Dasle

Lid

Bekijk profiel Bekijk hun activiteit

Items
9.743
Registratiedatum
18 januari 2011
Laatst bezocht
woensdag om 14:15

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door Dasle

PC "bevriest" herhaaldelijk na lang aanstaan

Dasle reageerde op Unclejack's topic in Archief Hardware algemeen

Dan wacht het een paar dagen af of alles blijft functioneren zoals het hoort. Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk. ;-)
- 9 juli 2013
- 20 antwoorden
BSOD ntoskrnl.exe

Dasle reageerde op Red_Sparowe's topic in Archief Windows Algemeen

Dan wacht nog even met het installeren van deze drivers, heb je in de tussen tijd nog BSOD's gehad na het verwijderen van Google Chrome?
- 9 juli 2013
- 104 antwoorden
qvo6.com als startpagina

Dasle reageerde op Dasle's topic in Archief Bestrijding malware & virussen

Ik wist niet wat ik zag toen ik deze laptop opstartte wat dat jonge volk allemaal denkt nodig te hebben xD Maar hier de gevraagde logjes. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:51:01, on 9/07/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Hp\HP UT LEDM\bin\hppusg.exe C:\Windows\SysWOW64\mmrtkrnl.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: BroadWave Audio Streaming Server (BroadWaveService) - Unknown owner - C:\Program Files (x86)\NCH Swift Sound\BroadWave\broadwave.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 13377 bytes Zoek.exe Version 4.0.0.3 Updated 05-July-2013 Tool run by Nick on di 09/07/2013 at 23:25:24,68. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== Failed to create System Restore Point ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 1ClickDownloader 2007 Microsoft Office Suite Service Pack 2 (SP2) Acrobat.com ActiveCheck component for HP Active Support Library Adobe AIR Adobe Bridge 1.0 Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS2 Adobe Reader 9.2 MUI Adobe Shockwave Player Adobe Shockwave Player 11.5 Akamai NetSession Interface Akamai NetSession Interface Service Apple Application Support Apple Mobile Device Support Apple Software Update Arthaus Paint & Fotoshop ASIO4ALL Atheros Driver Installation Program AV Voice Changer Software 7.0 Battlefield Play4Free BCool Gadget Bejeweled 2 Deluxe BitComet 1.29 Blasterball 3 Boilsoft Video Converter 2.81 BrowseToSave CCleaner Chuzzle Deluxe Cisco Network Magic Conduit Engine Core Temp 1.0 RC5 Counter-Strike 1.6 Counter-Strike: Source CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDirector CyberLink PowerDVD 8 CyberLink YouCam D3DX10 De SimsT 3 De SimsT 3 Showtime Delta Chrome Toolbar Delta toolbar Diner Dash Dora's Carnival Adventure dutch.ilsc.org Toolbar Elf 1.12 Toolbar Elf 1.13 Toolbar Elf 1.15 Toolbar Facebook Video Calling 1.2.0.287 Farm Frenzy FATE Firebird 2.5.0.26074 (Win32) FL Studio 10 Free YouTube to MP3 Converter version 3.12.0.128 FrostWire 4.21.8 FrostWire 5.3.8 GIMP 2.8.0 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GTA San Andreas Half-Life 2: Deathmatch Half-Life 2: Lost Coast HiJackThis HiYo HiYo Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Advisor HP Customer Experience Enhancements HP Games HP LaserJet Professional P1100-P1560-P1600 Series HP Quick Launch Buttons HP Setup HP Support Assistant HP User Guides 0148 HP Wireless Assistant HPAsset component for HP Active Support Library hppLaserJetService hppP1100P1560P1600SeriesLaserJetService hppusgP1100P1560P1600Series HPSSupply HyperCam Toolbar IDT Audio IL Download Manager InfraRecorder 0.50 (x64 edition) iTunes Java 7 Update 17 Java Auto Updater Java 6 Update 15 (64-bit) Java SE Development Kit 6 Update 15 (64-bit) Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software LogMeIn Hamachi Magic Desktop MAGIX Screenshare MAGIX Speed burnR (MSI) Mah Jong Medley MarketResearch MediaBar Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Compact 3.5 SP1 x64 English Microsoft SQL Server Desktop Engine Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 More Games from HP Games Movie Maker Mozilla Firefox 5.0 (x86 nl) MSI to redistribute MS VS2005 CRT libraries MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML4 Parser MusicStation muvee Reveal N-N NCH Toolbar Nexon Game Manager Norton Security Scan NVIDIA Drivers NVIDIA PhysX v8.04.25 OptimizerPro Pando Media Booster Peggle Photo Common Photo Gallery PhotoMail Maker Picasa 3 Polar Bowler Polar Golfer Power2Go Pure Networks Platform QLBCASL QuickTime Realtek 8136 8168 8169 Ethernet Driver Realtek USB 2.0 Card Reader Recovery Manager reFX Nexus VSTi RTAS v2.2.0 Saints Row: The Third Samsung New PC Studio SAMSUNG USB Driver for Mobile Phones Search Assistant WebSearch 1.74 Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype Click to Call SkypeT 5.10 Slingo Deluxe Snap.Do Snap.Do Engine Softonic-Eng7 Toolbar Spotify SpywareBlaster 4.3 Steam StoneLoops of Jurassica Super Collapse 3 SweetIM Toolbar for Internet Explorer 3.9 Synaptics Pointing Device Driver TeamViewer 6 Text-To-Speech-Runtime THE GAME OF LIFE Torntv 2 TuneUp Utilities Language Pack (nl-NL) Uniblue RegistryBooster 2009 Unity Web Player Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Outlook 2007 (KB2509470) Update for Outlook 2007 Junk Email Filter (KB2553975) Update Installer for WildTangent Games App Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) uTorrentBar_NL Toolbar Utubebario Toolbar VaudiX 1.74 Vegas Pro 11.0 Virtual DJ Home - Atomix Productions Virtual Families Virtual Villagers - The Secret City VirtualDJ Home FREE WildTangent Games App (HP Games) Windows iLivid Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 4.01 (64-bit) World of Goo Wsys Control 1.0.0.2539 Yahoo Detect Yahtzee Yontoo 1.10.02 Your Product Zuma Deluxe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\mywebsearchservice deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default\prefs.js: user_pref("browser.startup.homepage", "http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=hp&installDate=28/02/2013"); user_pref("browser.newtab.url", "http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=nt&installDate=28/02/2013"); user_pref("browser.search.selectedEngine", "Web