011 21:40:19 GMT+0100");

user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2269050.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Jan 10 2011 21:40:19 GMT+0100");

user_pref("CT2269050.LatestVersion", "3.2.5.2");

user_pref("CT2269050.Locale", "en");

user_pref("CT2269050.LoginCache", 4);

user_pref("CT2269050.MCDetectTooltipHeight", "83");

user_pref("CT2269050.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2269050.MCDetectTooltipWidth", "295");

user_pref("CT2269050.myStuffEnabled", true);

user_pref("CT2269050.myStuffPublihserMinWidth", 400);

user_pref("CT2269050.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");

user_pref("CT2269050.myStuffServiceIntervalMM", 1440);

user_pref("CT2269050.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");

user_pref("CT2269050.RadioIsPodcast", false);

user_pref("CT2269050.RadioLastCheckTime", "Mon Jan 10 2011 21:40:20 GMT+0100");

user_pref("CT2269050.RadioLastUpdateIPServer", "3");

user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");

user_pref("CT2269050.RadioMediaID", "7178145");

user_pref("CT2269050.RadioMediaType", "Media Player");

user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT2269050_RECENT7178145");

user_pref("CT2269050.RadioStationName", "Trendy%20FM");

user_pref("CT2269050.RadioStationURL", "http://www.trendyfm.be/stream/trendystream.asx");

user_pref("CT2269050.RadioVolume", "66");

user_pref("CT2269050.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");

user_pref("CT2269050.SearchFromAddressBarIsInit", true);

user_pref("CT2269050.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");

user_pref("CT2269050.SearchInNewTabEnabled", true);

user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);

user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Jan 10 2011 21:40:18 GMT+0100");

user_pref("CT2269050.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SettingsCheckIntervalMin", 120);

user_pref("CT2269050.SettingsLastCheckTime", "Mon Jan 10 2011 21:40:14 GMT+0100");

user_pref("CT2269050.SettingsLastUpdate", "1294659279");

user_pref("CT2269050.SHRINK_TOOLBAR", 1);

user_pref("CT2269050.ThirdPartyComponentsInterval", 504);

user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Jan 09 2011 11:34:07 GMT+0100");

user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");

user_pref("CT2269050.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT2269050.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2269050.UserID", "UN32021832290200225");

user_pref("CT2269050.ValidationData_Toolbar", 2);

user_pref("CT2269050.WeatherNetwork", "");

user_pref("CT2269050.WeatherPollDate", "Mon Jan 10 2011 21:40:21 GMT+0100");

user_pref("CT2269050.WeatherUnit", "C");

---- Lines CT2269050 modified from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 removed from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.MiniIPageGadgetPosition. http://storage.conduit.com/gadgets/LiveTV.html?source=http://www.wildlifechannel.tv/playfirst.asp", "32x122");

user_pref("CommunityToolbar.MiniIPageGadgetSize. http://storage.conduit.com/gadgets/LiveTV.html?source=http://www.wildlifechannel.tv/playfirst.asp", "851x543");

---- Lines conduit modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

user_pref("weboftrust.search.ask.display", "Ask.com Web Search");

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

user_pref("CommunityToolbar.alert.alertInfoInterval", 60);

user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun May 02 2010 12:24:31 GMT+0200");

user_pref("CommunityToolbar.alert.locale", "en");

user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun May 02 2010 12:24:29 GMT+0200");

user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");

user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

user_pref("CommunityToolbar.alert.showTrayIcon", false);

user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.alert.userId", "{519fa22c-b8c1-47e7-93dd-d5c25b003137}");

user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 09 2011 11:34:10 GMT+0100");

user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Sat Dec 18 2010 15:08:22 GMT+0100");

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.00000");

---- Lines SweetIM modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

user_pref("extensions.enabledItems", "antiphishing@bullguard:1.1,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29,wtxpcom@mybrowserbar.com:4.7,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 0);

