Ga naar inhoud

Banker Trojaans paard: Win32:Banker-KOG


Aanbevolen berichten

Avast gaf deze melding aan, laatste wat ik wil is een virus dat mijn bankgegevens probeert te achterhalen. Ik heb het in de tussentijd verwijderd maar heb geen idee welke bestanden geïnfecteerd zijn of wat er nog overgebleven is op mijn pc hiervan. Kan iemand mijn logje nakijken? Bedankt! :top:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Nadia at 2014-02-05 20:05:44

Microsoft® Windows Vista™ Home Basic Service Pack 1

System drive C: has 31 GB (14%) free of 223 GB

Total RAM: 2010 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:06:08, on 5/02/2014

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18639)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Windows\Explorer.EXE

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Bamboo Dock\BambooCore.exe

C:\Program Files\Greenshot\Greenshot.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Nadia\Downloads\RSIT.exe

C:\Program Files\trend micro\Nadia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [bambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--

End of file - 12127 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default

prefs.js - "browser.search.useDBForOrder" - true

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.44 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2]

"Description"=WebTablet Plugin API

"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]

"Description"=

"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

C:\Program Files\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

np-mswmp.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\extensions\

en-US@dictionaries.addons.mozilla.org

fr-dicollecte@dictionaries.addons.mozilla.org

nl-NL@dictionaries.addons.mozilla.org

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]

HistoryTriggerBHO Class - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-11-16 36208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-17 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-17 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-11-17 3810304]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-02-26 495708]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-01-16 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-01-16 173592]

"Persistence"=C:\Windows\system32\igfxpers.exe [2009-01-16 150552]

"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-06-09 2960032]

"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-05 288040]

"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-06-07 421776]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

""= []

"BambooCore"=C:\Program Files\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

"Greenshot"=C:\Program Files\Greenshot\Greenshot.exe [2012-10-30 462848]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21 472992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]

"LG LinkAir"= []

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20587680]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-12-21 718720]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-08-15 5703920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Microsoft SharePoint Workspace.lnk - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2009-01-16 210432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"msacm.dvacm_vspx6"=c:\PROGRA~1\Corel\CORELV~2\COMMON~1\Vio\Dvacm.acm

