Ga naar inhoud

pc werkt niet optimaal


Aanbevolen berichten

Hallo,

Tijdens het surfen gaat ie soms zeer traag !

Ik heb gescant met MBAM en die vond een paar "POP UPTIONAL CROSSRIDER A" malware

Toch maar even een HJTHS logje geplaatst.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 14:32:37, on 30/10/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19088)

FIREFOX: 20.0.1 (en-GB)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Windows\PLFSetL.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIVE.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\User\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2530 Series"

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: CSPEH - Unknown owner - C:\Users\User\AppData\Local\Temp\CSPEH.exe (file missing)

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe

O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HDYEHKZ - Unknown owner - C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: SGNITIQPEOFL - Unknown owner - C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 5838 bytes

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by User at 2013-10-31 12:38:29

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 53 GB (47%) free of 114 GB

Total RAM: 3069 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:38:55, on 31/10/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19088)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Windows\PLFSetL.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIVE.EXE

C:\Windows\System32\mobsync.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\User\Desktop\RSIT.exe

C:\Program Files\trend micro\User.exe

C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2530 Series"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: CSPEH - Unknown owner - C:\Users\User\AppData\Local\Temp\CSPEH.exe (file missing)

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe

O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HDYEHKZ - Unknown owner - C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: SGNITIQPEOFL - Unknown owner - C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 6346 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

C:\Windows\tasks\bestLyrics-34-chromeinstaller.job

C:\Windows\tasks\bestLyrics-34-codedownloader.job

C:\Windows\tasks\bestLyrics-34-enabler.job

C:\Windows\tasks\bestLyrics-34-firefoxinstaller.job

C:\Windows\tasks\bestLyrics-34-updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\PerfectOptimizer_home.job

C:\Windows\tasks\User_Feed_Synchronization-{D6A5BA18-8CD6-4C00-B34F-1C1CF83A5543}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default

prefs.js - "browser.startup.homepage" - "www.hln.be"

prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319, {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.90, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, performeroptimum@livejasmin.com:3.1.5.5, scrapbookplus@addons.mozilla.org:1.8.17.31, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1319, zigboom@hotmail.com:1.3.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19, flaminglow-ff3-30@glowplug.bitasylum.net:4.0.3.06, glowygold-ff3-30@glowplug.bitasylum.net:4.0.3.06, {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91"

prefs.js - "keyword.URL" - "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]

"Description"=DivX Plus Web Player

"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]

"Description"=Yahoo Messenger State Plugin

"Path"=C:\Program Files\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]

"Description"=RealPlayer LiveConnect-Enabled Plug-In

"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]

"Description"=6.0.12.448

"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]

"Description"=

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]

"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers

"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\

np-mswmp.dll

npffividiplg.dll

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\

amazon-en-GB.xml

avg_igeared.xml

bing.xml

chambers-en-GB.xml

eBay-en-GB.xml

google.xml

twitter.xml

wikipedia.xml

yahoo-en-GB.xml

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\

3fe3e99e-6ac7-4996-bc83-e4a963a1ce42@a89bad3e-4379-43b5-a94f-0dfcf2f8a23f.com

zigboom@hotmail.com

{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\

askcom.xml

ividi.xml

Mysearchdial.xml

MyStart Search.xml

SearchResults.xml

Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-23 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]

ividi Helper Object - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]

Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-23 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"fsm"= []

"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE [2012-02-26 249440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]

C:\Program Files\CCleaner\CCleaner.exe [2009-10-22 1700664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClickPotatoLiteSA]

C:\Program Files\ClickPotatoLite\bin\10.0.630.0\ClickPotatoLiteSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04 887432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]

C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2009-11-10 5244216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-06-28 279552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]

C:\Windows\PLFSetL.exe [2007-07-05 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Windows\RtHDVCpl.exe [2007-09-27 4702208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

C:\Windows\Skytel.exe [2007-09-27 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateStar Drivers]

C:\Program Files\UpdateStar Drivers\drivers.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]

C:\Program Files\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-04-19 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]

C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe --startup []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=msh263.drv

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"mixer2"=wdmaud.drv

"midi2"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"VIDC.FFDS"=ff_vfw.dll

"vidc.XVID"=xvidvfw.dll

"msacm.ac3filter"=ac3filter.acm

"msacm.avis"=ff_acm.acm

"vidc.DIVX"=DivX.dll

"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-31 12:38:29 ----D---- C:\rsit

2013-10-31 12:38:29 ----D---- C:\Program Files\trend micro

2013-10-30 14:22:51 ----D---- C:\Windows\ERDNT

2013-10-30 14:22:13 ----D---- C:\Program Files\ERUNT

2013-10-28 18:40:50 ----D---- C:\Program Files\iVIDI.org plugin

2013-10-28 18:40:09 ----D---- C:\Program Files\bestLyrics-34

2013-10-24 19:00:14 ----D---- C:\Program Files\Common Files\snp2uvc

2013-10-24 18:52:55 ----SHD---- C:\Config.Msi

2013-10-24 18:06:26 ----D---- C:\Program Files\Unitech LLC

2013-10-24 18:06:01 ----D---- C:\Users\User\AppData\Roaming\Unitech LLC

2013-10-24 18:00:44 ----D---- C:\Users\User\AppData\Roaming\AVG2014

2013-10-24 17:55:08 ----D---- C:\ProgramData\AVG2014

2013-10-13 13:41:48 ----D---- C:\Program Files\iPod

2013-10-13 13:41:46 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-10-13 13:41:46 ----D---- C:\Program Files\iTunes

2013-10-13 13:38:28 ----D---- C:\Program Files\Apple Software Update

2013-10-13 12:50:20 ----D---- C:\Program Files\jZip

2013-10-08 14:08:52 ----D---- C:\Users\User\AppData\Roaming\Spotify

======List of files/folders modified in the last 1 month======

2013-10-31 12:38:44 ----D---- C:\Windows\Prefetch

2013-10-31 12:38:29 ----D---- C:\Program Files

2013-10-31 12:38:24 ----D---- C:\Windows\Temp

2013-10-31 12:37:40 ----D---- C:\ProgramData\MFAData

2013-10-30 17:12:33 ----D---- C:\Windows\system32\drivers

2013-10-30 16:55:42 ----SHD---- C:\System Volume Information

2013-10-30 14:29:52 ----D---- C:\Windows\System32

2013-10-30 14:22:51 ----D---- C:\Windows

2013-10-30 14:16:11 ----D---- C:\Windows\inf

2013-10-30 14:16:11 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-30 14:08:18 ----D---- C:\Windows\SoftwareDistribution