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_05-10-2013_1214_.backup

ProfilePath: C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\82d7xnt3.default

user.js not found

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 removed from prefs.js ----

---- Lines C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines browser.startup.page removed from prefs.js ----

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin]

[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"DATAMNGR"=-

"KernelFaultCheck"=-

"MapsGalaxy Search Scope Monitor"=-

"MapsGalaxy_39 Browser Plugin Loader"=-

"VideoDownloadConverter Search Scope Monitor"=-

"VideoDownloadConverter_4z Browser Plugin Loader"=-

==== Deleting Files \ Folders ======================

"C:\Program Files\Mozilla Firefox\components\AskHPRFF.js" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml" deleted

"C:\WINDOWS\system32\roboot.exe" deleted

"C:\WINDOWS\System32\ConduitEngine.tmp" deleted

"C:\WINDOWS\System32\SET17AC.tmp" deleted

"C:\WINDOWS\System32\SET17B0.tmp" deleted

"C:\WINDOWS\System32\SET17B8.tmp" deleted

"C:\Program Files\Mozilla Firefox\components\AskHPRFF.js" deleted

"C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8RES.DLL" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted

"C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8RES.DLL" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted

"C:\Documents and Settings\Pc\Application Data\Uniblue\DriverScanner\monitor.log" deleted

"C:\Program Files\MapsGalaxy_39" deleted

"C:\Program Files\VideoDownloadConverter_4z" deleted

"C:\Documents and Settings\Pc\Application Data\VideoDownloadConverter_4z" deleted

"C:\Program Files\Video Download Converter" deleted

"C:\Documents and Settings\Pc\Application Data\MapsGalaxy_39" deleted

"C:\Program Files\Uniblue\DriverScanner" deleted

"C:\Program Files\MapsGalaxy_39" deleted

"C:\Program Files\BearShare Applications\MediaBar" not deleted

"C:\Program Files\VideoDownloadConverter_4z" deleted

"C:\Program Files\MapsGalaxy_39" deleted

"C:\Program Files\sweetpacks bundle uninstaller" deleted

"C:\Documents and Settings\Pc\Application Data\Uniblue" deleted

"C:\Documents and Settings\Pc\Application Data\AlawarEntertainment" deleted

"C:\Documents and Settings\Pc\Application Data\MapsGalaxy_39" deleted

"C:\Documents and Settings\Pc\Application Data\DVDVideoSoftIEHelpers" deleted

"C:\Documents and Settings\Pc\Application Data\Systweak" deleted

"C:\Documents and Settings\All Users\Application Data\Ask" deleted

"C:\Documents and Settings\All Users\Application Data\Trymedia" deleted

"C:\Documents and Settings\Pc\Local Settings\Application Data\APN" deleted

"C:\Documents and Settings\Pc\Local Settings\Application Data\PackageAware" deleted

"C:\Documents and Settings\Pc\Local Settings\Application Data\Conduit" deleted

"C:\Documents and Settings\All Users\Menu Start\Programma's\Uniblue\DriverScanner" deleted

"C:\Documents and Settings\All Users\Menu Start\Programma's\Uniblue" deleted

"C:\Documents and Settings\All Users\VisualBee" deleted

"C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050" deleted

"C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\bearsharemediabartb" deleted

"C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted

"C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\CT2269050" deleted

"C:\Program Files\MapsGalaxy_39\bar" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin" deleted

"C:\Program Files\MapsGalaxy_39\bar" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin" deleted

"C:\Program Files\BearShare Applications\MediaBar\Datamngr" not deleted

"C:\Program Files\VideoDownloadConverter_4z\bar" deleted

"C:\Program Files\VideoDownloadConverter_4z\bar\1.bin" deleted

"C:\Program Files\MapsGalaxy_39\bar" deleted

"C:\Program Files\MapsGalaxy_39\bar\1.bin" deleted

"C:\Documents and Settings\Pc\Application Data\Uniblue\DriverScanner" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Pc\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