Search"); user_pref("keyword.URL", "http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&installDate=28/02/2013&q="); Added to C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\prefs.js: user_pref("browser.startup.homepage", "http://www.searchqu.com/406"); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("browser.search.defaulturl", "http://websearch.pu-results.info/?pid=317&r=2013/03/14&hid=1011748354&lg=EN&cc=BE&l=1&q="); user_pref("browser.newtab.url", "http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=nt&installDate=28/02/2013&q="); user_pref("browser.search.defaultenginename", "qvo6"); user_pref("browser.search.defaultenginename,S", ""); user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("browser.search.selectedEngine", "qvo6"); user_pref("browser.search.selectedEngine,S", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("browser.search.order.1", "qvo6"); user_pref("browser.search.order.1,S", ""); user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\prefs.js: ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default user.js not found ---- Lines BabylonToolbar removed from prefs.js ---- ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines snap.do removed from prefs.js ---- ---- Lines snap.do modified from prefs.js ---- ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- user_pref("extensions.enabledAddons", "{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33,m3ffxtbr@mywebsearch.com:1.1,wrc@avast.com:7.0.1426,{972ce4c6-7e08-4474-a285-3208198ce6fd}:5.0"); user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"m3ffxtbr@mywebsearch.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\MyWebSearch\\\\bar\\\\1.bin\",\"mtime\":1297528067746},\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1333742143728}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Windows iLivid Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1311676957707},\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\",\"mtime\":1334756166546},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1309115544006},\"{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\",\"mtime\":1312268860047},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1340643744696}}}]"); ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines searchqu removed from prefs.js ---- ---- Lines searchqu modified from prefs.js ---- ---- Lines snapdo removed from prefs.js ---- ---- Lines snapdo modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); ---- Lines ask.com modified from prefs.js ---- ---- Lines results.info removed from prefs.js ---- ---- Lines results.info modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossriderapp11825.adsOldValue", -1); ---- Lines crossrider modified from prefs.js ---- ---- Lines Downloader.com removed from prefs.js ---- ---- Lines Downloader.com modified from prefs.js ---- ---- Lines Search-Results removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); ---- Lines Search-Results modified from prefs.js ---- ---- Lines helperbar removed from prefs.js ---- ---- Lines helperbar modified from prefs.js ---- ---- Lines SweetIM removed from prefs.js ---- ---- Lines SweetIM modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"m3ffxtbr@mydisabled.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mydisabled\\\\bar\\\\1.bin\",\"mtime\":1297528067746},\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1333742143728}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Windows iLivid Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1311676957707},\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\",\"mtime\":1334756166546},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1309115544006},\"{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\",\"mtime\":1312268860047},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1340643744696}}}]"); ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- Lines browser.startup.page removed from prefs.js ---- ---- Lines browser.startup.page modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130907_2332_.backup ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default ---- Lines BabylonToolbar removed from prefs.js ---- ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "74a9f092000000000000f67bcb760523"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15739"); user_pref("extensions.delta.vrsn", "1.8.10.0"); user_pref("extensions.delta.vrsni", "1.8.10.0"); user_pref("extensions.delta.vrsnTs", "1.8.10.013:31:50"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines snap.do removed from prefs.js ---- ---- Lines snap.do modified from prefs.js ---- ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines searchqu removed from prefs.js ---- ---- Lines searchqu modified from prefs.js ---- ---- Lines snapdo removed from prefs.js ---- ---- Lines snapdo modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines results.info removed from prefs.js ---- ---- Lines results.info modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- Lines Downloader.com removed from prefs.js ---- ---- Lines Downloader.com modified from prefs.js ---- ---- Lines Search-Results removed from prefs.js ---- ---- Lines Search-Results modified from prefs.js ---- ---- Lines helperbar removed from prefs.js ---- ---- Lines helperbar modified from prefs.js ---- ---- Lines SweetIM removed from prefs.js ---- ---- Lines SweetIM modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- Lines browser.startup.page removed from prefs.js ---- ---- Lines browser.startup.page modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130907_2332_.backup prefs_20130907_2332_.backup ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== "C:\Users\Nick\AppData\Local\{4707E646-D4BD-4805-8F83-511310603924}" deleted "C:\Users\Nick\AppData\Local\{78E2CCCE-E511-48DB-A2CF-A0D10342CF91}" deleted "C:\Users\Nick\AppData\Local\{817FCDD1-71E7-4759-A5DB-215601FDFCD6}" deleted "C:\Users\Nick\AppData\Local\{83CCCBE0-3F68-4B3E-99B4-E397A5476B3D}" deleted "C:\Users\Nick\AppData\Local\{9D7E721E-F53B-4BEE-B718-89170064EB3A}" deleted "C:\Users\Nick\AppData\Local\{B00C59FD-B58B-40EB-84E2-6125FC619D6F}" deleted "C:\Users\Nick\AppData\Local\{D1994297-507F-46EB-B03E-DC15F1B03786}" deleted "C:\Users\Nick\AppData\Local\{F75AFDBC-67DE-40E6-9501-9A21ABC19C81}" deleted "C:\user.js" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default\searchplugins\Web Search.xml" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\torntv@torntv.com.xpi" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\searchplugins\Web Search.xml" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml" deleted "C:\Users\Nick\AppData\Roaming\RSBot_Accounts.ini" deleted "C:\Users\Nick\AppData\Roaming\RSBuddy_nickhendrikx.ini" deleted "C:\ProgramData\HPWALog.txt" deleted "C:\Windows\tasks\Torntv 2-codedownloader.job" deleted "C:\Windows\tasks\Torntv 2-enabler.job" deleted "C:\Windows\tasks\Torntv 2-updater.job" deleted "C:\windows\SysNative\tasks\Torntv 2-codedownloader" deleted "C:\windows\SysNative\tasks\Torntv 2-enabler" deleted "C:\windows\SysNative\tasks\Torntv 2-updater" deleted "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\user.js" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default\searchplugins\Web Search.xml" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\searchplugins\Web Search.xml" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Windows\syswow64\appdata" deleted "C:\Program Files (x86)\Torntv 2" deleted "C:\Program Files (x86)\TornTV.com" deleted "C:\Program Files (x86)\Softonic-Eng7" deleted "C:\Program Files (x86)\Delta" deleted "C:\Program Files (x86)\Iminent" deleted "C:\Program Files (x86)\NCH" deleted "C:\Program Files (x86)\Elf_1.12" deleted "C:\Program Files (x86)\Elf_1.13" deleted "C:\Program Files (x86)\Elf_1.15" deleted "C:\Program Files (x86)\BrowseToSave" deleted "C:\Program Files (x86)\Babylon" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\uTorrentBar_NL" deleted "C:\Program Files (x86)\Free Offers from Freeze.com" deleted "C:\Program Files (x86)\BearShare Applications\MediaBar" deleted "C:\Program Files (x86)\iLivid" deleted "C:\Program Files (x86)\Windows iLivid Toolbar" deleted "C:\Program Files (x86)\1ClickDownload" deleted "C:\Program Files (x86)\FunWebProducts" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\MyWebSearch" deleted "C:\Program Files (x86)\WebSearch" deleted "C:\Program Files (x86)\VaudiX" deleted "C:\Program Files (x86)\Gophoto.it" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\SweetIM" deleted "C:\Program Files (x86)\ConduitEngine" deleted "C:\Users\Nick\AppData\Roaming\eIntaller" deleted "C:\Users\Nick\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\Users\Nick\AppData\Roaming\Babylon" deleted "C:\Users\Nick\AppData\Roaming\Delta" deleted "C:\Users\Nick\AppData\Roaming\OpenCandy" deleted "C:\Users\Nick\AppData\Roaming\Media Finder" deleted "C:\Users\Nick\AppData\Roaming\PriceGong" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\BetterSoft" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\SoftSafe" deleted "C:\ProgramData\Iminent" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder" deleted "C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted "C:\Users\Nick\AppData\Local\Ilivid Player" deleted "C:\Users\Nick\AppData\Local\OpenCandy" deleted "C:\Users\Nick\AppData\Local\APN" deleted "C:\Users\Nick\AppData\Local\NCH" deleted "C:\Users\Nick\AppData\Local\PackageAware" deleted "C:\Users\Nick\AppData\Local\Smartbar" deleted "C:\Users\Nick\AppData\Local\Conduit" deleted "C:\Users\Nick\AppData\Local\ConduitEngine" deleted "C:\Users\Nick\AppData\LocalLow\surfcanyon" deleted "C:\Users\Nick\AppData\LocalLow\SweetIM" deleted "C:\Users\Nick\AppData\LocalLow\Elf_1.12" deleted "C:\Users\Nick\AppData\LocalLow\Elf_1.13" deleted "C:\Users\Nick\AppData\LocalLow\Elf_1.15" deleted "C:\Users\Nick\AppData\LocalLow\MyWebSearch" deleted "C:\Users\Nick\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\Nick\AppData\LocalLow\Delta" deleted "C:\Users\Nick\AppData\LocalLow\Smartbar" deleted "C:\Users\Nick\AppData\LocalLow\DataMngr" deleted "C:\Users\Nick\AppData\LocalLow\uTorrentBar_NL" deleted "C:\Users\Nick\AppData\LocalLow\PriceGong" deleted "C:\Users\Nick\AppData\LocalLow\searchquband" deleted "C:\Users\Nick\AppData\LocalLow\searchqutoolbar" deleted "C:\Users\Nick\AppData\LocalLow\Conduit" deleted "C:\Users\Nick\AppData\LocalLow\ConduitEngine" deleted "C:\Users\Nick\AppData\LocalLow\FunWebProducts" deleted "C:\Users\Nick\AppData\LocalLow\Toolbar4" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\ffxtlbr@babylon.com" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default\extensions\crossriderapp11825@crossrider.com" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\ffxtlbr@delta.com" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\searchqutoolbar" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\plugin@yontoo.com" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\crossriderapp11825@crossrider.com" deleted "C:\Program Files (x86)\MyWebSearch\bar\1.bin" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\ffxtlbr@delta.com" deleted "C:\Program Files (x86)\MyWebSearch\bar\1.bin" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\plugin@yontoo.com" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\crossriderapp11825@crossrider.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-07-03 10:17:13 2701448229AEE43D266C00042EA3CB52 2154 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\Nick\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-07-03 10:10:49 02903EB9D9308541D032417ACDFB975C 374664 ----a-w- C:\Windows\Sysnative\drivers\netio.sys ====== C:\Windows\Tasks ====== 2013-07-06 11:53:20 7ED4DB41ADEA4F365100D5E5FB24C069 3180 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForNick 2013-07-06 11:53:20 3C5832269DEA2CD1E36D292126C1F852 328 ----a-w- C:\Windows\Tasks\HPCeeScheduleForNick.