======List of files/folders created in the last 1 month======

2014-02-05 20:05:44 ----D---- C:\rsit

2014-02-04 16:03:02 ----D---- C:\Users\Nadia\AppData\Roaming\Ulead Systems

2014-02-04 15:59:53 ----D---- C:\ProgramData\eSellerate

2014-02-04 15:58:56 ----D---- C:\Program Files\SmartSound Software

2014-02-04 15:58:51 ----D---- C:\ProgramData\SmartSound Software Inc

2014-02-04 15:57:25 ----D---- C:\Windows\RegisteredPackages

2014-02-04 15:57:20 ----HD---- C:\Windows\msdownld.tmp

2014-02-04 15:52:18 ----D---- C:\ProgramData\InterVideo

2014-02-04 15:25:31 ----D---- C:\Program Files\Windows Media Components

2014-02-04 15:23:50 ----A---- C:\Windows\system32\XAudio2_6.dll

2014-02-04 15:23:50 ----A---- C:\Windows\system32\XAPOFX1_4.dll

2014-02-04 15:23:49 ----A---- C:\Windows\system32\XAudio2_5.dll

2014-02-04 15:23:49 ----A---- C:\Windows\system32\xactengine3_6.dll

2014-02-04 15:23:49 ----A---- C:\Windows\system32\X3DAudio1_7.dll

2014-02-04 15:23:48 ----A---- C:\Windows\system32\xactengine3_5.dll

2014-02-04 15:23:47 ----A---- C:\Windows\system32\d3dcsx_42.dll

2014-02-04 15:23:47 ----A---- C:\Windows\system32\D3DCompiler_42.dll

2014-02-04 15:23:46 ----A---- C:\Windows\system32\d3dx11_42.dll

2014-02-04 15:23:46 ----A---- C:\Windows\system32\d3dx10_42.dll

2014-02-04 15:23:45 ----A---- C:\Windows\system32\D3DX9_42.dll

2014-02-04 15:23:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll

2014-02-04 15:23:44 ----A---- C:\Windows\system32\D3DX9_41.dll

2014-02-04 15:23:44 ----A---- C:\Windows\system32\d3dx10_41.dll

2014-02-04 15:23:43 ----A---- C:\Windows\system32\XAudio2_4.dll

2014-02-04 15:23:43 ----A---- C:\Windows\system32\XAPOFX1_3.dll

2014-02-04 15:23:43 ----A---- C:\Windows\system32\xactengine3_4.dll

2014-02-04 15:23:43 ----A---- C:\Windows\system32\X3DAudio1_6.dll

2014-02-04 15:23:42 ----A---- C:\Windows\system32\d3dx10_40.dll

2014-02-04 15:23:42 ----A---- C:\Windows\system32\D3DCompiler_40.dll

2014-02-04 15:23:41 ----A---- C:\Windows\system32\XAudio2_3.dll

2014-02-04 15:23:41 ----A---- C:\Windows\system32\XAPOFX1_2.dll

2014-02-04 15:23:41 ----A---- C:\Windows\system32\D3DX9_40.dll

2014-02-04 15:23:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll

2014-02-04 15:23:40 ----A---- C:\Windows\system32\xactengine3_3.dll

2014-02-04 15:23:40 ----A---- C:\Windows\system32\X3DAudio1_5.dll

2014-02-04 15:23:39 ----A---- C:\Windows\system32\XAudio2_2.dll

2014-02-04 15:23:39 ----A---- C:\Windows\system32\xactengine3_2.dll

2014-02-04 15:23:38 ----A---- C:\Windows\system32\D3DX9_39.dll

2014-02-04 15:23:38 ----A---- C:\Windows\system32\d3dx10_39.dll

2014-02-04 15:23:38 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2014-02-04 15:23:37 ----A---- C:\Windows\system32\XAudio2_1.dll

2014-02-04 15:23:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll

2014-02-04 15:23:36 ----A---- C:\Windows\system32\xactengine3_1.dll

2014-02-04 15:23:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll

2014-02-04 15:23:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll

2014-02-04 15:23:35 ----A---- C:\Windows\system32\D3DX9_38.dll

2014-02-04 15:23:35 ----A---- C:\Windows\system32\d3dx10_38.dll

2014-02-04 15:23:34 ----A---- C:\Windows\system32\XAudio2_0.dll

2014-02-04 15:23:34 ----A---- C:\Windows\system32\xactengine3_0.dll

2014-02-04 15:23:34 ----A---- C:\Windows\system32\X3DAudio1_3.dll

2014-02-04 15:23:33 ----A---- C:\Windows\system32\d3dx10_37.dll

2014-02-04 15:23:33 ----A---- C:\Windows\system32\D3DCompiler_37.dll

2014-02-04 15:23:32 ----A---- C:\Windows\system32\xactengine2_10.dll

2014-02-04 15:23:32 ----A---- C:\Windows\system32\D3DX9_37.dll

2014-02-04 15:23:31 ----A---- C:\Windows\system32\d3dx10_36.dll

2014-02-04 15:23:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll

2014-02-04 15:23:30 ----A---- C:\Windows\system32\d3dx9_36.dll

2014-02-04 15:23:28 ----A---- C:\Windows\system32\xactengine2_9.dll

2014-02-04 15:23:28 ----A---- C:\Windows\system32\d3dx10_35.dll

2014-02-04 15:23:28 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2014-02-04 15:23:27 ----A---- C:\Windows\system32\xactengine2_8.dll

2014-02-04 15:23:27 ----A---- C:\Windows\system32\X3DAudio1_2.dll

2014-02-04 15:23:27 ----A---- C:\Windows\system32\d3dx9_35.dll

2014-02-04 15:23:26 ----A---- C:\Windows\system32\d3dx10_34.dll

2014-02-04 15:23:26 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2014-02-04 15:23:25 ----A---- C:\Windows\system32\xinput1_3.dll

2014-02-04 15:23:25 ----A---- C:\Windows\system32\d3dx9_34.dll

2014-02-04 15:23:24 ----A---- C:\Windows\system32\xactengine2_7.dll

2014-02-04 15:23:23 ----A---- C:\Windows\system32\d3dx10_33.dll

2014-02-04 15:23:23 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2014-02-04 15:23:22 ----A---- C:\Windows\system32\xactengine2_6.dll