2013-10-30 14:07:16 ----D---- C:\Program Files\4shared Desktop

2013-10-28 18:40:44 ----D---- C:\Windows\Tasks

2013-10-28 18:40:44 ----D---- C:\Windows\system32\Tasks

2013-10-24 20:10:00 ----RSD---- C:\Windows\Fonts

2013-10-24 19:00:16 ----D---- C:\Windows\SUYIN NB Cam

2013-10-24 19:00:15 ----D---- C:\Windows\twain_32

2013-10-24 19:00:15 ----D---- C:\Windows\system32\x64

2013-10-24 19:00:15 ----D---- C:\Windows\system32\drivers\x64

2013-10-24 19:00:14 ----D---- C:\Program Files\Common Files

2013-10-24 18:52:57 ----SHD---- C:\Windows\Installer

2013-10-24 18:28:09 ----HD---- C:\ProgramData

2013-10-24 18:24:26 ----D---- C:\Program Files\Mozilla Firefox

2013-10-24 18:01:41 ----D---- C:\Program Files\AVG

2013-10-15 14:40:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-10-13 15:58:42 ----D---- C:\Windows\system32\catroot

2013-10-13 13:41:48 ----D---- C:\Program Files\Common Files\Apple

2013-10-11 12:24:28 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]

R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-08-01 37664]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-08-07 12672]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-08-07 8704]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-09 3552256]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-08-07 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-08-07 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-27 1950552]

R3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-13 1749376]

R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE); C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 80000]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-08-07 660480]

R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]

S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-21 10752]

S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []

S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]

S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]

S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver; C:\Windows\System32\Drivers\tascusb2.sys [2008-07-25 367616]

S3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device; C:\Windows\system32\drivers\tscusb2m.sys [2008-07-25 18944]

S3 TASCAM_US122L_WDM;TASCAM US-122L WDM; C:\Windows\system32\drivers\tscusb2a.sys [2008-07-25 33792]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE); C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [2010-09-01 85888]

S3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm; C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [2010-09-01 50304]

S3 vodafone_K3805-z_cpo;Vodafone K3805-z Install; C:\Windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys [2010-09-01 9728]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-08 671744]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]

R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2011-12-11 122000]

R2 VmbService;Vodafone Mobile Broadband Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-06-28 9216]

R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [2013-08-01 1616048]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-08-07 386560]

R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 gupdate;Servicio Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384]

S3 CSPEH;CSPEH; C:\Users\User\AppData\Local\Temp\CSPEH.exe []

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176]

S3 HDYEHKZ;HDYEHKZ; C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe []

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-01 553288]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-18 115608]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 SGNITIQPEOFL;SGNITIQPEOFL; C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe []

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    
    
    emptyclsid;
    emptyfolderscheck;Delete
    torpigcheck;
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm; 
    torpigcheck;
    
    
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by User on 02/11/2013 at 12:42:15.90.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\User\AppData\Local\Temp\jZip\jZip273DC\jZip538A\zoek.exe [script inserted]

==== System Restore Info ======================

02/11/2013 12:43:19 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll

==== Empty Folders Check ======================

C:\Program Files\ahead deleted successfully

C:\Program Files\Camfrog deleted successfully

C:\Program Files\CDCopy deleted successfully

C:\Program Files\Easy Cover Design Pro deleted successfully

C:\Program Files\Panda Security deleted successfully

C:\Program Files\Quark deleted successfully

C:\Program Files\Replay Music 3 deleted successfully

C:\Program Files\Roni Music deleted successfully

C:\Program Files\SUPERAntiSpyware deleted successfully

C:\Program Files\Common Files\SWF Studio deleted successfully

C:\Users\User\AppData\Roaming\.# deleted successfully

C:\Users\User\AppData\Roaming\Erwa deleted successfully

C:\Users\User\AppData\Roaming\Gygan deleted successfully

C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com deleted successfully

C:\Users\User\AppData\Local\OpenCandy deleted successfully

==== Creating Sample_112013_1249.zip ======================

Copied file C:\Users\User\Setup_Full_Registered.exe to sample\Setup_Full_Registered.exe

sample\Setup_Full_Registered.exe renamed to 4AC3B3F95F0DE0D26D1C7C4B718E7828

C:\Users\Public\Desktop\sample_112013_1249.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{30C6447E-65A8-4C8B-A10D-00E9FDCC66A6} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5AC55A0D-858C-4E4D-9D2E-D1BCFE7BCC29} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5B7706E6-3034-21B5-1074-6208B644849D} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{642D042B-AA94-4B43-AC81-642DF559A2C4} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.4.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater15.4.0 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default

---- Lines ividi removed from prefs.js ----

user_pref("extensions.ividi.admin", false);

user_pref("extensions.ividi.aflt", "3");

user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");

user_pref("extensions.ividi.autoRvrt", "false");

user_pref("extensions.ividi.cntry", "ES");

user_pref("extensions.ividi.dfltLng", "");

user_pref("extensions.ividi.dfltSrch", true);

user_pref("extensions.ividi.dnsErr", true);

user_pref("extensions.ividi.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,75262

user_pref("extensions.ividi.dspFFXOld", "");

user_pref("extensions.ividi.excTlbr", true);

user_pref("extensions.ividi.ffxUnstlRst", false);

user_pref("extensions.ividi.hdrMd5", "A3D973F91E96918D80AAD23B524A4866");

user_pref("extensions.ividi.hmpg", true);

user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=b4998904000000000000001f3c2a7970&affilt=3");

user_pref("extensions.ividi.hpOld0", "www.hln.be");

user_pref("extensions.ividi.id", "b4998904000000000000001f3c2a7970");

user_pref("extensions.ividi.instlDay", "16006");

user_pref("extensions.ividi.instlRef", "");

user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=");

user_pref("extensions.ividi.lastB", "http://search.ividi.org/?src=tbhp&id=b4998904000000000000001f3c2a7970&affilt=3");

user_pref("extensions.ividi.lastVrsnTs", "1.8.23.018:49:21");

user_pref("extensions.ividi.newTab", true);

user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=b4998904000000000000001f3c2a7970&affilt=3");

user_pref("extensions.ividi.prdct", "ividi");

user_pref("extensions.ividi.prtnrId", "ividi");

user_pref("extensions.ividi.rvrt", "false");

user_pref("extensions.ividi.sg", "none");

user_pref("extensions.ividi.smplGrp", "none");

user_pref("extensions.ividi.srchPrvdr", "Search ");

user_pref("extensions.ividi.tlbrId", "base");

user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=");

user_pref("extensions.ividi.vrsn", "1.8.23.0");

user_pref("extensions.ividi.vrsnTs", "1.8.23.018:49:21");

user_pref("extensions.ividi.vrsni", "1.8.23.0");

user_pref("keyword.URL", "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=");

---- Lines ividi removed from user.js ----

user_pref("extensions.ividi.hpOld0", "www.hln.be");

user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=");

user_pref("extensions.ividi.id", "b4998904000000000000001f3c2a7970");

user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");

user_pref("extensions.ividi.instlDay", "16006");

user_pref("extensions.ividi.vrsn", "1.8.23.0");

user_pref("extensions.ividi.vrsni", "1.8.23.0");

user_pref("extensions.ividi.vrsnTs", "1.8.23.018:49:21");

user_pref("extensions.ividi.prtnrId", "ividi");

user_pref("extensions.ividi.prdct", "ividi");

user_pref("extensions.ividi.aflt", "3");

user_pref("extensions.ividi.smplGrp", "none");

user_pref("extensions.ividi.tlbrId", "base");

user_pref("extensions.ividi.instlRef", "");

user_pref("extensions.ividi.dfltLng", "");

user_pref("extensions.ividi.excTlbr", true);

user_pref("extensions.ividi.ffxUnstlRst", false);

user_pref("extensions.ividi.admin", false);

user_pref("extensions.ividi.autoRvrt", "false");

user_pref("extensions.ividi.rvrt", "false");

user_pref("extensions.ividi.hmpg", true);

user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=b4998904000000000000001f3c2a7970&affilt=3");

user_pref("extensions.ividi.dfltSrch", true);

user_pref("extensions.ividi.srchPrvdr", "Search ");

user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=");

user_pref("extensions.ividi.dnsErr", true);

user_pref("extensions.ividi.newTab", true);

user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=b4998904000000000000001f3c2a7970&affilt=3");