2013-10-05 09:46:40 25881EC11B4B3345DDA799E29E4E4E0A 544 ----a-w- C:\WINDOWS\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-10-04 09:41:33 -------- d-----w- C:\Program Files\trend micro

======= C: =====

====== C:\Documents and Settings\Pc\Application Data ======

====== C:\Documents and Settings\Pc ======

2013-10-05 08:17:40 -------- d--h--r- C:\Documents and Settings\Pc\Onlangs geopend

====== C: exe-files ==

2013-10-05 09:54:19 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Documents and Settings\Pc\Mijn documenten\Downloads\Z-Analyse.exe

2013-10-04 09:41:39 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Pc.exe

2013-10-04 09:40:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Pc\Mijn documenten\Downloads\RSIT.exe

2013-10-04 09:40:53 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\Pc\Mijn documenten\Downloads\RSITx64.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot"

"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"

"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools-1033]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="daemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="uTorrent"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office Snelzoeken.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Microsoft Office Snelzoeken.lnk"

"backup"="C:\\WINDOWS\\pss\\Microsoft Office Snelzoeken.lnkCommon Startup"

"command"="C:\\PROGRA~1\\MICROS~2\\Office\\FINDFAST.EXE "

"item"="Microsoft Office Snelzoeken"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Office Opstarten.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Office Opstarten.lnk"

"backup"="C:\\WINDOWS\\pss\\Office Opstarten.lnkCommon Startup"

"command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA.EXE -b"

"item"="Office Opstarten"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Pc^Menu Start^Programma's^Opstarten^MagicDisc.lnk]

"path"="C:\\Documents and Settings\\Pc\\Menu Start\\Programma's\\Opstarten\\MagicDisc.lnk"

"backup"="C:\\WINDOWS\\pss\\MagicDisc.lnkStartup"

"command"="C:\\PROGRA~1\\MAGICD~1\\MAGICD~1.EXE "

"item"="MagicDisc"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\dsmonitor.job --a------ C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe []

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229547456.job --a------ C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [06-04-2003 01:52]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-02-2009 21:21]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-02-2009 21:21]

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job --a------ [undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default

- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In

148727EBD947CBC168C42A227D56DAB0 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

9B4D431459A9B935FB117F4EDDA236E8 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

8274F0A7EE1B011D1C29ACDA26AAE2EC - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

358878E398AB0FB8B1EE176C2E3EDF48 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll - Google Updater

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

F4B733EB0355B72F99B66F5577CBA4D7 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 6.1c

373370279A3804EC13CE02F8EEA7DB32 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 6.1c

C0CBFFD196C065E57A2D58B841DF5F21 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 6.1c

8E652577130810EF03AFF1C4F5E939B2 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 6.1c

EBFB0D865576659F9E83BED36720DD99 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 6.1c

2B2A5C93D80EAF6F5699864D7D8DC699 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 6.1c

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

3509063A268A4197CF8E713BD22B0978 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

99F97C9FE748C37528C338A423577FCB - C:\Documents and Settings\Pc\Application Data\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[02-04-2013 07:24]

Last updated at time on date - Pc - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Speed Dial 2 - Pc - Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik

Chrome In-App Payments service - Pc - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik deleted successfully

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage deleted successfully

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal deleted successfully

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.startpagina.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.sweetim.com/?crg=3.1010000.00000"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.startpagina.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1935655697-602609370-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm255^YYA^be&si=CLDQvqagrLgCFYjC3godyhgAbw&a=B71B2B89-118D-4479-8A1A-394FEE53DE29&n=2013071306&cv=1

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340906291407

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)

O23 - Service: Google Update Service (gupdate1c9856b84a72a34) (gupdate1c9856b84a72a34) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Pc\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\personas\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Pc\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\BearShare Applications\MediaBar" not found

==== EOF on za 05-10-2013 at 12:32:35,01 ======================

Link naar reactie
Delen op andere sites


Mooi zo ... hiermee is een ontzettend pak rotzooi verwijderd van de PC.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p2=^HJ^xdm255^YYA^be&si=CLDQvqagrLgCFYjC3godyhgAbw&a=B71B2B89-118D-4479-8A1A-394FEE53DE29&n=2013071306&cv=1

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

2. Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Hang daarna even een nieuw logje van HijackThis in je volgende bericht.