2014-02-04 15:23:22 ----A---- C:\Windows\system32\xactengine2_5.dll

2014-02-04 15:23:22 ----A---- C:\Windows\system32\d3dx9_33.dll

2014-02-04 15:23:21 ----A---- C:\Windows\system32\d3dx10.dll

2014-02-04 15:23:19 ----A---- C:\Windows\system32\d3dx9_32.dll

2014-02-04 15:23:16 ----A---- C:\Windows\system32\xactengine2_4.dll

2014-02-04 15:23:16 ----A---- C:\Windows\system32\x3daudio1_1.dll

2014-02-04 15:23:13 ----A---- C:\Windows\system32\d3dx9_31.dll

2014-02-04 15:23:12 ----A---- C:\Windows\system32\xactengine2_3.dll

2014-02-04 15:23:11 ----A---- C:\Windows\system32\xinput1_2.dll

2014-02-04 15:23:10 ----A---- C:\Windows\system32\xactengine2_2.dll

2014-02-04 15:23:09 ----A---- C:\Windows\system32\xinput1_1.dll

2014-02-04 15:23:08 ----A---- C:\Windows\system32\xactengine2_1.dll

2014-02-04 15:22:46 ----A---- C:\Windows\system32\d3dx9_30.dll

2014-02-04 15:22:45 ----A---- C:\Windows\system32\xactengine2_0.dll

2014-02-04 15:22:45 ----A---- C:\Windows\system32\x3daudio1_0.dll

2014-02-04 15:22:43 ----A---- C:\Windows\system32\d3dx9_29.dll

2014-02-04 15:22:43 ----A---- C:\Windows\system32\d3dx9_28.dll

2014-02-04 15:22:42 ----A---- C:\Windows\system32\d3dx9_27.dll

2014-02-04 15:22:41 ----A---- C:\Windows\system32\d3dx9_26.dll

2014-02-04 15:22:41 ----A---- C:\Windows\system32\d3dx9_25.dll

2014-02-04 15:22:40 ----A---- C:\Windows\system32\d3dx9_24.dll

2014-02-03 20:14:12 ----D---- C:\ProgramData\Geevs

2014-02-03 20:11:28 ----A---- C:\Windows\system32\XAudio2_7.dll

2014-02-03 20:11:28 ----A---- C:\Windows\system32\XAPOFX1_5.dll

2014-02-03 20:11:26 ----A---- C:\Windows\system32\xactengine3_7.dll

2014-02-03 20:11:25 ----A---- C:\Windows\system32\d3dcsx_43.dll

2014-02-03 20:11:25 ----A---- C:\Windows\system32\D3DCompiler_43.dll

2014-02-03 20:11:24 ----A---- C:\Windows\system32\d3dx11_43.dll

2014-02-03 20:11:24 ----A---- C:\Windows\system32\d3dx10_43.dll

2014-02-03 20:11:23 ----A---- C:\Windows\system32\D3DX9_43.dll

2014-02-03 20:10:23 ----D---- C:\Program Files\Lightworks

2014-01-29 14:53:12 ----D---- C:\ProgramData\Corel Painter X3

2014-01-25 18:31:48 ----D---- C:\ProgramData\tmp

2014-01-25 18:31:48 ----D---- C:\ProgramData\hps

2014-01-25 18:00:12 ----D---- C:\Program Files\bol.com

2014-01-06 20:23:36 ----A---- C:\Windows\system32\GPhotos.scr

======List of files/folders modified in the last 1 month======

2014-02-05 20:06:08 ----D---- C:\Program Files\Trend Micro

2014-02-05 20:05:01 ----D---- C:\Windows\Temp

2014-02-05 20:00:42 ----D---- C:\Users\Nadia\AppData\Roaming\Skype

2014-02-05 01:07:30 ----D---- C:\Users\Nadia\AppData\Roaming\uTorrent

2014-02-04 23:29:01 ----D---- C:\Windows\System32

2014-02-04 23:28:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-02-04 16:00:12 ----SHD---- C:\Windows\Installer

2014-02-04 16:00:12 ----HD---- C:\Program Files\InstallShield Installation Information

2014-02-04 16:00:11 ----HD---- C:\Config.Msi

2014-02-04 15:59:53 ----HD---- C:\ProgramData

2014-02-04 15:59:41 ----SHD---- C:\System Volume Information

2014-02-04 15:58:56 ----RD---- C:\Program Files

2014-02-04 15:58:08 ----D---- C:\Windows

2014-02-04 15:34:39 ----D---- C:\ProgramData\Corel

2014-02-04 15:25:46 ----RSD---- C:\Windows\Fonts

2014-02-04 15:25:31 ----D---- C:\Program Files\Corel

2014-02-04 15:23:08 ----RSD---- C:\Windows\assembly

2014-02-04 15:22:50 ----D---- C:\Windows\Microsoft.NET

2014-02-04 15:20:50 ----D---- C:\Windows\winsxs

2014-02-03 20:23:28 ----D---- C:\Windows\inf

2014-02-03 20:10:36 ----D---- C:\Windows\Logs

2014-01-28 00:53:48 ----D---- C:\Users\Nadia\AppData\Roaming\vlc

2014-01-20 13:40:30 ----D---- C:\Windows\system32\catroot2

2014-01-09 22:42:00 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 49320]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-05-07 317976]

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-02-28 49832]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 765808]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 368248]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 62448]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-02 242240]

R1 ISODisk;ISODisk; C:\Windows\system32\drivers\ISODisk.sys [2006-04-26 9600]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]

