Brejen
-
Items
305 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Brejen
-
ik heb het ondertussen gevonden maar veel staat er niet in: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK
-
ik heb dit laten runnen. maar de locatie die je beschrijft bestaat niet; Ik kan dus geen logje meegeven. wat moet ik nu doen?
-
Ik kan dit niet downloaden. ER wordt gevraagd naar een username en password om op de server te kunnen. ER is wel een mogelijkheid om anoniem te gaan maar dan kom ik telkens terug op het aanlogscherm terecht (ook na ingeven van een emailadres)
-
die popup van adcash blijkt weg te zijn. Nu is er echter weer iets nieuw: nl : www.rvzr-a.akamaihd.net deze site opent zich soms wanneer ik in gelijk welke site op een hyperlink klik. er verschijnt dan ook een boodschap dat de schijf vol is (is duidelijk niet het geval) en de vraag om fouten in windows te repareren. - - - Updated - - - Helaas: adcase is er ondertussen toch nog.
-
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.03.03 Windows 7 x86 NTFS Internet Explorer 8.0.7600.16385 Erik :: ACER [administrator] Bescherming: Uitgeschakeld 3/02/2014 13:12:00 mbam-log-2014-02-03 (13-12-00).txt Scan type: Volledige scan (C:\|D:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 495182 Verstreken tijd: 4 uur/uren, 31 minuut/minuten, 25 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 5 HKCR\BearShareIEHelper.DNSGuard (PUP.Optional.BearshareTB.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\BearShareIEHelper.DNSGuard.1 (PUP.Optional.BearshareTB.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\MediaPlayerV1alpha771 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3 C:\zoek_backup\C_Users_Erik_AppData_Local_genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\zoek_backup\C_Users_Erik_AppData_Roaming_newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\zoek_backup\C_Program Files_Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
ik vind zowel bij software als in de map die je beschrijft niets dat lijkt op MediaplayerV1 Moet ik eventueel nog ergens anders zoeken?
-
Het werkt een stuk beter maar er is nog steeds een popup van de site 'adcash'. dat verschijnt heel even en dan opent zich weer een reeks andere vensters met wisselende inhoud (reclames)
-
Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Erik on zo 02/02/2014 at 20:55:25,03. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-30-182259.log 11930 bytes C:\zoek-results2014-02-01-134617.log 56579 bytes C:\zoek-results2014-02-01-172357.log 11875 bytes ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1463 folders=278 122256372 bytes) ==== EOF on zo 02/02/2014 at 20:57:14,03 ====================== - - - Updated - - - Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Erik on zo 02/02/2014 at 20:59:43,16. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-30-182259.log 11930 bytes C:\zoek-results2014-02-01-134617.log 56579 bytes C:\zoek-results2014-02-01-172357.log 11875 bytes C:\zoek-results2014-02-02-195714.log 2773 bytes ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Reset Google Chrome ====================== C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Brecht Vanhoof\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Brecht Vanhoof\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Brecht Vanhoof\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Brecht Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Brecht Vanhoof\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\Users\Brecht Vanhoof\Desktop\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Word 2010.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Brecht Vanhoof\Desktop\Minecraft.lnk - E:\.minecraft\Minecraft.exe C:\Users\Erik\Desktop\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe C:\Users\Erik\Desktop\Adobe Photoshop CS.lnk - C:\Program Files\Adobe\Adobe Photoshop CS\Photoshop.exe C:\Users\Erik\Desktop\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico C:\Users\Erik\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Erik\Desktop\Computer.lnk - C:\Users\Erik\Desktop\DATA D.lnk - D:\ C:\Users\Erik\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Erik\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Erik\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Erik\Desktop\Evernote.lnk - C:\Program Files\Evernote\Evernote\Evernote.exe C:\Users\Erik\Desktop\Free YouTube Download.lnk - C:\Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe C:\Users\Erik\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\Desktop\Mazoutverbruik.lnk - \\NETWERKSCHIJF\MyShare\Mijn Documenten\Excel\Mazout opvolging levering en prijs.xls C:\Users\Erik\Desktop\Microsoft Picture It Photo Standard 9.lnk - C:\Users\Erik\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Erik\Desktop\NTI Media Maker 8.lnk - C:\Program Files\NewTech Infosystems\NTI Media Maker 8\DiscLaunchPad.exe C:\Users\Erik\Desktop\OpenOffice3.1 Installeren.lnk - C:\OpenOffice.org 3.1 (nl) Installation Files\setup.exe C:\Users\Jens Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Jens Vanhoof\Desktop\Minecraft - Snelkoppeling.lnk - E:\.minecraft\Minecraft.exe C:\Users\Jens Vanhoof\Desktop\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Patricia Corstjens\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Patricia Corstjens\Desktop\Documenten.