---- Lines mysearchdial removed from user.js ----

user_pref("extensions.mysearchdial.hmpg", true);

user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0CtB0AyBzyyBtDzzzytDyEtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1289320101&ir=");

user_pref("extensions.mysearchdial.dfltSrch", true);

user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");

user_pref("extensions.mysearchdial.dnsErr", true);

user_pref("extensions.mysearchdial_i.newTab", false);

user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dnldmsd&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0CtB0AyBzyyBtDzzzytDyEtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1289320101&ir=");

user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dnldmsd&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0CtB0AyBzyyBtDzzzytDyEtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1289320101&ir=&q=");

user_pref("extensions.mysearchdial.id", "001F3C2A79708904");

user_pref("extensions.mysearchdial.instlDay", "15919");

user_pref("extensions.mysearchdial.vrsn", "");

user_pref("extensions.mysearchdial.vrsni", "");

user_pref("extensions.mysearchdial_i.vrsnTs", "13:6:40");

user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");

user_pref("extensions.mysearchdial.prdct", "mysearchdial");

user_pref("extensions.mysearchdial.aflt", "dnldmsd");

user_pref("extensions.mysearchdial_i.smplGrp", "none");

user_pref("extensions.mysearchdial.tlbrId", "base");

user_pref("extensions.mysearchdial.instlRef", "");

user_pref("extensions.mysearchdial.dfltLng", "");

user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");

user_pref("extensions.mysearchdial.excTlbr", false);

user_pref("extensions.mysearchdial_i.hmpg", true);

user_pref("extensions.mysearchdial.cr", "1289320101");

user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtC0FtA0CtB0AyBzyyBtDzzzytDyEtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q");

---- FireFox user.js and prefs.js backups ----

user_112013_1250_.backup

prefs_112013_1250_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\Unitech LLC deleted

C:\Program Files\iVIDI.org plugin deleted

C:\Program Files\bestLyrics-34 deleted

C:\Program Files\MyPC Backup deleted

C:\Program Files\Common Files\AVG Secure Search deleted

C:\found.000 deleted

C:\Users\User\AppData\Roaming\Uniblue deleted

C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\Users\User\AppData\Roaming\Research In Motion deleted

C:\Users\User\AppData\Local\AVG Secure Search deleted

C:\Users\User\AppData\Local\Conduit deleted

C:\Users\Public\QuarkXPress Dependency Setup.exe deleted

C:\Users\Public\setup.exe deleted

C:\Users\Public\sdelevURL.tmp deleted

C:\Users\User\AppData\LocalLow\AVG Security Toolbar deleted

C:\Users\User\AppData\LocalLow\AVG Secure Search deleted

C:\Users\User\AppData\LocalLow\searchquband deleted

C:\Users\User\AppData\LocalLow\searchqutoolbar deleted

C:\Users\User\AppData\LocalLow\facemoods.com deleted

C:\Users\User\AppData\LocalLow\DataMngr deleted

C:\Users\User\AppData\LocalLow\Conduit deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\system32\tasks\bestLyrics-34-chromeinstaller deleted

C:\Windows\system32\tasks\bestLyrics-34-codedownloader deleted

C:\Windows\system32\tasks\bestLyrics-34-enabler deleted

C:\Windows\system32\tasks\bestLyrics-34-firefoxinstaller deleted

C:\Windows\system32\tasks\bestLyrics-34-updater deleted

C:\Windows\tasks\bestLyrics-34-chromeinstaller.job deleted

C:\Windows\tasks\bestLyrics-34-codedownloader.job deleted

C:\Windows\tasks\bestLyrics-34-enabler.job deleted

C:\Windows\tasks\bestLyrics-34-firefoxinstaller.job deleted

C:\Windows\tasks\bestLyrics-34-updater.job deleted

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted

C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\askcom.xml deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\Mysearchdial.xml deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\MyStart Search.xml deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\SearchResults.xml deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\Search_Results.xml deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchqutoolbar deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\CT2438727 deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\CT2786678 deleted

C:\Users\User\Setup_Full_Registered.exe deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\conduit deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\conduitCommon deleted

"C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\ividi.xml" deleted

"C:\Users\User\AppData\Roaming\Ofzyx\ocen.dov" deleted

"C:\Users\User\AppData\Roaming\Ofzyx\ocen.tmp" deleted

"C:\Users\User\AppData\Roaming\Ofzyx" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\User\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\system32 =====

2013-10-31 12:15:40 671BF94AEBB06EBA93354853D577EFFB 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe

2013-10-31 12:15:40 46978DB392281618885EDD80EDB34137 71048 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

2013-10-31 12:15:41 F5F117DBC69EC8199F82004E3FF54077 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-31 12:15:41 24FD7051BADB2E630929A9E94F8D7718 3682 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-31 11:38:29 -------- d-----w- C:\Program Files\trend micro

2013-10-30 13:22:13 -------- d-----w- C:\Program Files\ERUNT

2013-10-24 18:00:14 -------- d-----w- C:\Program Files\Common Files\snp2uvc

2013-10-13 12:41:48 -------- d-----w- C:\Program Files\iPod

2013-10-13 12:41:46 -------- d-----w- C:\Program Files\iTunes

2013-10-13 12:38:28 -------- d-----w- C:\Program Files\Apple Software Update

2013-10-13 11:50:20 -------- d-----w- C:\Program Files\jZip

======= C: =====

====== C:\Users\User\AppData\Roaming ======

2013-10-24 17:06:01 -------- d-----w- C:\Users\User\AppData\Roaming\Unitech LLC

2013-10-24 17:00:44 -------- d-----w- C:\Users\User\AppData\Roaming\AVG2014

2013-10-24 16:59:10 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014

2013-10-24 16:54:58 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014

2013-10-24 16:38:27 -------- d-----w- C:\Users\User\AppData\Local\Avg2014

2013-10-08 13:14:00 -------- d-----w- C:\Users\User\AppData\Local\Spotify

2013-10-08 13:08:52 -------- d-----w- C:\Users\User\AppData\Roaming\Spotify

====== C:\Users\User ======

2013-10-31 11:37:42 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\User\Desktop\RSIT.exe

2013-10-30 13:22:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

2013-10-30 13:21:03 933169EEE58B90EB0900CD3B0AF02FD8 791393 ----a-w- C:\Users\User\Desktop\erunt-setup.exe