R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [2011-07-12 67664]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 29880]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 66408]

R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 252536]

R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-11-17 18424]

R3 BCM43XX;Stuurprogramma voor de Dell draadloze WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-11-17 1331192]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-01-16 4568064]

R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]

R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]

R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]

R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA009Ufd.sys [2008-06-03 144672]

R3 OA009Vid;Creative Camera OA009 Function Driver; C:\Windows\system32\DRIVERS\OA009Vid.sys [2008-08-25 269216]

R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-23 62976]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-02-26 423424]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-07-24 304128]

S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []

S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []

S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []

S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []

S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 163784]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-10-28 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2012-12-03 11680]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-04-25 43520]

S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2012-03-02 13056]

S3 USBCCID;USB Smart Card reader; C:\Windows\system32\DRIVERS\usbccid.sys [2013-10-19 29184]

S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2012-03-02 20864]

S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2012-03-02 25216]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2012-12-03 70048]

S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2012-11-15 13728]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe [2009-03-03 81920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe [2010-02-26 229458]

R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-11-17 26112]

R2 WTabletServiceCon;Wacom Consumer Service; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2012-12-11 528256]

R2 yksvc;Marvell Yukon Service; ykx32coinst,serviceStartProc []

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 821648]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-23 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04 257928]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-23 136176]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\ProgramData\eSellerate;fs
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 "=-;r
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Het logje:

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by Nadia on do 06/02/2014 at 17:34:26,86.

Microsoft® Windows Vista™ Home Basic 6.0.6001 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Nadia\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-08-25-185741.log 21156 bytes

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\ProgramData\Corel Painter 12 deleted successfully

C:\ProgramData\Corel Painter X3 deleted successfully

C:\Users\Nadia\AppData\Roaming\.# deleted successfully

C:\Users\Nadia\AppData\Roaming\Lite deleted successfully

C:\Users\Gast\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Bamboo Dock\BambooCore.exe

C:\Program Files\Greenshot\Greenshot.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Program Files\Tablet\Pen\WacomHost.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\conime.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Nadia\Downloads\zoek.exe

C:\Users\Nadia\Downloads\zoek.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k HPService

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\eSellerate deleted

"C:\Users\Nadia\AppData\Roaming\TMP\setup.exe" deleted

"C:\Users\Nadia\AppData\Roaming\TMP" deleted

==== System Specs ======================

Windows: Windows Vista Home Basic Edition Service Pack 1 (Build 6001)

Memory (RAM): 2010 MB

CPU Info: Intel® Celeron® CPU 900 @ 2.20GHz

CPU Speed: 2192,4 MHz

Sound Card: Luidsprekers / Koptelefoon (IDT |

Onafhankelijk (R.T.C.) koptelef |

Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller | Dell Wireless 1397 WLAN Mini-Card

CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpDVD+-RW TS-L633C | F: DTSOFT BDROM

Ports: COM3 | COM4 LPT Port NOT Present.

Mouse: 2 Button Wheel Mouse Present

Hard Disks: C: 218,2GB | D: 14,6GB

Hard Disks - Free: C: 29,5GB | D: 9,3GB

Manufacturer *: Dell Inc.

BIOS Info: AT/AT COMPATIBLE | 05/13/09 | DELL - 27d9050d

Time Zone: Romance (standaardtijd)

Motherboard *: Dell Inc. 0G848F

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)

Anti-Spyware: avast! Antivirus disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Firefox 26.0

Internet Explorer version: 7.0.6001.18000

Mozilla Firefox version: 26.0 (x86 nl)

Google Chrome version: 32.0.1700.107

Adobe Reader version: 10.1.0.534

Sun Java version: 1.7.0_21 (32-bit)

Flash Player version: 12.0.0.44

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Nadia\AppData\Local\Temp ====

2014-02-03 18:57:54 7F77D4722FEEB41E34329366470F0688 72720560 ----a-w- C:\Users\Nadia\AppData\Local\Temp\OCS\Downloads\3676090eded622c6bec547ed78bdf6d1\f340f1b1f65b6df5b5e3f94d95b11daf\lightworks.exe

2014-02-03 18:56:25 317EC5F92CFBF04A53E8125B66B3B4AF 294912 ----a-w- C:\Users\Nadia\AppData\Local\Temp\OCS\ocs_v71a.exe

2014-02-03 18:56:25 0B3B4E8D1DE31F844E466D61CF7937B5 192512 ----a-w- C:\Users\Nadia\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll

====== Java Cache =====

====== C:\Windows\system32 =====

2014-02-04 14:23:50 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\System32\XAPOFX1_4.dll