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms C:\Users\Patricia Corstjens\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Patricia Corstjens\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Patricia Corstjens\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Patricia Corstjens\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Patricia Corstjens\Desktop\Mijn afbeeldingen.lnk - C:\Users\Erik\Pictures ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk - C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2013.lnk - C:\Program Files\AVG\AVG2013\avgui.exe C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Users\Public\Desktop\eID-Viewer.lnk - C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Users\Public\Desktop\Foto's op TV 3 op cd-dvd.lnk - C:\Program Files\Easy Computing\Foto's op TV 3 op cd-dvd\PhotoTV2.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Public\Desktop\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe C:\Users\Public\Desktop\MAGIX Foto's op CD & DVD 9 deluxe.lnk - C:\Program Files\MAGIX\Fotos_op_CD_DVD_9_deluxe\Fotos_dlx.exe C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe SecurityScanner.dll C:\Users\Public\Desktop\Mufin MusicFinder Base.lnk - C:\Program Files\MAGIX\Mufin MusicFinder\Sonos.exe C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\ROUTE 66 Sync.lnk - C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files\WinZip\WINZIP32.EXE C:\Users\Public\Desktop\µTorrent.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Help.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Spelen.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Verwijderen.lnk - C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk - C:\Users\Patricia Corstjens\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Uninstall Google+ Auto Backup.lnk - C:\Windows\System32\msiexec.exe /x {A50DE037-B5C0-4C8A-8049-B0C576B313D1} ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Installatie ongedaan maken.lnk - C:\Program Files\Google\Picasa3\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa-fotoviewer configureren.lnk - C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe /reconfig ==== shortcuts in Quick Launch ====================== C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wordpad.lnk - C:\Program Files\Windows NT\Accessories\wordpad.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SyncBack.lnk - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1463 folders=278 122256372 bytes) ==== EOF on zo 02/02/2014 at 21:02:01,20 ======================
-
de willekeurige popups blijken in IE opgelost te zijn. IN google chrome duikt er soms nog een probleem op: wanneer ik ergens op een site iets aanklikt opent niet de gewenste pagina maar verschijnt de pagina zoals weergegeven in bijlage. - - - Updated - - - ook volgende pagina opent zich te pas en te onpas in google chrome: http://rvzr-a.akamaihd.net/sd/apps/adinfo-1.0-p/index.html?bj1NZWRpYSBQbGF5ZXImaD1ydnpyLWEuYWthbWFpaGQubmV0JmM9Z3JlZW4mbz13c2FyJmQ9JnQ9MTsyOzM7NDs1OzY7Nzs4Ozk7MTA7MTE7MTI7MTM7MTQmYT00MzAwJnM9MTAwOSZ3PWRpZ2lrcmFudC5uaWV1d3NibGFkLmJlJmI9YmQyJnJkPSZyaT0= Doc1.docx
-
ziehier het gevraagde logje: Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Erik on za 01/02/2014 at 17:45:08,38. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-30-182259.log 11930 bytes C:\zoek-results2014-02-01-134617.log 56579 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util GrabRez deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util GrabRez deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Mobogenie deleted C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense deleted C:\Users\Erik\AppData\Roaming\newnext.me deleted C:\Users\Erik\AppData\Local\genienext deleted C:\Users\Erik\AppData\Local\Mobogenie deleted C:\Users\Erik\AppData\Roaming\DVDVideoSoft deleted C:\Users\Erik\daemonprocess.txt deleted C:\Users\Erik\.android deleted C:\Program Files\MediaPlayerV1 deleted C:\Users\Erik\AppData\Local\cache deleted "C:\Program Files\GrabRez\updateGrabRez.exe" deleted "C:\Program Files\GrabRez\updateGrabRez.exe" deleted "C:\Program Files\GrabRez\bin\utilGrabRez.exe" deleted "C:\Program Files\GrabRez\bin\utilGrabRez.exe" deleted "C:\Program Files\GrabRez" not deleted "C:\Program Files\GrabRez" not deleted "C:\Program Files\GrabRez\bin" not deleted "C:\Program Files\GrabRez\bin" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid.xpi ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Erik\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[] YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl DvdVideoSoft Free Youtube Download - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha771.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\Nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Empty IE Cache ====================== C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1463 folders=278 122256372 bytes) ==== Empty Temp Folders ====================== C:\Users\Brecht Vanhoof\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Temp emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Erik\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Erik\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\GrabRez" not found "C:\Program Files\GrabRez" not found ==== EOF on za 01/02/2014 at 18:23:57,95 ======================
-
Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Erik on za 01/02/2014 at 14:28:49,59. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-30-182259.log 11930 bytes ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Program Files\Fingerprint Sensor\AtService.exe C:\Program Files\Acer Bio Protection\CompPtcVUI.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Acer\Registration\GregHSRW.exe C:\Program Files\Acer Bio Protection\BASVC.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\GrabRez\updateGrabRez.exe C:\Windows\system32\taskhost.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\GrabRez\bin\utilGrabRez.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Launch Manager\LManager.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVG\AVG2014\avgnsx.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Windows\PLFSetI.exe C:\Program Files\AVG\AVG2014\avgemcx.exe C:\Program Files\Acer Bio Protection\PdtWzd.exe C:\Program Files\AVG\AVG2014\avgrsx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Users\Erik\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\rundll32.exe C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Users\Erik\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ==== System Specs ====================== Windows: Windows 7 Professional Edition (Build 7600) Memory (RAM): 3001 MB CPU Info: Intel® Core2 Duo CPU T6570 @ 2.10GHz CPU Speed: 2079.2 MHz Sound Card: Speakers (Realtek High Definiti | Luidsprekers (Bluetooth AV Audi | Luidsprekers (Bluetooth SCO Aud | Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Bluetooth PAN Network Adapter | Microsoft Virtual WiFi Miniport Adapter | Intel® WiFi Link 1000 BGN | Broadcom NetXtreme Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N Ports: COM19 | COM20 | COM21 | COM22 | COM23 | COM24 | COM25 | COM26 | COM27 | COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 150.0GB | D: 125.0GB Hard Disks - Free: C: 96.0GB | D: 113.7GB Manufacturer *: Phoenix BIOS Info: AT/AT COMPATIBLE | 10/27/09 | ACRSYS - 6040000 Time Zone: Romance (standaardtijd) Motherboard *: Acer Monserrat Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Internet Explorer version: 8.0.7600.16385 Google Chrome version: 32.0.1700.102 Adobe Reader version: 11.0.06.70 Sun Java version: 1.6.0_30 (32-bit) Flash Player version: 11.9.900.170 Shockwave Player version: 11.6.3r633 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Erik\AppData\Local\Temp ==== 2014-02-01 07:46:25 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-01-31 15:15:09 047B5AF68447F3BA140DE1AAAC4E8A51 10363208 ----a-w- C:\Users\Erik\AppData\Local\Temp\BackupSetup.exe 2014-01-30 19:26:49 ACCF09B6587E31C57E575D6FEE5ADA28 904272 ----a-w- C:\Users\Erik\AppData\Local\Temp\utt5397.tmp.exe 2014-01-30 18:37:05 5FC1DF7FF1E2A4D3C521E6C8B783BF51 19212504 ----a-w- C:\Users\Erik\AppData\Local\Temp\setupA9_.exe 2014-01-30 18:36:06 FF01A15A4F4C0A7D260041F478CC4992 5960608 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsj2B18\SpSetup.exe 2014-01-30 18:35:46 E9D0C26F1A7E8A0818DC305CFC990CB6 331776 ----a-w- C:\Users\Erik\AppData\Local\Temp\setup__270.exe 2014-01-30 18:26:33 B2994EC6452DBD04E57828EEFEDFB93C 204800 ----a-w- C:\Users\Erik\AppData\Local\Temp\RtkBtMnt.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nszB754.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsz6A3B.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsx4119.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsuB2A2.exe 2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nst6E60.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-01-29 18:00:29 0A9115A5FE3D646F897CEFA7508B217C 3792 ----a-w- C:\Windows\System32\.crusader ====== C:\Windows\system32\drivers ===== 2014-01-30 11:15:28 CE77439BAF613019D6B7658292D1E4A6 30976 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 18:37:24 -------- d-----w- C:\Program Files\Mobogenie 2014-01-30 18:35:32 -------- d-----w- C:\Program Files\GrabRez 2014-01-29 17:36:33 -------- d-----w- C:\Program Files\Enigma Software Group 2014-01-29 15:39:44 -------- d-----w- C:\Program Files\MediaPlayerV1 ======= C: ===== 2014-01-30 12:02:03 572DD569F3B1A19A224AF20F2876BCBE 1516 ----a-w- C:\AdwCleaner[s2].txt ====== C:\Users\Erik\AppData\Roaming ====== 2014-01-31 15:15:28 -------- d-----w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense 2014-01-30 18:37:55 -------- d-----w- C:\Users\Erik\AppData\Local\cache 2014-01-30 18:37:52 -------- d-----w- C:\Users\Erik\AppData\Roaming\newnext.me 2014-01-30 18:37:51 -------- d-----w- C:\Users\Erik\AppData\Local\genienext 2014-01-30 18:37:50 -------- d-----w- C:\Users\Erik\AppData\Local\Mobogenie 2014-01-30 18:22:59 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-01-30 18:22:59 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-01-30 18:22:59 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Temp 2014-01-30 18:22:57 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Local\Temp 2014-01-30 18:22:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-01-30 18:22:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-01-30 18:22:56 -------- d-----w- C:\Users\Brecht Vanhoof\AppData\Local\Temp 2014-01-30 18:22:55 -------- d-----w- C:\Users\Erik\AppData\Local\Temp 2014-01-26 10:47:28 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Roaming\vlc 2014-01-12 19:27:24 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-12 19:27:20 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Programs ====== C:\Users\Erik ====== 2014-01-30 18:37:59 -------- d-----w- C:\Users\Erik\.android 2014-01-30 18:37:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Erik\daemonprocess.txt 2014-01-30 15:19:27 -------- d-----r- C:\Users\Erik\Documents 2014-01-30 11:32:34 C09E8D90AE0B1D0B3751E02A60EC0B37 4721144 ----a-w- C:\Users\Erik\Downloads\ccsetup410pro.exe 2014-01-30 11:24:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Erik\Downloads\RSIT.exe 2014-01-29 17:37:02 -------- d-----w- C:\ProgramData\HitmanPro 2014-01-29 17:22:14 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner (1).exe 2014-01-29 17:20:22 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner.exe 2014-01-29 15:39:54 