2013-10-28 17:37:54 7CF723BAD645B426E9EA9CED7E4E49D0 2865080 ----a-w- C:\Users\User\Desktop\453_karaoke_songs_thm06_mp3.cdg.exe

2013-10-28 16:56:03 C6D230626FC374972A057C096B56048E 324991 ----a-w- C:\Users\User\KCLOUD_DTE.pdf

2013-10-24 16:55:08 -------- d-----w- C:\ProgramData\AVG2014

2013-10-15 13:50:52 823DF4B36AA10F3BBFCB2BF4E6192A30 100721 ----a-w- C:\Users\User\529165_10201477125797256_75829981_n.jpg

2013-10-15 13:48:24 EEC6195E7CC7A127E7F227DB356AB978 57162 ----a-w- C:\Users\User\480526_10151002459950800_11452403_n.jpg

2013-10-15 13:47:34 F94E4D52E874260959FD84F8381F599C 144532 ----a-w- C:\Users\User\1064978_561848020544987_373758459_o.jpg

2013-10-15 11:57:57 -------- d-----w- C:\Users\User\New Folder

2013-10-13 12:42:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-10-13 12:41:46 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-10-13 11:47:01 -------- d-----w- C:\Users\User\all zip files for ipad 2

====== C: exe-files ==

2013-10-31 12:15:40 671BF94AEBB06EBA93354853D577EFFB 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe

2013-10-31 11:38:30 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe

2013-10-31 11:37:42 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\User\Desktop\RSIT.exe

2013-10-30 13:21:03 933169EEE58B90EB0900CD3B0AF02FD8 791393 ----a-w- C:\Users\User\Desktop\erunt-setup.exe

2013-10-28 17:37:54 7CF723BAD645B426E9EA9CED7E4E49D0 2865080 ----a-w- C:\Users\User\Desktop\453_karaoke_songs_thm06_mp3.cdg.exe

=== C: other files ==

2013-11-02 11:49:48 F95CE252E2292D65D0C446EEE6B22AA8 15570989 ----a-w- C:\Users\Public\Desktop\sample_112013_1249.zip

==== Folders in C:\ProgramData 0-6 Months Old ======================

2013-10-13 12:41:46 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-10-24 16:55:08 -------- d-----w- C:\ProgramData\AVG2014

2013-10-31 12:15:46 -------- d-----w- C:\ProgramData\McAfee Security Scan

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [21/02/2013 13:58]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default

- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

- Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- bestLyrics-34 - %ProfilePath%\extensions\3fe3e99e-6ac7-4996-bc83-e4a963a1ce42@a89bad3e-4379-43b5-a94f-0dfcf2f8a23f.com

- BlackFox V2 - %ProfilePath%\extensions\zigboom@hotmail.com

- Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi

- flaminglow - %ProfilePath%\extensions\flaminglow-ff3-30@glowplug.bitasylum.net.xpi

- glowygold - %ProfilePath%\extensions\glowygold-ff3-30@glowplug.bitasylum.net.xpi

- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi

- ScrapBook - %ProfilePath%\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi

- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- Red Cats blue flavor - %ProfilePath%\extensions\{ff356687-aa08-463d-a46c-11c451824939}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

D71FD9D50DEE32075F0D4F93CE2051ED - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

AFD9010DC500096809C2784551909304 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U15

1B197A0ED28DB310AB67591567C3787A - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.150.3

7F776D29CE1EC62F9D30BD877A40D419 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

63B0AF5D8FED833D39981C54C988C749 - C:\Program Files\Mozilla Firefox\plugins\npffividiplg.dll - iVIDI.org plug-in

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

C3E42CBF8215171A524D123A54AE3233 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll - Silverlight Plug-In

60365D4C8743A4065B1C1B493BC29171 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader

65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)

01F0264937036BD962563F1ADF35CE72 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin

683E6C0D2DE6B09E173B193D6B8D1CB1 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5

683E6C0D2DE6B09E173B193D6B8D1CB1 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5

E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5

E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5

CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5

CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5

A60B3186F98F589E4F8001A4C720702A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5

A60B3186F98F589E4F8001A4C720702A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5

EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5

EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5

840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5

840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5

DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5

DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

AEA2784CF359F361D454B9B39E07C56B - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrlui.dll - Microsoft ® Silverlight

==== Deleted Firefox Extensions ======================

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\3fe3e99e-6ac7-4996-bc83-e4a963a1ce42@a89bad3e-4379-43b5-a94f-0dfcf2f8a23f.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bejbohlohkkgompgecdcbbglkpjfjgdj - C:\Users\User\AppData\Local\Temp\ccex.crx[]

giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files\iVIDI.org plugin\ividiplg.crx[]

kpdhgpkkloealnjnmepfhanpcleldbef - C:\Program Files\Unitech LLC\ividi\1.8.23.0\ividi.crx[]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[07/02/2013 06:47]

Google Drive - User - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - User - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - User - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

bestLyrics-34 - User - Default\Extensions\ehlgkojapenoffkkjcdgmbainnhbkjnl

iVIDI.org plugin - User - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol

iVidi Chrome Toolbar - User - Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef

Chrome In-App Payments service - User - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

DivX Plus Web Player HTML5 \u003Cvideo\u003E - User - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

Gmail - User - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlgkojapenoffkkjcdgmbainnhbkjnl deleted successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehlgkojapenoffkkjcdgmbainnhbkjnl_0.localstorage deleted successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehlgkojapenoffkkjcdgmbainnhbkjnl_0.localstorage-journal deleted successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ehlgkojapenoffkkjcdgmbainnhbkjnl_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.ividi.org/?src=tbhp&id=b4998904000000000000001f3c2a7970&affilt=3"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.ividi.org/?q={searchTerms}&src=tbnt&id=b4998904000000000000001f3c2a7970&affilt=3"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{5AC55A0D-858C-4E4D-9D2E-D1BCFE7BCC29}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5AC55A0D-858C-4E4D-9D2E-D1BCFE7BCC29}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClickPotatoLiteSA deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateStar Drivers deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\gca71xw1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 02/11/2013 at 12:59:51.35 ======================

Link naar reactie
Delen op andere sites

Even een analyse tool

Download OTL naar je Bureaublad

  • Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
  • Zet een vinkje bij Scan All Users.
  • Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
    • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

Link naar reactie
Delen op andere sites

OTL logfile created on: 08/11/2013 09:46:21 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19088)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 67.07% Memory free

6.19 Gb Paging File | 5.35 Gb Available in Paging File | 86.45% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111.19 Gb Total Space | 51.59 Gb Free Space | 46.40% Space Free | Partition Type: NTFS

Drive D: | 107.69 Gb Total Space | 43.37 Gb Free Space | 40.27% Space Free | Partition Type: NTFS

Computer Name: ACER | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/08 09:45:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.com

PRC - [2013/10/18 13:22:56 | 001,140,736 | ---- | M] (Spotify Ltd) -- C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2013/10/07 18:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe

PRC - [2013/10/03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe

PRC - [2013/09/25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe

PRC - [2013/09/15 22:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe

PRC - [2013/09/03 21:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe

PRC - [2013/08/20 22:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe

PRC - [2012/02/26 23:02:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIVE.EXE