2014-02-04 14:23:50 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\System32\XAudio2_6.dll

2014-02-04 14:23:49 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\System32\xactengine3_6.dll

2014-02-04 14:23:49 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\System32\X3DAudio1_7.dll

2014-02-04 14:23:49 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\System32\XAudio2_5.dll

2014-02-04 14:23:48 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\System32\xactengine3_5.dll

2014-02-04 14:23:47 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\System32\D3DCompiler_42.dll

2014-02-04 14:23:47 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\System32\d3dcsx_42.dll

2014-02-04 14:23:46 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\System32\d3dx11_42.dll

2014-02-04 14:23:46 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\System32\d3dx10_42.dll

2014-02-04 14:23:45 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\System32\D3DX9_42.dll

2014-02-04 14:23:45 781E8B5B6FDB3C9B4E4A4A9FB019960D 1846632 ----a-w- C:\Windows\System32\D3DCompiler_41.dll

2014-02-04 14:23:44 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\System32\D3DX9_41.dll

2014-02-04 14:23:44 1AA571774936717EE776DBED51E9EDF4 453456 ----a-w- C:\Windows\System32\d3dx10_41.dll

2014-02-04 14:23:43 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\System32\X3DAudio1_6.dll

2014-02-04 14:23:43 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\System32\XAudio2_4.dll

2014-02-04 14:23:43 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\System32\xactengine3_4.dll

2014-02-04 14:23:43 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\System32\XAPOFX1_3.dll

2014-02-04 14:23:42 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\System32\d3dx10_40.dll

2014-02-04 14:23:42 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\System32\D3DCompiler_40.dll

2014-02-04 14:23:41 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\System32\D3DX9_40.dll

2014-02-04 14:23:41 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\System32\XAudio2_3.dll

2014-02-04 14:23:41 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\System32\XAPOFX1_2.dll

2014-02-04 14:23:40 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\System32\XAPOFX1_1.dll

2014-02-04 14:23:40 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\System32\xactengine3_3.dll

2014-02-04 14:23:40 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\System32\X3DAudio1_5.dll

2014-02-04 14:23:39 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\System32\xactengine3_2.dll

2014-02-04 14:23:39 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\System32\XAudio2_2.dll

2014-02-04 14:23:38 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\System32\d3dx10_39.dll

2014-02-04 14:23:38 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\System32\D3DCompiler_39.dll

2014-02-04 14:23:38 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\System32\D3DX9_39.dll

2014-02-04 14:23:37 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\System32\XAudio2_1.dll

2014-02-04 14:23:37 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\System32\XAPOFX1_0.dll

2014-02-04 14:23:36 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\System32\X3DAudio1_4.dll

2014-02-04 14:23:36 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\System32\xactengine3_1.dll

2014-02-04 14:23:36 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\System32\D3DCompiler_38.dll

2014-02-04 14:23:35 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\System32\d3dx10_38.dll

2014-02-04 14:23:35 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\System32\D3DX9_38.dll

2014-02-04 14:23:34 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\System32\X3DAudio1_3.dll

2014-02-04 14:23:34 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\System32\xactengine3_0.dll

2014-02-04 14:23:34 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\System32\XAudio2_0.dll

2014-02-04 14:23:33 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\System32\D3DCompiler_37.dll

2014-02-04 14:23:33 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\System32\d3dx10_37.dll

2014-02-04 14:23:32 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\System32\D3DX9_37.dll

2014-02-04 14:23:32 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\System32\xactengine2_10.dll

2014-02-04 14:23:31 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\System32\D3DCompiler_36.dll

2014-02-04 14:23:31 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\System32\d3dx10_36.dll

2014-02-04 14:23:30 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\System32\d3dx9_36.dll

2014-02-04 14:23:28 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\System32\d3dx10_35.dll

2014-02-04 14:23:28 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\System32\D3DCompiler_35.dll

2014-02-04 14:23:28 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\System32\xactengine2_9.dll

2014-02-04 14:23:27 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\System32\X3DAudio1_2.dll

2014-02-04 14:23:27 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\System32\xactengine2_8.dll

2014-02-04 14:23:27 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\System32\d3dx9_35.dll

2014-02-04 14:23:26 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\System32\D3DCompiler_34.dll

2014-02-04 14:23:26 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\System32\d3dx10_34.dll

2014-02-04 14:23:25 77F595DEE5FFACEA72B135B1FCE1312E 81768 ----a-w- C:\Windows\System32\xinput1_3.dll

2014-02-04 14:23:25 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\System32\d3dx9_34.dll

2014-02-04 14:23:24 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\System32\xactengine2_7.dll

2014-02-04 14:23:23 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\System32\D3DCompiler_33.dll