C54D87D5197F04000EE0206C5BC1306C 610 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-01-31 15:07:00 8C0B58BC1379E9D9CCD3FC6E408ABF68 42264 ----a-w- C:\Program Files\GrabRez\bin\GrabRezBrowserFilter.exe 2014-01-30 19:38:48 518ABEE84A85C0CF2F74D760AFBB8EC3 103192 ----a-w- C:\Program Files\GrabRez\bin\utilGrabRez.exe 2014-01-30 18:35:44 385E57325710AD0CD12AC2194598EC91 241195 ----a-w- C:\Program Files\GrabRez\GrabRezUninstall.exe 2014-01-29 23:28:04 518ABEE84A85C0CF2F74D760AFBB8EC3 103192 ----a-w- C:\Program Files\GrabRez\updateGrabRez.exe 2014-01-29 15:39:46 581AF36CE34CCE05A23246B157BA52B0 453321 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\uninstall.exe 2014-01-29 12:47:50 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe === C: other files == 2014-02-01 07:46:24 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\modules.bat 2014-02-01 07:46:24 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\chrome.bat 2014-02-01 07:46:24 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\firefox.bat 2014-02-01 07:46:24 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\FWPolicy.bat 2014-02-01 07:46:24 B7D46D5BC21F69EFEEFFC15060E423AC 154167 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\misc.bat 2014-02-01 07:46:24 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\ask.bat 2014-02-01 07:46:24 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\ev_clear.bat 2014-02-01 07:46:24 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\iexplore.bat 2014-02-01 07:46:24 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\runvalues.bat 2014-02-01 07:46:24 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\delorphans.bat 2014-02-01 07:46:24 5AE8F4442CA6D69FE9A6738E8DB411F2 10261 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\JRT.bat 2014-02-01 07:46:24 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\prelim.bat 2014-02-01 07:46:24 55D97CE5B1A61AD51F887E46550029F6 16063 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\get.bat 2014-02-01 07:46:24 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\searchlnk.bat 2014-02-01 07:46:24 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\TDL4.bat 2014-02-01 07:46:24 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\medfos.bat 2014-02-01 07:46:24 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\delfolders.bat 2014-01-30 19:26:58 C3133F7E225E3CBBF87AD1B46EF32A97 94 ----a-w- C:\Users\Erik\AppData\Local\Temp\utt7438.tmp.bat 2014-01-30 15:41:48 94D604C463AB446869591F441A277F2E 30695 ----a-w- C:\Users\Erik\Downloads\berichten.zip 2014-01-28 16:52:30 62B81AE897DEFB1DBD4F592AF424E1F4 38266 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ch\MediaPlayerV1alpha771.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ecSetupX.exe"="E:\ecSetupX.exe E: 3" "Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray" "NextLive"="C:\Windows\system32\rundll32.exe C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "LManager"="C:\Program Files\Launch Manager\LManager.EXE" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "VitaKeyPdtWzd"="C:\Program Files\Acer Bio Protection\PdtWzd.exe" "NeroCheck"="C:\Windows\system32\NeroCheck.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" "AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup" "ROUTE66Sync"="C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ecSetupX.exe"="E:\ecSetupX.exe E: 3" "Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray" "NextLive"="C:\Windows\system32\rundll32.exe C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l" ==== Startup Folders ====================== 2013-09-21 07:05:39 1118 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk 2013-09-21 07:06:41 1274 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-05-10 06:32:18 1105 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk 2012-11-03 19:54:31 1274 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-11-06 15:20:49 2016 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2013 13:48] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55] C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17/01/2013 22:16] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\{00E7A93D-6B2F-4512-A114-C826A9818220}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\{5B7CD2D7-8410-4E34-B763-CA99E9F49709}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\{9480DC58-7F82-4234-AA58-7DCA75943ADC}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe] "C:\Windows\system32\tasks\{FB61D383-FDB4-4020-B889-7BC02D0B800C}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" [29/01/2014 17:01] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid.xpi ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Erik\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[28/09/2012 16:13] YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl DvdVideoSoft Free Youtube Download - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== shortcuts on Users Desktops ====================== C:\Users\Brecht Vanhoof\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Brecht Vanhoof\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Brecht Vanhoof\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Brecht Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Brecht Vanhoof\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\Users\Brecht Vanhoof\Desktop\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\Brecht Vanhoof\Desktop\Microsoft Word 2010.