PRC - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe

PRC - [2011/06/28 19:12:32 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

PRC - [2009/04/11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2010/03/22 14:07:16 | 000,175,104 | ---- | M] () -- C:\Program Files\4shared Desktop\CMenu.dll

MOD - [2008/05/08 22:14:24 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe -- (SGNITIQPEOFL)

SRV - File not found [On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe -- (HDYEHKZ)

SRV - File not found [On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\CSPEH.exe -- (CSPEH)

SRV - [2013/10/31 13:15:40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/10/03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2013/09/25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)

SRV - [2013/04/18 11:14:29 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/03/01 11:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)

SRV - [2011/06/28 19:12:32 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)

SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewdcsc.sys -- (Huawei)

DRV - [2013/09/25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)

DRV - [2013/09/10 21:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2013/09/08 21:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2013/09/02 09:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2013/09/02 09:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2013/09/02 09:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2013/09/02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2013/08/20 21:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2013/08/01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2013/08/01 08:54:20 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2010/09/01 13:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)

DRV - [2010/09/01 13:33:12 | 000,050,304 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)

DRV - [2010/09/01 13:33:12 | 000,009,728 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)

DRV - [2010/09/01 13:33:10 | 000,085,888 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)

DRV - [2008/07/25 19:18:52 | 000,033,792 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2a.sys -- (TASCAM_US122L_WDM)

DRV - [2008/07/25 19:18:08 | 000,018,944 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2m.sys -- (TASCAM_US122L_MIDI)

DRV - [2008/07/25 19:17:36 | 000,367,616 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tascusb2.sys -- (TASCAM_US122144)

DRV - [2008/05/09 01:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)

DRV - [2007/08/13 13:54:22 | 001,749,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)

DRV - [2007/08/08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007/08/07 14:24:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2007/03/28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)

DRV - [2006/11/23 18:20:06 | 000,018,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {5B7706E6-3034-21B5-1074-6208B644849D}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN UK - Outlook.com formerly Hotmail, Bing, Skype and Latest News

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 E2 ED 65 C6 74 CA 01 [binary data]

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33

FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21

FF - prefs.js..extensions.enabledAddons: %7B53A03D43-5363-4669-8190-99061B2DEBA5%7D:1.5.8

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\User\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/02/21 13:58:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/18 11:14:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/28 18:40:50 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/18 11:14:30 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/28 18:40:50 | 000,000,000 | ---D | M]

[2013/10/24 20:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions

[2010/09/09 12:45:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com

[2013/11/02 13:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions

[2012/01/17 11:37:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2013/08/27 15:33:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2013/10/08 14:11:38 | 000,000,000 | ---D | M] (BlackFox V2) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\zigboom@hotmail.com

[2013/08/27 14:19:34 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\adblockpopups@jessehakanen.net.xpi

[2012/01/16 17:33:00 | 002,581,018 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\flaminglow-ff3-30@glowplug.bitasylum.net.xpi

[2012/01/16 17:32:54 | 002,281,245 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\glowygold-ff3-30@glowplug.bitasylum.net.xpi

[2013/10/24 17:32:41 | 002,737,915 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\nasanightlaunch@example.com.xpi

[2013/10/11 12:17:25 | 000,850,224 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi

[2013/08/02 09:27:28 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

[2013/10/11 13:20:17 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013/10/24 17:32:04 | 001,195,896 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\{ff356687-aa08-463d-a46c-11c451824939}.xpi

[2013/08/10 09:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/04/18 11:14:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2013/02/21 13:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

[2013/04/18 11:14:30 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/11/05 19:12:28 | 000,172,032 | ---- | M] (iVIDI.org) -- C:\Program Files\mozilla firefox\plugins\npffividiplg.dll

[2013/04/18 11:14:27 | 000,001,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml

[2013/04/18 11:14:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2013/04/18 11:14:27 | 000,001,148 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml

[2013/04/18 11:14:27 | 000,001,379 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml

[2013/04/18 11:14:27 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

[2013/04/18 11:14:27 | 000,001,334 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - Extension: Google Docs = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\

CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\

CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\

CHR - Extension: Google Wallet = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_1\

CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-2286521827-2552126233-756588910-1000..\Run: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE (SEIKO EPSON CORPORATION)

O4 - HKU\S-1-5-21-2286521827-2552126233-756588910-1000..\Run: [fsm] File not found

O4 - HKU\S-1-5-21-2286521827-2552126233-756588910-1000..\Run: [spotify Web Helper] C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.15.2)

O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{344B84F1-73BE-4B04-9E5E-313DD545CA7D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CAE3D71-3C89-49E0-921B-60654D002DCB}: DhcpNameServer = 80.58.61.250 80.58.61.254

O18 - Protocol\Handler\livecall - No CLSID value found

O18 - Protocol\Handler\msnim - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{38a8cc80-92a5-11e0-9d16-8e343c86b69c}\Shell\AutoRun\command - "" = autorun.exe

O33 - MountPoints2\{38a8cc80-92a5-11e0-9d16-8e343c86b69c}\Shell\open\command - "" = autorun.exe

O33 - MountPoints2\{67845589-db58-11de-8955-001e683f07d3}\Shell\AutoRun\command - "" = WD_Windows_Tools\setup.exe

O33 - MountPoints2\{91926928-421d-11df-9f77-001e683f07d3}\Shell - "" = AutoRun

O33 - MountPoints2\{91926928-421d-11df-9f77-001e683f07d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{a66c3b94-d905-11de-9b54-001e683f07d3}\Shell - "" = AutoRun

O33 - MountPoints2\{a66c3b94-d905-11de-9b54-001e683f07d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{e564f2fa-37ab-11e0-bca8-001e683f07d3}\Shell - "" = AutoRun

O33 - MountPoints2\{e564f2fa-37ab-11e0-bca8-001e683f07d3}\Shell\AutoRun\command - "" = F:\setup.exe

O33 - MountPoints2\{e564f2fe-37ab-11e0-bca8-001e683f07d3}\Shell - "" = AutoRun

O33 - MountPoints2\{e564f2fe-37ab-11e0-bca8-001e683f07d3}\Shell\AutoRun\command - "" = F:\setup.exe

O33 - MountPoints2\{ebe24485-a02d-11e1-86f4-bb401d358903}\Shell - "" = AutoRun

O33 - MountPoints2\{ebe24485-a02d-11e1-86f4-bb401d358903}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence

O33 - MountPoints2\{ebe244af-a02d-11e1-86f4-b3b4735106cc}\Shell - "" = AutoRun

O33 - MountPoints2\{ebe244af-a02d-11e1-86f4-b3b4735106cc}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/08 09:45:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.com

[2013/11/05 11:13:34 | 000,000,000 | ---D | C] -- C:\Users\User\Music

[2013/11/02 12:59:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/11/02 12:56:10 | 000,000,000 | ---D | C] -- C:\Windows\Temp