2014-02-04 14:23:23 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\System32\d3dx10_33.dll

2014-02-04 14:23:22 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\System32\d3dx9_33.dll

2014-02-04 14:23:22 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\System32\xactengine2_5.dll

2014-02-04 14:23:22 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\System32\xactengine2_6.dll

2014-02-04 14:23:21 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\System32\d3dx10.dll

2014-02-04 14:23:19 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\System32\d3dx9_32.dll

2014-02-04 14:23:16 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\System32\xactengine2_4.dll

2014-02-04 14:23:16 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\System32\x3daudio1_1.dll

2014-02-04 14:23:13 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\Windows\System32\d3dx9_31.dll

2014-02-04 14:23:12 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\System32\xactengine2_3.dll

2014-02-04 14:23:11 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\System32\xinput1_2.dll

2014-02-04 14:23:10 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\System32\xactengine2_2.dll

2014-02-04 14:23:09 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\System32\xinput1_1.dll

2014-02-04 14:23:08 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\System32\xactengine2_1.dll

2014-02-04 14:22:46 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\System32\d3dx9_30.dll

2014-02-04 14:22:45 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\System32\x3daudio1_0.dll

2014-02-04 14:22:45 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\System32\xactengine2_0.dll

2014-02-04 14:22:43 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\System32\d3dx9_28.dll

2014-02-04 14:22:43 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\System32\d3dx9_29.dll

2014-02-04 14:22:42 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\System32\d3dx9_27.dll

2014-02-04 14:22:41 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\System32\d3dx9_25.dll

2014-02-04 14:22:41 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\System32\d3dx9_26.dll

2014-02-04 14:22:40 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\System32\d3dx9_24.dll

2014-02-03 19:11:28 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\System32\XAPOFX1_5.dll

2014-02-03 19:11:28 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\System32\XAudio2_7.dll

2014-02-03 19:11:26 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\System32\xactengine3_7.dll

2014-02-03 19:11:25 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\System32\d3dcsx_43.dll

2014-02-03 19:11:25 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\System32\D3DCompiler_43.dll

2014-02-03 19:11:24 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\System32\d3dx11_43.dll

2014-02-03 19:11:24 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\System32\d3dx10_43.dll

2014-02-03 19:11:23 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\System32\D3DX9_43.dll

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-04 14:58:56 -------- d-----w- C:\Program Files\SmartSound Software

2014-02-04 14:25:31 -------- d-----w- C:\Program Files\Windows Media Components

2014-02-03 19:10:23 -------- d-----w- C:\Program Files\Lightworks

2014-01-25 17:00:12 -------- d-----w- C:\Program Files\bol.com

======= C: =====

====== C:\Users\Nadia\AppData\Roaming ======

2014-02-04 16:48:57 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\CrashDumps

2014-02-04 15:03:02 -------- d-----w- C:\Users\Nadia\AppData\Roaming\Ulead Systems

====== C:\Users\Nadia ======

2014-02-05 19:04:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Nadia\Downloads\RSIT.exe

2014-02-04 14:58:51 -------- d-----w- C:\ProgramData\SmartSound Software Inc

2014-02-04 14:57:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media

2014-02-04 14:52:18 -------- d-----w- C:\ProgramData\InterVideo

2014-02-04 14:32:29 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X6

2014-02-03 19:21:22 -------- d-----w- C:\Users\Nadia\.MCReferenceSdk

2014-02-03 19:14:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks

2014-02-03 19:14:12 -------- d-----w- C:\ProgramData\Geevs

2014-02-03 18:55:12 7CCEB3C4ED86619A2E381A76194CA0FA 614784 ----a-w- C:\Users\Nadia\Downloads\lightworks.exe

2014-02-03 18:41:56 3A41815E8B51F2C408C90D56D6D5BF2A 930440 ----a-w- C:\Users\Nadia\Downloads\cbsidlm-cbsi176-Free_MP4_to_WMV_Converter-ORG-75898999.exe

2014-01-29 14:31:00 CA92C0BFA849D66868063C5E64DB43C5 202441120 ----a-w- C:\Users\Nadia\Downloads\CorelPainterX3EN_x86.exe

2014-01-29 13:26:07 7FD13C784928120BFB416060AF654E41 207622976 ----a-w- C:\Users\Nadia\Downloads\CorelPainterX3EN_x64.exe

2014-01-25 17:51:22 -------- d-----w- C:\Users\Nadia\restore

2014-01-25 17:31:48 -------- d-----w- C:\ProgramData\tmp

2014-01-25 17:31:48 -------- d-----w- C:\ProgramData\hps

2014-01-25 17:14:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bol.com fotoservice

====== C: exe-files ==

2014-02-05 19:05:46 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Nadia.exe