Link naar reactie
Delen op andere sites

Hieronder vindt u het logje!

Logfile of random's system information tool 1.09 (written by random/random)

Run by Pc at 2013-10-06 12:32:29

Microsoft Windows XP Professional Service Pack 3

System drive C: has 4 GB (5%) free of 76 GB

Total RAM: 2038 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:32:38, on 6-10-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\SvcHost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\WINDOWS\System32\SvcHost.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

C:\WINDOWS\System32\SvcHost.exe

C:\WINDOWS\System32\SvcHost.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Google\Update\Install\{26F32C96-B419-40C8-B2B6-7871BE695B62}\30.0.1599.69_29.0.1547.76_chrome_updater.exe

C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\CR_6B970.tmp\setup.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\HiJackThis\HiJackThis.exe

C:\Documents and Settings\Pc\Mijn documenten\Downloads\RSIT.exe

C:\Program Files\trend micro\Pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340906291407

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)

O23 - Service: Google Update Service (gupdate1c9856b84a72a34) (gupdate1c9856b84a72a34) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--

End of file - 11120 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\dsmonitor.job

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229547456.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default

prefs.js - "browser.search.suggest.enabled" - true

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.google.com"

prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

"39ffxtbr@MapsGalaxy_39.com"=C:\Program Files\MapsGalaxy_39\bar\1.bin

"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

"antiphishing@bullguard"=c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]

"Description"=DivX® Player Plugin for VOD Content

"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]

"Description"=DivX Plus Web Player

"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]

"Description"=Office Live Update v1.3

"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]

"Description"=Google Updater

"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]

"Description"=Zylom Games Player 1.00

"Path"=C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]

"Description"=Yahoo! activeX Plug-in Bridge

"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

nsIZylomPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

npDivxPlayerPlugin.dll

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npzylomgamesplayer.dll

nsIDivxPlayerPlugin.xpt

QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

yahoo.xml

C:\Documents and Settings\Pc\Application Data\Mozilla\Firefox\Profiles\1fuficfp.default\extensions\

{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-04-02 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-21 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-09 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-21 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-04-01 1404928]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-04-01 94208]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-04-01 77824]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-04-01 114688]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-01-31 77824]

"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2013-09-16 858976]

"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576]

"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2013-07-24 1879392]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-03-28 450560]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-18 39408]

"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]

C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

C:\Program Files\uTorrent\uTorrent.exe [2011-04-25 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office Snelzoeken.lnk]

C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-09-01 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Office Opstarten.lnk]

C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-09-01 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Menu Start^Programma's^Opstarten^MagicDisc.lnk]

C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2006-04-01 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:aomx"

"C:\Program Files\The Odyssey Online Classic\Odyssey.exe"="C:\Program Files\The Odyssey Online Classic\Odyssey.exe:*:Enabled:Odyssey Classic"

"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

"C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOps.exe"="C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"

"C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe"="C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic Heroes VI"

"C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\tvnserver.exe"="C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"

"C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\vncviewer.exe"="C:\Documents and Settings\Pc\Local Settings\Application Data\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