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-07-08 23:20:13 -------- d-----w- C:\Program Files (x86)\Trend Micro ======= C: ===== ====== C:\Users\Nick\AppData\Roaming ====== 2013-07-03 18:46:10 -------- d-----w- C:\users\Nick\AppData\Local\Programs 2013-07-03 13:03:36 -------- d-----w- C:\users\Administrator\AppData\Roaming\Apple Computer 2013-06-22 15:05:13 -------- d-----w- C:\users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2013-06-17 17:20:25 -------- d-----w- C:\users\Nick\AppData\Local\Spotify 2013-06-17 17:18:05 -------- d-----w- C:\users\Nick\AppData\Roaming\Spotify 2013-06-12 15:23:44 DAB91F2B1EE3ABC1D186B17C84DCCF6F 2105 ----a-w- C:\users\Nick\AppData\Local\recently-used.xbel ====== C:\Users\Nick ====== 2013-07-06 14:24:37 23D3B09A49AC98903BE38CCB99CAE371 260984 ----a-w- C:\Users\Nick\Downloads\Scary_Movie_5_2013_HDRip_XviD (1).exe 2013-07-06 11:26:05 ABE6565E9C303D26F269EAE2C3EE524F 261008 ----a-w- C:\Users\Nick\Downloads\Scary_Movie_5_2013_HDRip_XviD.exe 2013-07-03 18:44:26 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-07-03 10:08:00 3C381DB78BA2EA0F5DF599BD052AEE09 13504464 ----a-w- C:\Users\Nick\Downloads\mseinstall (1).exe 2013-07-03 10:05:16 843EEBD04CBD96FCAD32A04C0FF1D019 11119080 ----a-w- C:\Users\Nick\Downloads\mseinstall.exe 2013-07-01 13:07:37 B63CCB43F2779CBEA5D8D3CE2E3D90FB 263186 ----a-w- C:\Users\Nick\Desktop\Minecraft (4).exe 2013-06-28 14:27:17 -------- d-----w- C:\Users\Nick\.SquashOccurrences ====== C: exe-files == 2013-07-05 18:28:10 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe 2013-07-05 18:28:10 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateSetup.exe 2013-07-05 18:28:10 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateBroker.exe 2013-07-05 18:28:04 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe 2013-07-05 18:28:04 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe 2013-07-05 18:28:03 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdate.exe 2013-07-05 18:27:51 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe === C: other files == 2013-07-03 13:04:42 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_18373\search.crx 2013-07-03 13:04:42 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_18376\gmail.crx 2013-07-03 13:04:41 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_13966\youtube.crx 2013-07-03 13:04:40 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_18369\drive.crx 2013-07-03 13:04:40 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_22865\docs.crx 2013-07-03 13:04:39 E7D5CB3F02849E8F1DEAB02DD7C74E40 50973 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_716\BcoolApp.crx 2013-07-03 13:04:39 BC718A6BE06121B92DD507C75643B144 84122 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_18366\1click11.crx 2013-07-03 13:04:39 A17E7961DD71F4BDBDCED08158C3A45C 1762117 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_3218\skype_chrome_extension.crx 2013-07-03 13:04:39 02ACB0ED272187CF50E00C5B20546E30 57985 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_26796\gophotoit14.crx 2013-07-03 13:04:38 91F2FBDDF066A24A2CCC4966FC28A7C1 93511 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_25238\BabylonChrome.crx 2013-07-03 13:04:38 7B4C46566A8A93072C3AAEE8A99E26BC 47877 ----a-w- C:\Users\Administrator\AppData\Local\Temp\scoped_dir_3660_2733\torn11.crx 2013-07-03 10:10:49 02903EB9D9308541D032417ACDFB975C 374664 ----a-w- C:\Windows\System32\drivers\netio.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe" "AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" "Facebook Update"="C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPUsageTrackingLEDM"="C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe C:\Program Files (x86)\HP\HP UT LEDM\" "Realtime Audio Engine"="mmrtkrnl.exe /i" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe" "AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" "Facebook Update"="C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\.IMinentUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"=".IMinentUpdate" "hkey"="HKCU" "command"="C:\\Users\\Nick\\AppData\\Local\\Temp\\NotifierSetup.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitComet] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitComet" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\BitComet\\BitComet.exe\" /tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BroadWave] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BroadWave" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NCH Swift Sound\\BroadWave\\broadwave.exe\" -logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Browser Infrastructure Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Browser Infrastructure Helper" "hkey"="HKCU" "command"="C:\\Users\\Nick\\AppData\\Local\\Smartbar\\Application\\SnapDo.exe startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EA Core] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EA Core" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Electronic Arts\\EADM\\Core.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Easybits Recovery] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Easybits Recovery" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\EasyBits For Kids\\ezRecover.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Nick\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hiyo] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hiyo" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HiYo\\bin\\HiYo.exe /RunFromStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMBooster] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IMBooster" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Iminent\\IMBooster\\imbooster.exe /warmup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Iminent.Notifier] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Iminent.Notifier" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Iminent\\SearchTheWeb\\Iminent.Notifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn Hamachi Ui" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Media Finder" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Media Finder\\Media Finder.exe\" /opentotray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\My Web Search Bar Search Scope Monitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="My Web Search Bar Search Scope Monitor" "hkey"="HKLM" "command"="\"C:\\PROGRA~2\\MYWEBS~1\\bar\\1.bin\\m3SrchMn.exe\" /m=2 /w /h" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyWebSearch Email Plugin" "hkey"="HKLM" "command"="C:\\PROGRA~2\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nmapp] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nmapp" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Pure Networks\\Network Magic\\nmapp.exe\" -autorun -nosplash" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nmctxth] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nmctxth" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Pure Networks Shared\\Platform\\nmctxth.