2014-02-05 19:04:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Nadia\Downloads\RSIT.exe

2014-02-04 22:22:04 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe

2014-02-04 15:00:12 507ACC0C83A2443927B61A0A8A812B44 336144 ----a-w- C:\Program Files\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe

2014-02-04 14:58:56 F1C1376A72CB9CE7368EBAA2D8626D98 336144 ----a-w- C:\Program Files\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe

2014-02-04 14:51:50 E5B2F2E357D7E88837D5CAB16E211380 808832 ----a-w- C:\Program Files\InstallShield Installation Information\{AC35D5BE-CA9F-4CEE-8848-428D189A2BCE}\setup.exe

2014-02-04 14:19:22 AA274209CB1BCEFE863D2805019FB14B 12212040 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\WMEncoder\WMFDist11.exe

2014-02-04 14:19:21 88A5D68D1B66FE736A2E8CB9FF3A39D2 9918872 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\WMEncoder\WMEncoder.exe

2014-02-04 14:19:20 D48C807C3A52579C576145285267B7F6 337936 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\Quicktracks5Installer\setup.exe

2014-02-04 14:19:07 8EADF6E699BEA036A7709660E0FBC67F 399336 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\NewBlueFX\setup.exe

2014-02-04 14:19:01 F031C0D2B460209B47B91C46A3D202FE 2648768 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\MFC2005\vcredist_x86.exe

2014-02-04 14:19:01 33C9213FF5849EF7346799CAE4D8AC80 562688 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\MSVC2008\install.exe

2014-02-04 14:19:00 39D998E29DC9277C8762070901E69A32 235184 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\Google Toolbar\GoogleToolbarInstaller.exe

2014-02-04 14:18:58 C2414475FE4028224587AA00477777C4 779856 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\Google Chrome\ChromeInstaller.exe

2014-02-04 14:18:58 5996ECC5D530C350D9C8344BF0F06C8E 1886800 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\Flash Player\install_flash_player.exe

2014-02-04 14:18:53 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\DXJun2010\DXSETUP.exe

2014-02-04 14:18:48 A8E796C32F0952A0303392A1B958E4A7 399336 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\ContentHD\setup.exe

2014-02-04 14:17:45 FFD49C51DDE6FDE37C9949BC6DE0EF46 2584848 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\Quicktracks5Installer\WindowsInstaller-KB893803-x86.exe

2014-02-04 14:17:45 FFD49C51DDE6FDE37C9949BC6DE0EF46 2584848 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\CommonDataInstaller\WindowsInstaller-KB893803-x86.exe

2014-02-04 14:17:45 A57F216BFB920D963F8E6B954B9958CA 337936 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\CommonDataInstaller\setup.exe

2014-02-04 14:17:39 E5B2F2E357D7E88837D5CAB16E211380 808832 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup\RunTime\AVControl\setup.exe

2014-02-04 14:16:07 85FF3A77359FAE1D8FE10A7211B3B3C6 952680 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\Setup.exe

2014-02-04 14:16:07 1F7107605A4CD15788AFDF7F462B831F 657768 ----a-w- C:\Program Files\Corel\Corel VideoStudio Pro X6 Setup Files\SetupARP.exe

2014-02-03 18:57:54 7F77D4722FEEB41E34329366470F0688 72720560 ----a-w- C:\Users\Nadia\AppData\Local\Temp\OCS\Downloads\3676090eded622c6bec547ed78bdf6d1\f340f1b1f65b6df5b5e3f94d95b11daf\lightworks.exe

2014-02-03 18:56:25 317EC5F92CFBF04A53E8125B66B3B4AF 294912 ----a-w- C:\Users\Nadia\AppData\Local\Temp\OCS\ocs_v71a.exe

2014-02-03 18:55:12 7CCEB3C4ED86619A2E381A76194CA0FA 614784 ----a-w- C:\Users\Nadia\Downloads\lightworks.exe

2014-02-03 18:44:16 2958CE0C4582079E9E74C259E0ECB727 10566428 ----a-w- C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN93KNBD\Setup_product_708[1].exe

2014-02-03 18:41:56 3A41815E8B51F2C408C90D56D6D5BF2A 930440 ----a-w- C:\Users\Nadia\Downloads\cbsidlm-cbsi176-Free_MP4_to_WMV_Converter-ORG-75898999.exe

=== C: other files ==

2014-02-05 21:24:53 E46E2C1AE182A8020DFCCB4F8A95B25F 19448 ----a-w- C:\Users\Nadia\AppData\Local\Temp\the-originals-first-season_english-858135.zip

2014-02-04 21:36:33 F41D393279CD4D8393993CB63F966D29 25613 ----a-w- C:\Users\Nadia\AppData\Local\Temp\insidious-chapter-2_english-829320.zip