[2013/11/02 12:56:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp

[2013/11/02 12:49:41 | 000,000,000 | ---D | C] -- C:\zoek

[2013/11/02 12:42:08 | 000,000,000 | ---D | C] -- C:\zoek_backup

[2013/10/31 12:38:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro

[2013/10/31 12:38:29 | 000,000,000 | ---D | C] -- C:\rsit

[2013/10/30 14:22:51 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2013/10/30 14:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2013/10/30 14:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT

[2013/10/24 19:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\snp2uvc

[2013/10/24 18:06:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Unitech LLC

[2013/10/24 18:00:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG2014

[2013/10/24 17:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014

[2013/10/24 17:38:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg2014

[2013/10/15 12:57:57 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\New Folder

[2013/10/13 15:38:06 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ZIP FILES

[2013/10/13 13:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/10/13 13:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/10/13 13:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/10/13 13:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/10/13 13:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2013/10/13 12:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\jZip

[2013/10/13 12:47:01 | 000,000,000 | ---D | C] -- C:\Users\User\all zip files for ipad 2

========== Files - Modified Within 30 Days ==========

[2013/11/08 09:50:14 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D6A5BA18-8CD6-4C00-B34F-1C1CF83A5543}.job

[2013/11/08 09:46:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/11/08 09:45:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.com

[2013/11/08 09:39:36 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/11/08 09:39:36 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/11/08 09:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/11/08 09:34:57 | 000,002,593 | ---- | M] () -- C:\Users\User\Desktop\Microsoft Office Outlook 2007.lnk

[2013/11/08 09:34:03 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/11/08 09:33:59 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/11/08 09:33:50 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/11/08 09:33:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/11/08 09:33:34 | 3217,494,016 | -HS- | M] () -- C:\hiberfil.sys

[2013/11/05 12:56:08 | 000,002,587 | ---- | M] () -- C:\Users\User\Desktop\ NBVC (5).lnk

[2013/11/05 10:59:17 | 000,193,024 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/11/02 12:42:07 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe

[2013/10/30 14:32:37 | 000,005,839 | ---- | M] () -- C:\Users\User\Documents\hijackthis007

[2013/10/28 18:00:33 | 000,150,722 | ---- | M] () -- C:\Users\User\karafuncatalog_uk.pdf

[2013/10/28 17:59:53 | 001,002,598 | ---- | M] () -- C:\Users\User\karafuncatalog_uk_all.pdf

[2013/10/28 17:56:04 | 000,324,991 | ---- | M] () -- C:\Users\User\KCLOUD_DTE.pdf

[2013/10/24 20:10:49 | 000,260,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/10/24 17:57:29 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk

[2013/10/15 14:50:54 | 000,100,721 | ---- | M] () -- C:\Users\User\529165_10201477125797256_75829981_n.jpg

[2013/10/15 14:48:29 | 000,057,162 | ---- | M] () -- C:\Users\User\480526_10151002459950800_11452403_n.jpg

[2013/10/15 14:47:38 | 000,144,532 | ---- | M] () -- C:\Users\User\1064978_561848020544987_373758459_o.jpg

[2013/10/15 14:40:57 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/10/13 13:42:27 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/10/13 12:51:40 | 000,000,740 | ---- | M] () -- C:\Users\User\Desktop\jZip.lnk

========== Files Created - No Company Name ==========

[2013/11/02 12:56:10 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe

[2013/10/31 13:15:41 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/10/30 14:32:37 | 000,005,839 | ---- | C] () -- C:\Users\User\Documents\hijackthis007

[2013/10/28 18:00:33 | 000,150,722 | ---- | C] () -- C:\Users\User\karafuncatalog_uk.pdf

[2013/10/28 17:59:45 | 001,002,598 | ---- | C] () -- C:\Users\User\karafuncatalog_uk_all.pdf

[2013/10/28 17:56:03 | 000,324,991 | ---- | C] () -- C:\Users\User\KCLOUD_DTE.pdf

[2013/10/24 17:57:29 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk

[2013/10/15 14:50:52 | 000,100,721 | ---- | C] () -- C:\Users\User\529165_10201477125797256_75829981_n.jpg

[2013/10/15 14:48:24 | 000,057,162 | ---- | C] () -- C:\Users\User\480526_10151002459950800_11452403_n.jpg

[2013/10/15 14:47:34 | 000,144,532 | ---- | C] () -- C:\Users\User\1064978_561848020544987_373758459_o.jpg

[2013/10/13 13:42:27 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/10/13 13:38:29 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2013/10/13 12:51:40 | 000,000,770 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk

[2013/10/13 12:51:40 | 000,000,740 | ---- | C] () -- C:\Users\User\Desktop\jZip.lnk

[2013/07/02 12:15:01 | 000,053,734 | ---- | C] () -- C:\Users\User\282741_420147591400807_286203601_n.jpg

[2013/05/28 17:26:28 | 000,021,377 | ---- | C] () -- C:\Users\User\T116672232.pdf

[2012/12/24 12:14:38 | 000,279,121 | ---- | C] () -- C:\Users\User\photo.JPG

[2012/12/24 12:11:24 | 000,495,258 | ---- | C] () -- C:\Users\User\meandmydeb.jpg

[2012/12/24 12:07:37 | 000,495,258 | ---- | C] () -- C:\Users\User\meand mydeb.jpg

[2012/10/24 11:52:22 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys

[2012/10/24 11:52:22 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys

[2012/10/24 11:52:22 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys

[2012/10/24 11:52:22 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys

[2012/10/24 11:52:21 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll

[2012/10/24 11:52:21 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

[2012/10/24 11:52:21 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini

[2012/10/24 11:52:21 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini

[2012/09/14 12:08:44 | 000,913,149 | ---- | C] () -- C:\Users\User\DSC00800.jpg

[2012/09/14 12:08:26 | 000,903,380 | ---- | C] () -- C:\Users\User\My man and me.jpg

[2012/06/24 10:15:23 | 000,000,375 | ---- | C] () -- C:\Users\User\Pictures.lnk

[2012/05/30 12:09:05 | 000,000,558 | ---- | C] () -- C:\Users\User\DALIDA Ti amo - Shortcut.lnk

[2012/02/09 15:11:50 | 000,010,286 | ---- | C] () -- C:\Users\User\397575_308295802544150_179578625415869_906098_1180149251_n.jpg

[2011/09/25 14:51:40 | 000,202,262 | ---- | C] () -- C:\Users\User\champagne_glasses.jpg

[2011/06/27 18:26:36 | 000,232,496 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

[2011/05/30 11:51:48 | 004,510,704 | ---- | C] () -- C:\Users\User\bpmpro4-manual-en.pdf

[2011/05/30 11:51:44 | 004,389,473 | ---- | C] () -- C:\Users\User\bpmpro4-manual-de.pdf

[2011/04/16 14:12:43 | 000,372,179 | ---- | C] () -- C:\Users\User\VDJ5-UserGuide_for_Updates.pdf

[2011/03/27 07:42:58 | 000,153,250 | ---- | C] () -- C:\Users\User\172249_105912529484017_100001958112883_47147_2462797_o.jpg