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvCplDaemon" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Pando Media Booster" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Pokki" "hkey"="HKCU" "command"="\"C:\\Users\\Nick\\AppData\\Local\\OpenCandy\\Pokki\\v0.0.72\\pokki.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QlbCtrl.exe" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RGSC" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Nick\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Nick\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SweetIM" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\SweetIM\\Messenger\\SweetIM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%programFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SysTrayApp" "hkey"="HKLM" "command"="C:\\Program Files\\IDT\\WDM\\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uniblue RegistryBooster 2009] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Uniblue RegistryBooster 2009" "hkey"="HKCU" "command"="c:\\program files (x86)\\uniblue\\registrybooster\\StartRegistryBooster.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vnet] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vnet" "hkey"="HKCU" "command"="C:\\dropped.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WirelessAssistant] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WirelessAssistant" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk] "item"="Service Manager" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Service Manager.lnk" "backup"="C:\\Windows\\pss\\Service Manager.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\MI3EDC~1\\80\\Tools\\Binn\\sqlmangr.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk] "item"="Adobe Gamma" "path"="C:\\Users\\Nick\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk" "backup"="C:\\Windows\\pss\\Adobe Gamma.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^fliptoast.lnk] "item"="fliptoast" "path"="C:\\Users\\Nick\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\fliptoast.lnk" "backup"="C:\\Windows\\pss\\fliptoast.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Program Files (x86)\\fliptoast\\fliptoast.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk] "item"="LimeWire On Startup" "path"="C:\\Users\\Nick\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\LimeWire On Startup.lnk" "backup"="C:\\Windows\\pss\\LimeWire On Startup.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\LimeWire\\LimeWire.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/06/2013 21:47] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-56756089-870219968-2889249409-1000Core.job --a------ C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/06/2013 17:13] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-56756089-870219968-2889249409-1000UA.job --a------ C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/06/2013 17:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/07/2010 12:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/07/2010 12:41] C:\Windows\tasks\HPCeeScheduleForNick.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [07/10/2009 05:22] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\48xjxz32.default - Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\MyWebSearch\bar\1.bin - Undetermined - C:\Program Files\AVAST Software\Avast\WebRep\FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default - Undetermined - C:\Program Files (x86)\MyWebSearch\bar\1.bin - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Undetermined - C:\Users\Nick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Snap.Do - %ProfilePath%\extensions\{0fb802e0-ccb5-4669-a47f-267367ebb8d2} - Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} - BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi - Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default FFF2362F6B4A46D4BC1D147E79A7547B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2 855B79451ECF62602F20EB4D5C71F99B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash FB4B621DB43D52226B8167E0396B3315 - C:\Users\Nick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\gophoto@gophoto.it.xpi" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\{0fb802e0-ccb5-4669-a47f-267367ebb8d2}" deleted "C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\7lcf06ak.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[] dednnpigldgdbpgcdpfppmlcnnbjciel - C:\Users\Nick\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Nick\AppData\Roaming\Delta\delta.crx[] jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[] jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click11.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] lpmkgpnbiojfaoklbkpfneikocaobfai - C:\Users\Nick\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\Nick\AppData\Local\Temp\YontooLayers.crx[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Nick\AppData\Local\Smartbar/Application\1Extension.