"msacm.siren"=sirenacm.dll

"vidc.DIVX"=DivX.dll

"vidc.yv12"=DivX.dll

======List of files/folders created in the last 3 months======

2013-10-06 12:23:30 ----SHD---- C:\RECYCLER

2013-10-05 12:24:58 ----D---- C:\WINDOWS\Temp

2013-10-05 12:24:58 ----A---- C:\WINDOWS\zoek-delete.exe

2013-10-05 12:24:29 ----D---- C:\Program Files\HiJackThis

2013-10-04 11:41:33 ----D---- C:\Program Files\trend micro

2013-10-04 11:41:31 ----D---- C:\rsit

2013-08-14 11:05:52 ----D---- C:\WINDOWS\system32\MRT

2013-07-21 13:48:02 ----D---- C:\Program Files\Mozilla Firefox

2013-07-21 12:57:35 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla

2013-07-21 12:57:34 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-07-21 12:51:51 ----A---- C:\WINDOWS\system32\javaws.exe

2013-07-21 12:51:43 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

2013-07-21 12:51:41 ----A---- C:\WINDOWS\system32\javaw.exe

2013-07-21 12:51:41 ----A---- C:\WINDOWS\system32\java.exe

2013-07-14 13:57:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 3 months======

2013-10-06 12:32:38 ----D---- C:\WINDOWS\Prefetch

2013-10-06 12:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\BullGuard

2013-10-06 12:24:23 ----D---- C:\WINDOWS\system32\LogFiles

2013-10-06 12:23:32 ----D---- C:\WINDOWS

2013-10-06 12:20:15 ----SHD---- C:\WINDOWS\Installer

2013-10-06 12:19:34 ----D---- C:\Config.Msi

2013-10-06 12:13:41 ----D---- C:\WINDOWS\system32\CatRoot2

2013-10-06 12:12:46 ----D---- C:\WINDOWS\system32

2013-10-06 12:10:47 ----N---- C:\WINDOWS\SchedLgU.Txt

2013-10-05 20:22:17 ----A---- C:\WINDOWS\entpack.ini

2013-10-05 12:32:17 ----D---- C:\Program Files\BearShare Applications

2013-10-05 12:24:29 ----RD---- C:\Program Files

2013-10-05 12:17:53 ----D---- C:\Program Files\Uniblue

2013-10-04 16:55:20 ----D---- C:\WINDOWS\Minidump

2013-10-04 08:36:20 ----SD---- C:\WINDOWS\Tasks

2013-09-18 17:53:53 ----D---- C:\WINDOWS\Debug

2013-09-15 17:55:17 ----HD---- C:\WINDOWS\inf

2013-09-13 18:53:22 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-09-11 14:54:48 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-09-11 14:54:45 ----D---- C:\Program Files\Internet Explorer

2013-09-11 14:54:26 ----D---- C:\WINDOWS\ie8updates

2013-09-11 14:42:44 ----A---- C:\WINDOWS\system32\MRT.exe

2013-08-18 12:31:08 ----D---- C:\Excel

2013-08-18 11:32:41 ----A---- C:\WINDOWS\NeroDigital.ini

2013-08-14 11:12:19 ----RSD---- C:\WINDOWS\assembly

2013-08-14 11:05:13 ----D---- C:\WINDOWS\Microsoft.NET

2013-08-14 10:59:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-14 10:58:52 ----D---- C:\WINDOWS\WinSxS

2013-08-13 15:40:44 ----D---- C:\Word

2013-08-09 03:56:37 ----A---- C:\WINDOWS\system32\themeui.dll

2013-08-08 11:35:46 ----A---- C:\WINDOWS\system32\iertutil.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\wininet.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\urlmon.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\url.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\occache.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mstime.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mshtmled.dll

2013-08-08 08:05:46 ----A---- C:\WINDOWS\system32\mshtml.dll

2013-08-08 08:05:45 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\msfeeds.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\licmgr10.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\jsproxy.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\iepeers.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\ieframe.dll

