Logfile of random's system information tool 1.10 (written by random/random) Run by Johan at 2014-10-08 22:55:00 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 7 GB (13%) free of 55 GB Total RAM: 3583 MB (42% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:55:11, on 8/10/2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe C:\Program Files\Soda PDF 3D Reader\HelperService.exe C:\Program Files\Soda PDF 3D Reader\ConversionService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\ControlCenter4\BrCcBoot.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Nuance\PaperPort\pptd40nt.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe D:\Data\Downloads\RSIT.exe C:\Program Files\trend micro\Johan.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Soda PDF 3D Reader Helper - {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} - C:\Program Files\Soda PDF 3D Reader\PDFIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll O3 - Toolbar: Soda PDF 3D Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files\Soda PDF 3D Reader\PDFIEPlugin.dll O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [InstalledTime] 12-26-2013 O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-2000478354-1682526488-839522115-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2000478354-1682526488-839522115-1007\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: Soda PDF 3D Reader Helper Service - LULU Software Limited - C:\Program Files\Soda PDF 3D Reader\HelperService.exe O23 - Service: Soda PDF 3D Reader Service - LULU Software Limited - C:\Program Files\Soda PDF 3D Reader\ConversionService.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 13590 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\expressripShakeIcon.job - C:\Program Files\NCH Swift Sound\ExpressRip\expressrip.exe -shakeicon C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\OGADaily.job - C:\WINDOWS\system32\OGAVerify.exe C:\WINDOWS\tasks\OGALogon.job - C:\WINDOWS\system32\OGAVerify.exe C:\WINDOWS\tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - C:\WINDOWS\system32\msfeedssync.exe sync =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\fq07ed6c.default-1411820388234 "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.152 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF] "Description"=NitroPDF Web Browser Plugin "Path"=C:\Program Files\Nitro\Reader 3\npnitromozilla.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ NPOFF12.DLL npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631}] Soda PDF 3D Reader Helper - C:\Program Files\Soda PDF 3D Reader\PDFIEHelper.dll [2013-08-19 92000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23 392336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-25 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200] {64C9D46E-8F8B-4158-9780-A6581C7439B1} - Soda PDF 3D Reader Toolbar - C:\Program Files\Soda PDF 3D Reader\PDFIEPlugin.dll [2013-08-19 720224] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-06-13 127036] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-10 1828136] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-12 17887232] "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"=C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [2009-05-07 1683456] "ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360] "BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096] "IndexSearch"=C:\Program Files\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368] "PaperPort PTD"=C:\Program Files\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984] "PPort12reminder"=C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-11-11 15711008] "NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login [] "nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-11 2602784] "Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-15 98304] "InstalledTime"=12-26-2013 [] "UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-27 1211176] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] C:\Program Files\Belgium Identity Card\beid35gui.exe [2009-02-02 2035712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExtraFilmManager] C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe [2010-06-15 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe /autostart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart] C:\Program Files\Garmin\gStart.exe [2008-08-13 1891416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-09-01 176128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2011-10-24 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^Dropbox.lnk] C:\DOCUME~1\Johan\APPLIC~1\Dropbox\bin\Dropbox.exe [2014-09-13 36414624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^Spoon Sandbox Manager 3.24.lnk] C:\DOCUME~1\Johan\LOCALS~1\APPLIC~1\Spoon\3240~1.6\SPOON-~2.EXE [2011-01-12 232696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2012-08-16 192512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "E:\MY DOWNLOAD FILES\3gp_player_setup films.exe"="E:\MY DOWNLOAD FILES\3gp_player_setup films.exe:*:Enabled:3GP Player" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus / Vuze" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\Brother\Brmfl10g\FAXRX.exe"="C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE" "C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service" "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe" "C:\Program Files\Raptr\raptr.exe"="C:\Program Files\Raptr\raptr.exe:*:Enabled:Raptr Desktop App" "C:\Program Files\Raptr\raptr_im.exe"="C:\Program Files\Raptr\raptr_im.exe:*:Enabled:Raptr IM" "C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=i420vfw.dll "vidc.iv31"=Ir32_32.dll "vidc.iv32"=Ir32_32.dll "vidc.iv41"=Ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=L3CODECA.ACM "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.MPG4"=mpg4c32.dll "VIDC.MP42"=mpg4c32.dll "vidc.yv12"=yv12vfw.dll "vidc.xvid"=xvid.dll "VIDC.WMV3"=wmv9vcm.dll "msacm.divxa32"=divxa32.acm "VIDC.i263"=i263_32.drv "msacm.imc"=imc32.acm "VIDC.IV40"=Ir41_32.ax "VIDC.VP31"=vp31vfw.dll "msacm.ac3acm"=ac3acm.acm "vidc.ffds"=ffdshow.ax "msacm.ac3filter"=ac3filter.acm "msacm.siren"=sirenacm.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-10-08 22:55:00 ----D---- C:\rsit 2014-10-08 16:54:00 ----D---- C:\Program Files\Sony Media Go Install 2014-10-08 16:47:59 ----SHD---- C:\Config.Msi 2014-10-08 16:22:02 ----D---- C:\Documents and Settings\Johan\Application Data\Sony 2014-09-28 14:24:34 ----D---- C:\Documents and Settings\All Users\Application Data\APN 2014-09-28 14:22:30 ----D---- C:\Program Files\GreenTree Applications 2014-09-28 13:54:59 ----A---- C:\WINDOWS\GPU-Z.INI 2014-09-24 21:50:40 ----D---- C:\Program Files\Mozilla Firefox 2014-09-21 12:48:43 ----D---- C:\WINDOWS\pss 2014-09-21 11:01:58 ----A---- C:\WINDOWS\system32\ptpusb.dll 2014-09-21 11:01:57 ----A---- C:\WINDOWS\system32\ptpusd.dll 2014-09-21 09:29:23 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2014-09-21 09:25:56 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-09-21 09:25:56 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2014-09-21 09:11:11 ----SHD---- C:\RECYCLER 2014-09-21 08:46:58 ----A---- C:\WINDOWS\system32\sqlite3.dll 2014-09-20 12:02:20 ----A---- C:\WINDOWS\zoek-delete.exe 2014-09-20 12:02:19 ----D---- C:\WINDOWS\Temp 2014-09-20 11:56:05 ----D---- C:\zoek ======List of files/folders modified in the last 1 month====== 2014-10-08 22:55:07 ----D---- C:\Program Files\Trend Micro 2014-10-08 22:55:04 ----D---- C:\WINDOWS\Prefetch 2014-10-08 19:09:06 ----D---- C:\Program Files\Browny02 2014-10-08 19:08:45 ----D---- C:\WINDOWS 2014-10-08 19:08:43 ----D---- C:\WINDOWS\system32 2014-10-08 17:36:32 ----SHD---- C:\System Volume Information 2014-10-08 17:32:56 ----D---- C:\WINDOWS\system32\config 2014-10-08 17:30:39 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-10-08 16:54:00 ----D---- C:\Program Files 2014-10-08 16:48:04 ----SHD---- C:\WINDOWS\Installer 2014-10-08 16:48:03 ----D---- C:\Program Files\Google 2014-10-08 16:13:26 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation 2014-10-08 16:13:25 ----D---- C:\Program Files\Sony 2014-10-08 16:06:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2014-10-08 16:06:52 ----D---- C:\WINDOWS\system32\drivers\UMDF 2014-10-08 16:06:45 ----D---- C:\WINDOWS\system32\CatRoot2 2014-10-08 12:20:49 ----D---- C:\WINDOWS\Help 2014-10-07 07:32:26 ----D---- C:\temp 2014-10-06 20:38:35 ----D---- C:\Program Files\Spotnet 2014-10-04 18:52:30 ----D---- C:\WINDOWS\system32\drivers\N360 2014-10-02 10:05:31 ----D---- C:\Documents and Settings\Johan\Application Data\Applian FLV and Media Player 2014-10-01 21:43:23 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-09-28 13:56:05 ----D---- C:\WINDOWS\system32\drivers 2014-09-26 13:52:17 ----D---- C:\Program Files\Outlook Express 2014-09-26 04:09:23 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-09-24 08:53:27 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2014-09-23 10:55:26 ----A---- C:\DelFix.txt 2014-09-21 12:43:50 ----D---- C:\Documents and Settings\Johan\Application Data\Dropbox 2014-09-21 11:02:02 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-09-21 10:37:14 ----D---- C:\Program Files\intellidownload 2014-09-21 09:26:10 ----D---- C:\Documents and Settings\Johan\Application Data\Malwarebytes 2014-09-21 09:25:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-09-21 09:25:56 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-09-21 09:11:46 ----D---- C:\Documents and Settings\Johan\Application Data\Media Player Classic 2014-09-21 09:11:46 ----D---- C:\Documents