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[] General Crawler - Administrator - Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Babylon Chrome OCR - Administrator - Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Delta Toolbar - Administrator - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Torntv - Administrator - Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf 1Click Downloader - Administrator - Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh Skype Click to Call - Administrator - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl BcoolApp - Administrator - Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace GoPhoto.it - Administrator - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Snap.Do - Nick - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl General Crawler - Nick - Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Babylon Translator - Nick - Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Delta Toolbar - Nick - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde 1Click Downloader - Nick - Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh Skype Click to Call - Nick - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl GoPhoto.it - Nick - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ==== Chrome Fix ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jplinpmadfkdgipabgcdchbdikologlh_0.localstorage deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jplinpmadfkdgipabgcdchbdikologlh_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=74a9f092000000000000f67bcb760523" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=74a9f092000000000000f67bcb760523" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9DF3E334-DBB3-4D1E-BA2D-C3BD85BE27A3} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9DF3E334-DBB3-4D1E-BA2D-C3BD85BE27A3} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-56756089-870219968-2889249409-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\Nick\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe C:\Users\Nick\Desktop\Core Temp.lnk - C:\Program Files (x86)\Core Temp\Core Temp.exe C:\Users\Nick\Desktop\Counter-Strike Source.lnk - C:\Program Files (x86)\Steam\Steam.exe -applaunch 240 C:\Users\Nick\Desktop\FL Studio 10 (extended memory).lnk - C:\Program Files (x86)\Image-Line\FL Studio 10\FL (extended memory).exe C:\Users\Nick\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\Users\Nick\Desktop\FrostWire - Snelkoppeling.lnk - C:\Users\Nick\AppData\Local\VirtualStore\Program Files (x86)\FrostWire C:\Users\Nick\Desktop\FrostWire 5.3.8.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe C:\Users\Nick\Desktop\gta_sa.exe - Snelkoppeling.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe C:\Users\Nick\Desktop\HiJackThis.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Nick\Desktop\InfraRecorder..lnk - C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe C:\Users\Nick\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Nick\Desktop\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Nick\Desktop\Prisma Nederlands.lnk - C:\Program Files (x86)\Prisma\N-N\Prisma.exe C:\Users\Nick\Desktop\Spotify.lnk - C:\Users\Nick\AppData\Roaming\Spotify\spotify.exe C:\Users\Nick\Desktop\Windows Live Messenger .lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Nick\Desktop\spullen\videos enzo\Create instant home movies.lnk - C:\Program Files (x86)\muvee Technologies\muvee Reveal - SE\muveereveal.exe C:\Users\Nick\Desktop\spullen\videos enzo\FL Studio 10.lnk - C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe C:\Users\Nick\Desktop\spullen\videos enzo\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\Nick\Desktop\spullen\videos enzo\Photoshop.exe - Snelkoppeling.lnk - C:\Users\Nick\Documents\photoshop cs3\Photoshop.exe C:\Users\Nick\Desktop\spullen\videos enzo\Vegas Pro 11.0.lnk - C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe C:\Users\Nick\Desktop\spullen\videos enzo\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\BitComet.lnk - C:\Program Files (x86)\BitComet\BitComet.exe C:\Users\Public\Desktop\De Sims™ 3 Showtime.lnk - C:\Users\Public\Desktop\De Sims™ 3.lnk - C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com C:\Users\Public\Desktop\Samsung New PC Studio.lnk - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe C:\Users\Public\Desktop\WildTangent Games App - hp.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src desktop /dp hplaptop ==== shortcuts in Users Start Menu ====================== C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Nick\AppData\Roaming\Spotify\spotify.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Rip DVD.lnk - C:\Program Files (x86)\VirtualDJ\ripdvd.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Rip Vinyl.lnk - C:\Program Files (x86)\VirtualDJ\ripvinyl.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup Audio.lnk - C:\Users\Nick\Documents\VirtualDJ\VirtualDJ 7 - Audio Setup Guide.pdf C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup QuickStart.lnk - C:\Users\Nick\Documents\VirtualDJ\VirtualDJ 7 - Getting Started.pdf C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Uninstall VirtualDJ Home FREE.lnk - C:\Windows\SysWOW64\msiexec.exe /x {A6AC699F-8315-40CA-8F70-E917494978AB} C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\User Guide.lnk - C:\Users\Nick\Documents\VirtualDJ\VirtualDJ 7 - User Guide.pdf C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\PC Helpforum - Gratis hulp bij computer problemen - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {0ACC2993-2058-4BE7-9A92-9DCDAA9B3412} REMOVE=ALL ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.3.lnk - C:\Users\Nick\Music\mijn muziek\FrostWire\FrostWire.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk - C:\Users\Nick\Music\mijn muziek\FrostWire\FrostWire.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.8.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Windows\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src quicklaunch /dp hplaptop C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BitComet.lnk - C:\Program Files (x86)\BitComet\BitComet.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word.lnk - C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="<local>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: BroadWave Audio Streaming Server (BroadWaveService) - Unknown owner - C:\Program Files (x86)\NCH Swift Sound\BroadWave\broadwave.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\48xjxz32.default\Cache emptied successfully C:\users\Nick\AppData\Local\Mozilla\Firefox\Profiles\7lcf06ak.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nick\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 09/07/2013 at 23:47:10,58 ======================
- 9 juli 2013
- 9 antwoorden
BSOD ntoskrnl.exe