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Brecht Vanhoof\Desktop\Minecraft.lnk - E:\.minecraft\Minecraft.exe C:\Users\Erik\Desktop\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe C:\Users\Erik\Desktop\Adobe Photoshop CS.lnk - C:\Program Files\Adobe\Adobe Photoshop CS\Photoshop.exe C:\Users\Erik\Desktop\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico C:\Users\Erik\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Erik\Desktop\Computer.lnk - C:\Users\Erik\Desktop\DATA D.lnk - D:\ C:\Users\Erik\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Erik\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Erik\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Erik\Desktop\Evernote.lnk - C:\Program Files\Evernote\Evernote\Evernote.exe C:\Users\Erik\Desktop\Free YouTube Download.lnk - C:\Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe C:\Users\Erik\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\Desktop\Mazoutverbruik.lnk - \\NETWERKSCHIJF\MyShare\Mijn Documenten\Excel\Mazout opvolging levering en prijs.xls C:\Users\Erik\Desktop\Microsoft Picture It Photo Standard 9.lnk - C:\Users\Erik\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Erik\Desktop\NTI Media Maker 8.lnk - C:\Program Files\NewTech Infosystems\NTI Media Maker 8\DiscLaunchPad.exe C:\Users\Erik\Desktop\OpenOffice3.1 Installeren.lnk - C:\OpenOffice.org 3.1 (nl) Installation Files\setup.exe C:\Users\Jens Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Jens Vanhoof\Desktop\Minecraft - Snelkoppeling.lnk - E:\.minecraft\Minecraft.exe C:\Users\Jens Vanhoof\Desktop\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Patricia Corstjens\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe C:\Users\Patricia Corstjens\Desktop\Documenten.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms C:\Users\Patricia Corstjens\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Patricia Corstjens\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe C:\Users\Patricia Corstjens\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Users\Patricia Corstjens\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Patricia Corstjens\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Patricia Corstjens\Desktop\Mijn afbeeldingen.lnk - C:\Users\Erik\Pictures ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk - C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2013.lnk - C:\Program Files\AVG\AVG2013\avgui.exe C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Users\Public\Desktop\eID-Viewer.lnk - C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Users\Public\Desktop\Foto's op TV 3 op cd-dvd.lnk - C:\Program Files\Easy Computing\Foto's op TV 3 op cd-dvd\PhotoTV2.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Public\Desktop\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe C:\Users\Public\Desktop\MAGIX Foto's op CD & DVD 9 deluxe.lnk - C:\Program Files\MAGIX\Fotos_op_CD_DVD_9_deluxe\Fotos_dlx.exe C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe SecurityScanner.dll C:\Users\Public\Desktop\Mufin MusicFinder Base.lnk - C:\Program Files\MAGIX\Mufin MusicFinder\Sonos.exe C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\ROUTE 66 Sync.lnk - C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files\WinZip\WINZIP32.EXE C:\Users\Public\Desktop\µTorrent.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Help.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Spelen.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Verwijderen.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\Uninstall SaveSense.lnk - C:\Program Files\SaveSense\uninst.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk - C:\Users\Patricia Corstjens\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Uninstall Google+ Auto Backup.lnk - C:\Windows\System32\msiexec.exe /x {A50DE037-B5C0-4C8A-8049-B0C576B313D1} ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Installatie ongedaan maken.lnk - C:\Program Files\Google\Picasa3\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa-fotoviewer configureren.lnk - C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe /reconfig ==== shortcuts in Quick Launch ====================== C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wordpad.lnk - C:\Program Files\Windows NT\Accessories\wordpad.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SyncBack.lnk - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== HijackThis Entries ====================== O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezbho.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ROUTE66Sync] C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ecSetupX.exe] E:\ecSetupX.exe E: 3 O4 - HKCU\..\Run: [Netdrive] C:\Program Files\NetDrive\netdrive.exe -tray O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Erik\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: *.dexia.be O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.extrafilm.be/ImageUploader5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Update GrabRez - Unknown owner - C:\Program Files\GrabRez\updateGrabRez.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: Util GrabRez - Unknown owner - C:\Program Files\GrabRez\bin\utilGrabRez.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1249 folders=206 106137352 bytes) ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Jens Vanhoof\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2BPSE5E8\neave.com" not found ==== EOF on za 01/02/2014 at 14:46:17,95 ======================
-
Sorry, ik had JRT nog niet laten lopen. Zie in bijlage het gevraagde logje. JRT.txt
-
bettersurf lijkt weg te zijn maar ik krijg in mijn internet explorer en google chrome nog steeds hatelijke popups (Ad options staat er onder). Ook openen er regelmatig nieuwe vensters. het probleem lijkt dus niet helemaal weg te zijn.