2014-02-04 15:11:43 F8D944053862D6ED1BC2DFAE827931A7 1116 ----a-w- C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMLAQJ7A\updatesystem5[1].zip

2014-02-04 13:11:50 9CA083B00756FCAF582C4611D90C2012 52820 ----a-w- C:\Users\Nadia\AppData\Local\Temp\the-counselor_english-854952.zip

2014-02-01 21:57:04 83CF6E2261684C62E09A73DDF5193AD9 20511 ----a-w- C:\Users\Nadia\AppData\Local\Temp\the-vampire-diaries-fifth-season_english-855583.zip

2014-02-01 21:56:27 9EB53C3542C7DDA1484324752294FE31 19152 ----a-w- C:\Users\Nadia\AppData\Local\Temp\the-vampire-diaries-fifth-season_english-852172.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe"

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe"

"Apoint"="C:\Program Files\DellTPad\Apoint.exe"

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

"BambooCore"="C:\Program Files\Bamboo Dock\BambooCore.exe"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Greenshot"="C:\Program Files\Greenshot\Greenshot.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

==== Startup Folders ======================

2013-08-12 20:36:48 947 ----a-w- C:\Users\Nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk

2013-03-02 20:49:36 1099 ----a-w- C:\Users\Nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

2012-09-26 16:47:59 1974 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2014 23:28]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23/07/2012 11:26]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [20/12/2013 21:30]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/09/2012 17:50]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default

- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org

- Dictionnaires franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org

- Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org

- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi

- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default

FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash

5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update

8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21

ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11

637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect

A5C14075B571AF1C9592595BE724D9D2 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

AEA69AF0E4F27AABA1A4DF66B43179A3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

B502C8BC301556EC6B3723ACC427933C - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll - WacomTabletPlugin

D28AD1CB902AC6D228532812D3850C7D - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

99F97C9FE748C37528C338A423577FCB - C:\Users\Nadia\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect

2AA3703D87E1327A2290C9D416D89A28 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28/02/2013 09:33]

avast WebRep - Nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [bambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Nadia\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Nadia\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMLAQJ7A will be deleted at reboot

C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Nadia\AppData\Local\Mozilla\Firefox\Profiles\snvftpmv.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=2 18857313 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gast\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Nadia\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Nadia\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMLAQJ7A" not found

==== EOF on do 06/02/2014 at 18:16:09,05 ======================

Link naar reactie
Delen op andere sites

Dit ziet er alvast safe uit. Doe nog even dit als toetje:

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

# AdwCleaner v3.018 - Report created 07/02/2014 at 14:22:52

# Updated 28/01/2014 by Xplode

# Operating System : Windows Vista Home Basic Service Pack 1 (32 bits)

# Username : Nadia - PC_VAN_NADIA

# Running from : C:\Users\Nadia\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\user.js

File Deleted : C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKCU\Software\53eded8e238b814

Key Deleted : HKLM\SOFTWARE\53eded8e238b814

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

Key Deleted : HKCU\Software\BabylonToolbar

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\OCS

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Delta

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639

-\\ Mozilla Firefox v27.0 (nl)

[ File : C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\prefs.js ]

Line Deleted : user_pref("extensions.enabledAddons", "belgiumeid%40eid.belgium.be:1.0.18,DivXWebPlayer%40divx.com:2.0.2.039,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0");

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5322 octets] - [07/02/2014 14:10:33]

AdwCleaner[s0].txt - [5291 octets] - [07/02/2014 14:22:52]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5351 octets] ##########

Handig die AdwCleaner, kende het niet!

- - - Updated - - -

Even tussendoor trouwens, is er ergens waar ik de website kan aangeven vanwaar ik deze besmetting gekregen heb? Kwestie dat het niet blijft rondgaan...

Link naar reactie
Delen op andere sites

Ben Avast een volledig systeemscan aan het laten doen nu, zal u op de hoogte houden of hij nog iets vindt! Browser is wel een stuk sneller nu, bedankt!

En ja goed punt, wel stom dat mijn Avast geen melding gaf dat er iets binnen was gekomen, pas toen ik aan het scannen was herkende hij het.

Link naar reactie
Delen op andere sites

Volledige systeemscan gedaan, niks gevonden maar Avast zegt dat er een heleboel bestanden niet gescand konden worden allemaal met dezelfde melding "fout: Het archief is beschermd met een wachtwoord"
Dat mag geen probleem zijn. Het feit dat de scan geen aanduiding meer geeft als in je startpost is het belangrijkste.

Dan mag je de gebruikte tools en nog wat overbodige restjes verwijderen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.