Dasle reageerde op Red_Sparowe's topic in Archief Windows Algemeen

Heb je drivers voor het toetsenbord geïnstalleerd, welke Logitech?
- 9 juli 2013
- 104 antwoorden
qvo6.com als startpagina

Dasle plaatste een topic in Archief Bestrijding malware & virussen

Heb de laptop van een kennis met qvo6.com als startpagina. Hieronder alvast een HJT logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:22:29, on 9/07/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe C:\Windows\SysWOW64\mmrtkrnl.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Phpnuke.org - Gratis downloads bibliotheek R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=BE&userid=0fb802e0-ccb5-4669-a47f-267367ebb8d2&searchtype=ds&q={searchTerms}&installDate=28/02/2013 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 37.221.160.35 iMeetzu - Meet a stranger. Chatroulette, Omegle, and Camzap alternative with a social network and free online dating site! O1 - Hosts: 37.221.160.35 imeetzu.com O1 - Hosts: 37.221.160.35 Omegle: Talk to strangers! O1 - Hosts: 37.221.160.35 omegle.com O1 - Hosts: 37.221.160.35 RuneScape – MMORPG – Free Online Fantasy Adventure Game | Strategy Games O1 - Hosts: 37.221.160.35 runescape.com O1 - Hosts: 37.221.160.35 google.com O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 tie-a-tie.net O1 - Hosts: 37.221.160.35 Tie-a-Tie.net | Learn How to Tie a Tie O1 - Hosts: 37.221.160.35 Home - How To Train Your Dragon O1 - Hosts: 37.221.160.35 howtotrainyourdragonbooks.com O1 - Hosts: 37.221.160.35 oneclickroot.com O1 - Hosts: 37.221.160.35 One Click Root | Android Rooting Software O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O1 - Hosts: 37.221.160.35 Google O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: dutch.ilsc.org Toolbar - {37295164-6894-4f93-ad7d-b7de830dbb96} - C:\Program Files (x86)\dutch.ilsc.org\tbdutc.dll O2 - BHO: Elf 1.12 - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files (x86)\Elf_1.12\prxtbElf_.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll O2 - BHO: Utubebario Toolbar - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files (x86)\Utubebario\tbUtu0.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Elf 1.13 - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll O2 - BHO: Elf 1.15 - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - C:\Program Files (x86)\Elf_1.15\prxtbElf_.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: dutch.ilsc.org Toolbar - {37295164-6894-4f93-ad7d-b7de830dbb96} - C:\Program Files (x86)\dutch.ilsc.org\tbdutc.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll O3 - Toolbar: Utubebario Toolbar - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files (x86)\Utubebario\tbUtu0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - C:\Program Files (x86)\Elf_1.15\prxtbElf_.dll O3 - Toolbar: Elf 1.13 Toolbar - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll O3 - Toolbar: Elf 1.12 Toolbar - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files (x86)\Elf_1.12\prxtbElf_.dll O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nick\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nick\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\wi3c8a~1\datamngr\datamngr.dll c:\progra~2\wi3c8a~1\datamngr\iebho.dll c:\progra~2\vaudix\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll c:\progra~2\browse~1\sprote~1.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: BroadWave Audio Streaming Server (BroadWaveService) - Unknown owner - C:\Program Files (x86)\NCH Swift Sound\BroadWave\broadwave.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 24731 bytes
- 8 juli 2013
- 9 antwoorden
Zwart beeld na opstartscherm maar safe modus lukt wel

Dasle reageerde op Jormu's topic in Archief Windows Algemeen

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.
- 8 juli 2013
- 15 antwoorden
Multiple BSOD & random crashes

Dasle reageerde op FragmentQ's topic in Archief Windows Algemeen

Download en installeer Speccy. Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren. Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is. Start nu het programma en er zal een overzicht gemaakt worden van je hardware. Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ". In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware
- 8 juli 2013
- 14 antwoorden
Cars Logo

Dasle reageerde op srr's topic in Archief Photoshop & Grafisch Ontwerp

op PCH Suzanne, Heb een eigen topic voor je aangemaakt, zo blijft het voor iedereen overzichtelijk. ;-)
- 8 juli 2013
- 9 antwoorden
BSOD ntoskrnl.exe

Dasle reageerde op Red_Sparowe's topic in Archief Windows Algemeen

Zou het even afwachten of de BSOD's weg blijven, vanwaar heb je Steam gedownload en geïnstalleerd?
- 7 juli 2013
- 104 antwoorden
PC - Zwart scherm, heropstart. Random

Dasle reageerde op Kiwiandapple's topic in Archief Hardware algemeen

Had je voorheen ook je systeem overclockt, want dat zorgt vaak ook voor BSOD's en soms wel eens na een hele tijd.
- 7 juli 2013
- 74 antwoorden
BSOD ntoskrnl.exe

Dasle reageerde op Red_Sparowe's topic in Archief Windows Algemeen

Dan zijn één van deze programma's verantwoordelijk voor de crashes, ik kom wel eens vaker crashes tegen met Steam die deze BSOD's veroorzaken en moeilijk te achterhalen zijn. Vaak zijn de gegevens hieromtrent erg vaag, verwijder Steam eens en lost het verwijderen ervan je probleem op?
- 7 juli 2013
- 104 antwoorden
NTOSKRNL.EXE Blue screen of death

Dasle reageerde op RScheepers's topic in Archief Windows Algemeen

Hoe lang heb je deze laptop al en is deze al ooit stofvrij gemaakt?
- 5 juli 2013
- 74 antwoorden
PC "bevriest" herhaaldelijk na lang aanstaan

Dasle reageerde op Unclejack's topic in Archief Hardware algemeen

Daar je de SATA kabel al gewisseld hebt is de kans dat deze de oorzaak is misschien klein, maar niet geschoten is altijd mis. ;-) Een HD kan op velerlei manieren stuk gaan of voor problemen zorgen, de platters waar je eigenlijke data op staat controleer je met b.v een errorscan en deze was goed. Wat bij jou nu het geval is en als je het dan hebt over vrij veel gebruik kan wijzen op een defect op het PCB waar een onderdeel mogelijk door de warmte niet goed meer werkt. Maar hetzelfde geldt in principe voor je SATA controller die zich op het moederbord bevindt, enkel het uittesten op b.v een ander moederbord kan hier verduidelijking in brengen.
- 5 juli 2013
- 20 antwoorden
PC "bevriest" herhaaldelijk na lang aanstaan

Dasle reageerde op Unclejack's topic in Archief Hardware algemeen

Het is wel aangeraden om alle belangrijke bestanden veilg te stellen op een externe HD, cd of dvd media. Zoals je ziet in het venster van de benchmarks zakt de snelheid van de HD vaker weg wat heel waarschijnlijk je probleem veroorzaakt. Nu zijn er verschillende opties, je HD kan stuk zijn of de SATA controller op je moederbord is defect. Je zou voor de zekerheid je SATA kabel nog eens kunnen checken of vervangen mocht je een ander exemplaar bij de hand hebben. Als je de HD op een andere pc kan aansluiten zou ik dit zeker even uitproberen, en test dan de HD nog eens met HDTune. Geeft dit een gelijkaardig resultaat is de kans wel reëel dat je HD stuk is. Functioneert je HD zonder problemen bestaat de mogelijkheid dat je SATA controller defect is.
- 4 juli 2013
- 20 antwoorden
webcam