and Settings\Johan\Application Data\Azureus 2014-09-21 09:11:12 ----D---- C:\WINDOWS\Debug 2014-09-11 19:22:10 ----A---- C:\WINDOWS\NeroDigital.ini 2014-09-10 23:41:50 ----D---- C:\WINDOWS\system32\MRT 2014-09-10 23:29:06 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-06-12 89264] R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912] R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-03-24 46208] R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\Drivers\PxHelp20.sys [2006-11-02 36624] R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\1506000.020\SYMDS.SYS [2013-09-10 367704] R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\1506000.020\SYMEFA.SYS [2014-03-04 936152] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400] R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008] R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx86.sys [] R1 ccSet_N360;N360 Settings Manager; C:\WINDOWS\system32\drivers\N360\1506000.020\ccSetx86.sys [2013-09-26 127064] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551); \??\C:\WINDOWS\system32\Drivers\NEOFLTR_650_15551.SYS [] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\1506000.020\SRTSPX.SYS [2014-08-26 32984] R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\1506000.020\Ironx86.SYS [2014-08-06 209624] R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\1506000.020\SYMTDI.SYS [2014-02-18 423256] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032] R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS [] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2003-12-17 17005] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544] R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys [] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088] R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys [] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-22 11776] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-08-16 6810624] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-02-23 99856] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IDSxpx86;IDSxpx86; \??\C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141007.001\IDSxpx86.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-16 5095936] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2009-08-05 39424] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NAVENG;NAVENG; \??\C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141007.023\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141007.023\NAVEX15.SYS [] R3 rt2870;D-Link 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-04-15 715520] R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\1506000.020\SRTSP.SYS [2014-08-26 664792] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2009-05-29 33536] S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736] S3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 catchme;catchme; \??\C:\DOCUME~1\Johan\LOCALS~1\Temp\catchme.sys [] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056] S3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-11-11 12684992] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [] S3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS [] S3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS [] S3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS [] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-26 248832] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ANIWConnService;ANIWConn Service; C:\WINDOWS\system32\ANIWConnService.exe [2009-02-26 147456] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-08-16 643072] R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152] R2 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-09-20 101376] R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2012-09-07 8704] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-07-25 182696] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe [2014-09-21 265040] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-10 836904] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-26 196624] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-08 1914656] R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672] R2 Soda PDF 3D Reader Helper Service;Soda PDF 3D Reader Helper Service; C:\Program Files\Soda PDF 3D Reader\HelperService.exe [2013-08-19 1162592] R2 Soda PDF 3D Reader Service;Soda PDF 3D Reader Service; C:\Program Files\Soda PDF 3D Reader\ConversionService.exe [2013-08-19 852320] R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-19 133104] S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-11-11 156960] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-19 133104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-21 382248] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------