-
ziehier het logje na het runnen van adwcleaner # AdwCleaner v3.018 - Report created 31/01/2014 at 16:32:10 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Professional (32 bits) # Username : Erik - ACER # Running from : C:\Users\Erik\AppData\Local\Temp\dlmA5A1.tmp\adwcleaner.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : BackupStack ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup File Deleted : C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk File Deleted : C:\Users\Erik\Desktop\MyPC Backup.lnk ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.16800 -\\ Mozilla Firefox v [ File : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ] -\\ Google Chrome v32.0.1700.102 [ File : C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9363 octets] - [29/01/2014 18:22:27] AdwCleaner[R1].txt - [3682 octets] - [31/01/2014 16:15:26] AdwCleaner[R2].txt - [2054 octets] - [31/01/2014 16:26:53] AdwCleaner[s0].txt - [9660 octets] - [29/01/2014 18:27:15] AdwCleaner[s2].txt - [1862 octets] - [31/01/2014 16:32:10] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1922 octets] ##########
-
Ik blijf nog steeds eigenaardige boodschappen krijgen: popup venster met boodschap 'message important'. met reclame in van Carrefour. wanneer ik dit wegklik opent weer een nieuw venster enz. er is dus duidelijk nog iets mis. - - - Updated - - - Misschien nog belangrijk om te melden. deze popups verschijnen zowel in de internet explorer als in google chrome;
-
zie hier het antwoord: Zoek.exe v5.0.0.0 Updated 29-January-2014 Tool run by Erik on do 30/01/2014 at 18:39:53,43. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 30/01/2014 18:57:20 Zoek.exe System Restore Point Created Succesfully. ==== Creating Sample_20143001_1915.zip ====================== Process iexplore.exe killed Process chrome.exe killed Copied file C:\Users\Erik\IE9-Windows7-x86-nld.exe to sample\IE9-Windows7-x86-nld.exe sample\IE9-Windows7-x86-nld.exe renamed to 2CF6AB5D77623BBE24ACC41D056E3404 C:\Users\Public\Desktop\sample_20143001_1915.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9609A5E6-0D8D-4ED6-9E10-A0D489C2EDA0} deleted successfully HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F325E84-1052-4136-A403-A75F784F22FA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.3.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.3.0 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20143001_1916_.backup ==== Deleting Files \ Folders ====================== C:\Windows\system32\tasks\{29B37835-9615-4324-8513-A6E60D2336D2} deleted C:\Windows\system32\tasks\{7AE8CE79-F139-4876-8529-B2D6F0A5A23E} deleted C:\Windows\system32\tasks\{86823B10-95B7-40E8-BFDE-01EA6FCDA7AC} deleted C:\Windows\system32\tasks\{9352D302-6F0B-4A11-B291-D3F90E571521} deleted C:\Windows\system32\tasks\{D2AEAD89-0831-4950-8BE7-90D1C8C9CD88} deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\BearShare Applications\MediaBar deleted C:\extensions.sqlite deleted C:\extensions.ini deleted C:\extensions deleted C:\Users\Erik\AppData\Local\BearShare deleted C:\Users\Brecht Vanhoof\AppData\LocalLow\wincorebsband deleted C:\Users\Brecht Vanhoof\AppData\LocalLow\mediabarbs deleted C:\Users\Brecht Vanhoof\AppData\LocalLow\DataMngr deleted C:\Users\Brecht Vanhoof\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Erik\AppData\LocalLow\wincorebsband deleted C:\Users\Erik\AppData\LocalLow\mediabarbs deleted C:\Users\Erik\AppData\LocalLow\DataMngr deleted C:\Users\Jens Vanhoof\AppData\LocalLow\wincorebsband deleted C:\Users\Jens Vanhoof\AppData\LocalLow\mediabarbs deleted C:\Users\Jens Vanhoof\AppData\LocalLow\DataMngr deleted C:\Users\Jens Vanhoof\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Patricia Corstjens\AppData\LocalLow\wincorebsband deleted C:\Users\Patricia Corstjens\AppData\LocalLow\mediabarbs deleted C:\Users\Patricia Corstjens\AppData\LocalLow\DataMngr deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\prefs.js deleted C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi deleted C:\Users\Erik\IE9-Windows7-x86-nld.exe deleted "C:\Users\Patricia Corstjens\AppData\LocalLow\uTorrentBar_NL" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" [29/01/2014 17:01] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid.xpi ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Erik\AppData\Local\Temp\crx4ED0.tmp[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Erik\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[28/09/2012 16:13] Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=travelmate_7730&r=27050110q816l0383z2l5x59m1g949" "Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=travelmate_7730&r=27050110q816l0383z2l5x59m1g949" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9609A5E6-0D8D-4ED6-9E10-A0D489C2EDA0}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9609A5E6-0D8D-4ED6-9E10-A0D489C2EDA0}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7PRFA_nl" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== Empty IE Cache ====================== C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Brecht Vanhoof\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brecht Vanhoof\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1331 folders=206 113060588 bytes) ==== Empty Temp Folders ====================== C:\Users\Brecht Vanhoof\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jens Vanhoof\AppData\Local\Temp emptied successfully C:\Users\Patricia Corstjens\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Erik\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot
-
dit zou het volledige moeten zijn: Zoek.exe v5.0.0.0 Updated 29-January-2014 Tool run by Erik on do 30/01/2014 at 13:40:23,76. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Downloads\zoek (1).exe [scan all users] [script inserted] ==== System Restore Info ====================== 30/01/2014 13:44:45 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\ALDI deleted successfully C:\Program Files\blinkx Remote Toolbar deleted successfully C:\Program Files\GAMESVOORIEDEREEN.NL deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\OXXOGames deleted successfully C:\Program Files\ReviverSoft deleted successfully C:\Program Files\VideoPlayerV3 deleted successfully C:\Users\Erik\AppData\Roaming\AdobeUM deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AVG Nation toolbar deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCall.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla17.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla18.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla19.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla20.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseData.ini" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Erik\AppData\Local\Temp ==== 2014-01-29 17:34:29 8B6FAC9B29365C7371CBBF86C339D3A2 46215248 ----a-w- C:\Users\Erik\AppData\Local\Temp\SHSetup.exe 2014-01-27 15:35:37 2433E09C08C21455000F7E36D7653759 489472 ----a-w- C:\Users\Brecht Vanhoof\AppData\Local\Temp\SDIAG_17ff97f5-d554-4b12-8378-e23098ec7f28\DiagPackage.dll 2014-01-27 15:30:11 2433E09C08C21455000F7E36D7653759 489472 ----a-w- C:\Users\Brecht Vanhoof\AppData\Local\Temp\SDIAG_43af1428-0ef8-4801-a876-cab4645fa963\DiagPackage.dll ====== Java Cache ===== 2014-01-02 18:44:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jens Vanhoof\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-108d0c65 2014-01-12 19:17:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-28817a68 ====== C:\Windows\system32 ===== 2014-01-29 18:00:29 0A9115A5FE3D646F897CEFA7508B217C 3792 ----a-w- C:\Windows\System32\.crusader ====== C:\Windows\system32\drivers ===== 2014-01-30 11:15:28 CE77439BAF613019D6B7658292D1E4A6 30976 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-29 17:36:33 -------- d-----w- C:\Program Files\Enigma Software Group 2014-01-29 15:39:44 -------- d-----w- C:\Program Files\MediaPlayerV1 ======= C: ===== 2014-01-30 12:02:03 572DD569F3B1A19A224AF20F2876BCBE 1516 ----a-w- C:\AdwCleaner[s2].txt 2014-01-23 18:45:25 9AC04C4833539A4D5C4BB57BD95970AE 153 ----a-w- C:\extensions.ini 2014-01-23 18:45:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\extensions.sqlite ====== C:\Users\Erik\AppData\Roaming ====== 2014-01-26 10:47:28 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Roaming\vlc 2014-01-12 19:27:24 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-12 19:27:20 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Programs ====== C:\Users\Erik ====== 2014-01-30 11:32:34 C09E8D90AE0B1D0B3751E02A60EC0B37 4721144 ----a-w- C:\Users\Erik\Downloads\ccsetup410pro.exe 2014-01-30 11:24:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Erik\Downloads\RSIT.exe 2014-01-29 17:37:02 -------- d-----w- C:\ProgramData\HitmanPro 2014-01-29 17:22:14 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner (1).exe 2014-01-29 17:20:22 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner.exe 2014-01-29 15:39:54 C54D87D5197F04000EE0206C5BC1306C 610 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-01-30 11:24:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Erik.exe 2014-01-29 15:39:46 581AF36CE34CCE05A23246B157BA52B0 453321 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\uninstall.exe 2014-01-29 12:47:50 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe === C: other files == 2014-01-28 16:52:30 62B81AE897DEFB1DBD4F592AF424E1F4 38266 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ch\MediaPlayerV1alpha771.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ecSetupX.exe"="E:\ecSetupX.exe E: 3" "Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "LManager"="C:\Program Files\Launch Manager\LManager.EXE" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "VitaKeyPdtWzd"="C:\Program Files\Acer Bio Protection\PdtWzd.exe" "NeroCheck"="C:\Windows\system32\NeroCheck.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" "AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup" "ROUTE66Sync"="C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ecSetupX.exe"="E:\ecSetupX.exe E: 3" "Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray" ==== Startup Folders ====================== 2013-09-21 07:05:39 1118 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk 2013-09-21 07:06:41 1274 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-05-10 06:32:18 1105 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk 2012-11-03 19:54:31 1274 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-11-06 15:20:49 2016 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2013 13:48] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55] C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17/01/2013 