Dasle reageerde op -CNDRT's topic in Archief Hardware algemeen

Druk op de Windows + R toets en typ in het uitvoervenster devmgmt.msc en druk op Enter. Rechtsklik in apparaatbeheer op het onbekende apparaat (webcamapparaat) en kies Eigenschappen. Ga naar het tabblad Details. Onder Eigenschap: kies je Hardware-id's. Onder Waarde: vermeld de gegevens in de eerste regel en post deze in je volgende bericht.
- 3 juli 2013
- 3 antwoorden
Alleen online games blijven crashen

Dasle reageerde op imbaco's topic in Archief Hardware algemeen

Klopt het dat je geen actieve virusscanner gebruikt op je pc? Welke voeding gebruik je in dit systeem, de gegevens vind je op een label aan de zijkant op de voeding.
- 3 juli 2013
- 4 antwoorden
PC - Zwart scherm, heropstart. Random

Dasle reageerde op Kiwiandapple's topic in Archief Hardware algemeen

Goed te horen dat de firmware update probleemloos is verlopen. Dan is het idd afwachten of de problemen zich nog voordoen. Houd ons maar op de hoogte van de verdere ontwikkelingen ;-)
- 3 juli 2013
- 74 antwoorden
PC "bevriest" herhaaldelijk na lang aanstaan

Dasle reageerde op Unclejack's topic in Archief Hardware algemeen

De tests van je HD zijn goed en is zover niets op aan te merken. In het Speccy logje zie ik dat je diverse geheugen modules gebruikt, dit is een punt waar vaak geen aandacht aan word gegeven. Mochten de problemen zich weer voor doen zou ik de geheugen module van Corsair eens verwijderen en afwachten of dit verbetering geeft.
- 3 juli 2013
- 20 antwoorden
NTOSKRNL.EXE Blue screen of death

Dasle reageerde op RScheepers's topic in Archief Windows Algemeen

Het scheelt maar zo'n 4°C , de laptop heeft uitgestaan en op het moment dat je het nieuwe logje maakt staat je laptop zo'n 8 min aan. In Speccy worden de temperaturen realtime weergegeven, laat je virusscanner eens een volledige systeemscan doen en kijk dan eens hoever de temperatuur van je processor oploopt.
- 3 juli 2013
- 74 antwoorden
Alleen online games blijven crashen

Dasle reageerde op imbaco's topic in Archief Hardware algemeen

Download en installeer Speccy. Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren. Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is. Start nu het programma en er zal een overzicht gemaakt worden van je hardware. Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ". In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware Download Blue Screen View. Start het programma op. Je zal nu een overzicht krijgen van de laatste foutmeldingen en Minidumps (.dmp-bestand). Selecteer het eerste bestand uit de lijst onder Dump File en druk op Ctrl+A Klik vervolgens op File (Bestand) en daarna op Save Selected Items (geselecteerde items opslaan) (Ctrl+S) Sla het bestand op je bureaublad op. Voeg nu het bestand toe aan je volgend bericht. Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.
- 3 juli 2013
- 4 antwoorden
NTOSKRNL.EXE Blue screen of death

Dasle reageerde op RScheepers's topic in Archief Windows Algemeen

Toen je het logje maakte was je hier op het forum, had je toen systeem belastende programma's draaien. Want blijkbaar word je laptop veel te warm. 68°C is veel te hoog. Te hoge temperaturen van een PC / laptop worden meestal veroorzaakt door een te hoog stofgehalte. Om dit op een veilige manier te verwijderen verwijzen we graag naar deze zeer duidelijke uitleg. Neem de tips grondig door en doe het nodige om je systeem stofvrij te (laten) maken…nadien kan je ons dan de nieuwe resultaten van Speccy bezorgen.
- 3 juli 2013
- 74 antwoorden
NTOSKRNL.EXE Blue screen of death

Dasle reageerde op RScheepers's topic in Archief Windows Algemeen

Download en installeer Speccy. Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren. Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is. Start nu het programma en er zal een overzicht gemaakt worden van je hardware. Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ". In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware
- 3 juli 2013
- 74 antwoorden
PC "bevriest" herhaaldelijk na lang aanstaan

Dasle reageerde op Unclejack's topic in Archief Hardware algemeen

Download HD Tune en sla het bestand op. Installeer HD Tune en start deze na de installatie op. Vervolgens ga je naar het tabblad Error Scan, selecteer de harde schijf die je wil controleren en druk op Start. De controle kan een hele tijd in beslag nemen afhankelijk van de grootte van de te controleren harde schijf. Wat is het resultaat van deze test? Vervolgens ga je naar het tabblad Benchmark, selecteer de harde schijf die je wil testen en druk op Start. Maak een screenshot als de test klaar is en plaats deze in je volgende bericht.
- 3 juli 2013
- 20 antwoorden
PC - Zwart scherm, heropstart. Random

Dasle reageerde op Kiwiandapple's topic in Archief Hardware algemeen

Dit kun je helaas niet uitvoeren in Veilige modus, je kan dit wel uitvoeren op een andere pc maar dan zal je de SSD even moeten omzetten.
- 3 juli 2013
- 74 antwoorden
NTOSKRNL.EXE Blue screen of death

Dasle reageerde op RScheepers's topic in Archief Windows Algemeen

Dan wachten we af wat Memtest oplevert, misschien dat we daar iets mee kunnen.
- 3 juli 2013
- 74 antwoorden

Inloggen

Profielen

Forums

Store

Alles dat geplaatst werd door Dasle

OVER ONS

SITEMAP

Belangrijke informatie