2013-08-08 08:05:45 ----A---- C:\WINDOWS\system32\corpol.dll

2013-08-08 02:04:27 ----N---- C:\WINDOWS\system32\ie4uinit.exe

2013-08-05 15:30:18 ----A---- C:\WINDOWS\system32\ole32.dll

2013-08-04 15:23:33 ----D---- C:\Documents and Settings\Pc\Application Data\uTorrent

2013-08-03 17:33:36 ----D---- C:\Program Files\CCleaner

2013-08-03 01:48:38 ----N---- C:\WINDOWS\system32\wmvdecod.dll

2013-07-24 12:12:37 ----A---- C:\WINDOWS\system32\BGLsp.dll

2013-07-24 12:12:35 ----A---- C:\WINDOWS\system32\BgGamingMonitor.dll

2013-07-21 17:06:27 ----D---- C:\WINDOWS\Help

2013-07-21 12:51:21 ----A---- C:\WINDOWS\system32\npDeployJava1.dll

2013-07-21 12:51:21 ----A---- C:\WINDOWS\system32\deployJava1.dll

2013-07-21 12:51:15 ----D---- C:\Program Files\Java

2013-07-17 17:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files

2013-07-17 02:46:31 ----N---- C:\WINDOWS\system32\tzchange.exe

2013-07-14 08:29:37 ----D---- C:\WINDOWS\system32\Adobe

2013-07-14 08:29:37 ----D---- C:\Documents and Settings\Pc\Application Data\Adobe

2013-07-14 08:29:34 ----D---- C:\WINDOWS\system32\Macromed

2013-07-14 08:29:34 ----D---- C:\Documents and Settings\Pc\Application Data\Macromedia

2013-07-12 08:29:48 ----D---- C:\Program Files\Microsoft Silverlight

2013-07-11 21:37:52 ----D---- C:\WINDOWS\pchealth

2013-07-11 21:29:12 ----D---- C:\WINDOWS\system32\XPSViewer

2013-07-10 12:37:49 ----A---- C:\WINDOWS\system32\usp10.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]

R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-15 43528]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-17 82380]

R1 BdSpy;BdSpy; C:\WINDOWS\system32\DRIVERS\BdSpy.sys [2013-03-21 66160]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\WINDOWS\system32\DRIVERS\NSKernel.sys [2012-03-01 789960]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\WINDOWS\system32\DRIVERS\NSNetmon.sys [2012-03-01 19272]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]

R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2013-02-25 33888]

R3 afwcore;afwcore; C:\WINDOWS\system32\DRIVERS\afwcore.sys [2013-02-25 284768]

R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-04-01 134272]

R3 dc3d;MS Hardware Device Detection Driver (USB); C:\WINDOWS\system32\DRIVERS\dc3d.sys [2011-08-01 45288]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-04-01 830684]

R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]

R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2011-08-01 40936]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2006-04-01 732928]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-04-01 260352]

R3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2013-02-25 343456]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]

S3 Profos;Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys []

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BsBackup;BullGuard backup service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-09-16 376672]

R2 BsFileScan;BullGuard on-access service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsFire;BullGuard firewall service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsMailProxy;BullGuard e-mail monitoring service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsMain;BullGuard main service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336]

R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-09-16 212320]

R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-09-16 287584]

R2 gupdate1c9856b84a72a34;Google Update Service (gupdate1c9856b84a72a34); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-02 133104]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-21 182184]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-03-13 66872]

R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-03-13 103736]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]

R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe []

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-02 133104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-21 117144]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Ik vroeg me wel af of het verstandig is dat ik de schijf eens defragmenteer. De pc is af en toe een beetje langzaam. Het is ook al een oudere PC.
Vermoedelijk zal dit bij deze PC nog niet vaak gebeurd zijn, dus is het best uitvoerbaar. Verwacht daar echter geen (snelheids)wonderen van.

Download 5217db3eb6d8b-AdwCleaner3.pngAdwCleaner by Xplode naar je bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites

 Delen

×
×
  • Nieuwe aanmaken...