[2011/02/22 05:47:19 | 028,212,348 | ---- | C] () -- C:\Users\User\Phils mix rev0.wav

[2011/01/21 16:04:21 | 000,004,219 | ---- | C] () -- C:\Users\User\images.jpg

[2011/01/19 18:21:55 | 029,818,344 | ---- | C] () -- C:\Users\User\something stupid.wav

[2011/01/10 12:47:53 | 000,145,095 | ---- | C] () -- C:\Users\User\lets_party_clear.gif

[2010/05/07 17:23:06 | 002,760,619 | ---- | C] () -- C:\Users\User\SPC014 - 23 - Williams, Andy - Moon River.mp3

[2010/05/07 17:23:06 | 001,241,664 | ---- | C] () -- C:\Users\User\SPC014 - 23 - Williams, Andy - Moon River.cdg

[2010/03/23 10:29:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2009/11/24 15:47:21 | 000,193,024 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/24 12:59:10 | 000,007,620 | ---- | C] () -- C:\Users\User\AppData\Local\d3d9caps.dat

[2008/09/15 12:55:03 | 003,056,117 | ---- | C] () -- C:\Users\User\Singin' in the rain.mp3

[2008/09/15 12:55:03 | 001,375,200 | ---- | C] () -- C:\Users\User\Singin' in the rain.cdg

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 14:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 14:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/24 12:03:09 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2012/12/24 12:03:09 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2011/01/20 11:47:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\4shared Desktop

[2009/12/08 13:12:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Anvil Studio

[2013/10/24 18:00:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2014

[2011/09/15 15:11:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Camfrog

[2012/01/17 11:37:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft

[2011/08/21 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EasyBurner

[2013/09/09 13:38:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Epson

[2011/10/18 18:27:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FreeBurner

[2011/09/16 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\InfraRecorder

[2010/04/29 10:39:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nikon

[2011/01/16 09:17:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan

[2009/12/07 10:21:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Roni Music

[2013/08/10 09:27:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Shareaza

[2010/10/12 08:18:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Software Informer

[2013/11/05 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Spotify

[2009/11/26 15:25:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Steinberg

[2009/11/24 15:35:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Telefónica Móviles

[2013/07/15 11:59:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software

[2013/10/24 18:06:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unitech LLC

[2011/04/15 11:00:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\UpdateStar Drivers

[2010/05/30 08:49:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VistaCodecs

[2012/05/17 16:16:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vodafone

[2010/06/10 20:32:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Voipwise

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

OTL Extras logfile created on: 08/11/2013 09:46:21 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19088)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 67.07% Memory free

6.19 Gb Paging File | 5.35 Gb Available in Paging File | 86.45% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111.19 Gb Total Space | 51.59 Gb Free Space | 46.40% Space Free | Partition Type: NTFS

Drive D: | 107.69 Gb Total Space | 43.37 Gb Free Space | 40.27% Space Free | Partition Type: NTFS

Computer Name: ACER | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2286521827-2552126233-756588910-1000]

"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03096B1A-BC9E-48DC-BF66-C86D6DC8086C}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |

"{0BD181BD-0DBD-43FB-A8DD-C55741C19AA1}" = lport=2869 | protocol=6 | dir=in | app=system |

"{1B61B84C-B1CA-42C5-A55B-9FC11DEFB5DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{2207CEF1-D0A0-4940-AFC2-6FCBA8B0D6B5}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |

"{2DCF1B56-2B7C-454E-9074-AA467739D5F1}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |

"{3D9E54E4-F2FD-4BB8-BE33-DC3774437889}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{59601BE6-84D2-415B-AE4A-2F2011A3A59A}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |

"{A38F8514-F3EF-41C6-9881-58F998DAF7F9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{E93E1D1F-5D1B-45BF-B0A1-DDCAA5803A94}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00153DAC-82DF-4468-A2BC-51DF79646553}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{2035E9C4-DD19-4DD3-9290-881713CA4B17}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{216DA411-B59F-4D63-BF68-4C3D54146D9D}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |

"{33EA6315-82BA-4B6D-8671-34222D94A568}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |

"{3BD4614A-4D59-472C-94EF-EAB8EBD3E612}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |

"{3F0D111D-10D4-4862-AAFD-316447025676}" = protocol=17 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{416705C0-BE5A-478B-ADD6-A28C5B518D66}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |

"{497DF067-388F-4F12-ACE4-0F7B37D51707}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |

"{55C7ABFB-AC38-4882-8708-FFA30D9AE2D9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{733931E4-1D89-484D-AA18-CDDCC16D6B97}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{871DFDB4-3A6F-4D15-8868-6B3AAC046C21}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |

"{928F06A1-9316-468F-8135-85E72EA740EC}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |

"{965F8881-BA51-459A-8892-C3EF9197EDCB}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{A16C64A4-7119-47FC-B302-8E908B95D952}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |

"{B247F53F-C36A-4E80-A6E1-FEA9789011B6}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{B73F6857-4B3E-4E9E-8E93-BECA361F64B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{BEBC6A53-8FE8-4236-9A6A-6AB4285D1739}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{C05FED83-710C-4385-B7D6-13A4EE7FC132}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{C0ADC15B-C873-488A-9F27-C0BCD9F43D67}" = protocol=6 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{C0D0D195-7043-432A-85FE-98004BD17D1B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{DA709131-6BFC-4937-A111-7452E3070A62}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{F4143777-2206-455F-8BFA-0DFDD3C8799C}" = dir=in | app=c:\program files\itunes\itunes.exe |

"{F6317A15-F82F-4810-A846-6163E3C123D5}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"TCP Query User{162FB524-0FE0-4617-99C1-C25B7E218403}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{1AAF3588-CA6A-45FB-9D78-D9865A0A446E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |

"TCP Query User{3AA0D60B-E1D1-4177-96BA-494B7FDC6C15}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |

"TCP Query User{51E269CF-8BC8-41A7-A8B5-04688B20DBCD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

"TCP Query User{855AE488-1E5B-4A49-9A8B-37CA412B35B7}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"TCP Query User{B9EDBF41-F624-4C12-B378-F141F8B2C645}C:\program files\voipwise.com\voipwise\voipwise.exe" = protocol=6 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |

"TCP Query User{BF4F3E52-1F2B-4EEB-9EFA-52D54F4320CA}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |

"TCP Query User{C2FBE204-78CC-4EF1-9471-C31B8CFB87F0}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe |

"TCP Query User{CC05E651-3D05-4259-B504-F6CAD1C37F17}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{E0A41D9F-F746-4DD9-B61F-2C0D42A897CC}C:\users\user\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\user\downloads\utorrent.exe |

"UDP Query User{1395958A-D4D7-46E2-BCC2-B06B0B497856}C:\program files\voipwise.com\voipwise\voipwise.exe" = protocol=17 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |

"UDP Query User{14B7154A-7D76-4354-B71B-8CA620DD121F}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |

"UDP Query User{1AF7ADDD-746E-47F7-9D2D-5D0FB432F5B2}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

"UDP Query User{3C66DABB-B79B-49D3-A81E-02631175059A}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |

"UDP Query User{927857EA-0022-4781-BBAC-1A9EC7395A41}C:\users\user\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\user\downloads\utorrent.exe |

"UDP Query User{A57F78BD-32B5-4387-A8D5-B0C0FACA9D8D}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe |

"UDP Query User{AC34401B-A4DC-4475-AD9A-1CEF94DF3DC9}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |

"UDP Query User{B9A0ABAA-5304-4581-9C7D-BACB6A2E7B58}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"UDP Query User{F5DED763-9AE9-4A0D-A330-3697BB7E491E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{FD8D05ED-01C6-42B4-94BC-FC1856E627A3}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}" = Catalyst Control Center - Branding

"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime

"{19B4BDE9-0F2B-44FF-FDC4-987E1B33D03C}" = CCC Help English

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15

"{26E2E4FB-F26A-549E-5496-14BAE4E2BA67}" = Catalyst Control Center Graphics Full Existing

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera

"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{653F6FEA-643C-457F-774A-64D4DAAE1028}" = Catalyst Control Center Graphics Previews Vista

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in

"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007

"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A737E18A-5171-40D0-8034-7DD243420081}" = Software Updater

"{A79CB508-2DD7-F717-8787-C6382C274082}" = Catalyst Control Center Graphics Light

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AACF5D06-EF3A-1941-3492-1E60589CA444}" = ccc-utility

"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.5

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{BCB0CE1E-7510-3948-4834-99BBA689CF62}" = Catalyst Control Center Core Implementation

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C76DAFAE-5E59-44AB-2764-70BC79E0D4B2}" = Skins

"{C843A209-D367-453E-86E0-1D105F4A17EE}" = MUkoTE

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D013644E-F890-49A4-0DE9-8E4BBD18A406}" = ATI Catalyst Install Manager

"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D7C49EC6-4DEA-7A7A-860D-78D613C68B8C}" = ccc-core-static

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{E05D82D8-FE70-4228-B073-B0C07FE27595}" = iTunes

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EEAFDDCF-0B0E-44DB-995B-886FB139CF1F}" = AVG 2014

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5A630D4-3D7D-6EEC-5DAE-41835DC0A1DA}" = Catalyst Control Center Graphics Full New

"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"1489-3350-5074-6281" = JDownloader 0.9

"4shared Desktop" = 4shared Desktop

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1

"Applian Director2.1" = Applian Director

"AVG" = AVG 2014

"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0

"BugPack1" = Beta Bugs BugPack1 VST

"CCleaner" = CCleaner

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP

"CodeStuff Starter" = CodeStuff Starter

"DivX Setup" = DivX Setup

"Epson Connect Guide" = Epson Connect Guide

"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver

"EPSON Scanner" = EPSON Scan

"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall

"EPSON WF-2530 Series" = EPSON WF-2530 Series Printer Uninstall

"ERUNT_is1" = ERUNT 1.1j

"FLV Player" = FLV Player 2.0 (build 25)

"Free Easy Burner_is1" = Free Easy Burner V 5.0

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228

"Google Chrome" = Google Chrome

"InfraRecorder" = InfraRecorder

"KaraFun_is1" = KaraFun 1.18

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 20.0.1 (x86 en-GB)" = Mozilla Firefox 20.0.1 (x86 en-GB)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Software Informer_is1" = Software Informer 1.0 BETA

"STANDARD" = Microsoft Office Standard 2007

"Syncrosoft License Control" = Syncrosoft License Control

"USB_AUDIO_DEusb-audio.deTascam" = US-122L / US-144 driver

"Van Dale pocketwoordenboeken" = Van Dale pocketwoordenboeken

"VMidi" = vanBasco's Karaoke Player

"Voipwise_is1" = Voipwise

"WF-2530 Series Netg" = Epson Network Guide WF-2530 Series

"WF-2530 Series Useg" = Epson User's Guide WF-2530 Series

"WinLiveSuite" = Windows Live Essentials

"Xvid_is1" = Xvid 1.2.1 final uninstall

"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2286521827-2552126233-756588910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"jZip" = jZip

"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 23/09/2012 13:52:31 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:52:46 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:52:46 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:52:46 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:53:02 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:53:02 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 13:53:02 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 14:35:23 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 14:35:23 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

Error - 23/09/2012 14:35:23 | Computer Name = Acer | Source = Bonjour Service | ID = 100

Description =

[ OSession Events ]

Error - 04/12/2009 15:09:38 | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 119

seconds with 0 seconds of active time. This session ended with a crash.

Error - 02/07/2013 08:19:02 | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1195

seconds with 960 seconds of active time. This session ended with a crash.

Error - 15/10/2013 10:54:38 | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 121

seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 02/11/2013 07:50:42 | Computer Name = Acer | Source = Service Control Manager | ID = 7030

Description =

Error - 02/11/2013 07:50:43 | Computer Name = Acer | Source = Service Control Manager | ID = 7030

Description =

Error - 02/11/2013 07:50:44 | Computer Name = Acer | Source = Service Control Manager | ID = 7030

Description =

Error - 02/11/2013 08:01:16 | Computer Name = Acer | Source = Service Control Manager | ID = 7000

Description =

Error - 02/11/2013 09:57:08 | Computer Name = Acer | Source = atapi | ID = 262155

Description = The driver detected a controller error on \Device\Ide\IdePort2.

Error - 02/11/2013 09:57:08 | Computer Name = Acer | Source = atapi | ID = 262155

Description = The driver detected a controller error on \Device\Ide\IdePort2.

Error - 02/11/2013 09:57:08 | Computer Name = Acer | Source = atapi | ID = 262155

Description = The driver detected a controller error on \Device\Ide\IdePort2.

Error - 02/11/2013 10:01:53 | Computer Name = Acer | Source = volsnap | ID = 393230

Description = The shadow copies of volume C: were aborted because of an IO failure

on volume C:.

Error - 05/11/2013 05:15:54 | Computer Name = Acer | Source = Service Control Manager | ID = 7000

Description =

Error - 08/11/2013 04:34:54 | Computer Name = Acer | Source = Service Control Manager | ID = 7000

Description =

< End of report >

Link naar reactie
Delen op andere sites

Start 51a5d669693dd-icon_OTL.pngOTL opnieuw.

  • Kopieer en plak In het Custom Scans/Fixes 511b6a48b3416-customFix.png veld de onderstaande code.
     
    :Commands 
    [CREATERESTOREPOINT] 
    
    :OTL 
     IE - HKLM\..\SearchScopes,DefaultScope = {5B7706E6-3034-21B5-1074-6208B644849D}IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-21-2286521827-2552126233-756588910-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\msnim - No CLSID value found
    
    
    :Files 
    ipconfig /flushdns /c 
    :Commands 
    [PURITY] 
    [emptyjava] 
    [EMPTYFLASH] 
    [reboot] 
    


  • Klik op Run Fix bovenaan.
  • Laat het programma ongehinderd werken, herstart de computer als het klaar is en sla de log op die verschijnt.
  • Open OTL weer en klik op Quick Scan bovenaan.
  • Plaats de log van de "Quick Scan" en van de "Fix" beide als bijlage in het volgende bericht.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.