22:16] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\{00E7A93D-6B2F-4512-A114-C826A9818220}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\{29B37835-9615-4324-8513-A6E60D2336D2}" [E:\setup.exe] "C:\Windows\system32\tasks\{5B7CD2D7-8410-4E34-B763-CA99E9F49709}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\{7AE8CE79-F139-4876-8529-B2D6F0A5A23E}" [E:\setup.exe] "C:\Windows\system32\tasks\{86823B10-95B7-40E8-BFDE-01EA6FCDA7AC}" [E:\setup.exe] "C:\Windows\system32\tasks\{9352D302-6F0B-4A11-B291-D3F90E571521}" [E:\setup.exe] "C:\Windows\system32\tasks\{9480DC58-7F82-4234-AA58-7DCA75943ADC}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe] "C:\Windows\system32\tasks\{D2AEAD89-0831-4950-8BE7-90D1C8C9CD88}" [E:\setup.exe] "C:\Windows\system32\tasks\{FB61D383-FDB4-4020-B889-7BC02D0B800C}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" [29/01/2014 17:01] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0 - 1Click Downloader - %ProfilePath%\extensions\OneClickDownloader@OneClickDownloader.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid.xpi ==== Firefox Plugins ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=20 folders=8 7159704 bytes) ==== EOF on do 30/01/2014 at 13:53:20,89 ======================
-
ziehier het gevraagde logje: Zoek.exe v5.0.0.0 Updated 29-January-2014 Tool run by Erik on do 30/01/2014 at 13:40:23,76. Microsoft Windows 7 Professional 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Erik\Downloads\zoek (1).exe [scan all users] [script inserted] ==== System Restore Info ====================== 30/01/2014 13:44:45 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\ALDI deleted successfully C:\Program Files\blinkx Remote Toolbar deleted successfully C:\Program Files\GAMESVOORIEDEREEN.NL deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\OXXOGames deleted successfully C:\Program Files\ReviverSoft deleted successfully C:\Program Files\VideoPlayerV3 deleted successfully C:\Users\Erik\AppData\Roaming\AdobeUM deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AVG Nation toolbar deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCall.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla17.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla18.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla19.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla20.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseData.ini" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP" deleted
-
ziehier het logje: Logfile of random's system information tool 1.09 (written by random/random) Run by Erik at 2014-01-30 12:24:44 Microsoft Windows 7 Professional System drive C: has 94 GB (61%) free of 154 GB Total RAM: 3001 MB (46% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:25:26, on 30/01/2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\LManager.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Windows\PLFSetI.exe C:\Program Files\Acer Bio Protection\PdtWzd.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Users\Erik\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\PROGRA~1\MICROS~1\Office14\OUTLOOK.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Erik\Downloads\RSIT.exe C:\Program Files\trend micro\Erik.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ROUTE66Sync] C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg"&"inst=NzctNTM4MTA5NTQ0LVhPMzYrMS1OMUQrMS1QTCs5LUxJQysyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVUCs0LVNQMVM0KzEtRERUKzE0NzU2LUREMTBGKzEtU1QxMEZBUFArMQ"&"prod=90"&"ver=10.0.1411 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ecSetupX.exe] E:\ecSetupX.exe E: 3 O4 - HKCU\..\Run: [Netdrive] C:\Program Files\NetDrive\netdrive.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Erik\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: *.dexia.be O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.extrafilm.be/ImageUploader5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe (file missing) -- End of file - 14793 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\ROC_REG_JAN_DELETE.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2013-05-08 587104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904] "LManager"=C:\Program Files\Launch Manager\LManager.EXE [2009-09-24 887304] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-23 7625248] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1565992] "ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2009-07-21 421888] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704] "VitaKeyPdtWzd"=C:\Program Files\Acer Bio Protection\PdtWzd.exe [2009-09-22 3571712] "NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-10 50688] "AdobeVersionCue"=C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe [2003-10-22 1732608] "beid"=C:\Program Files\Belgium Identity Card\beid35gui.exe [2010-02-05 2056192] "ROUTE66Sync"=C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe [2010-12-17 168448] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-11-07 4956176] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg&inst=NzctNTM4MTA5NTQ0LVhPMzYrMS1OMUQrMS1QTCs5LUxJQysyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVUCs0LVNQMVM0KzEtRERUKzE0NzU2LUREMTBGKzEtU1QxMEZBUFArMQ∏=90&ver=10.0.1411 [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] "ecSetupX.exe"=E:\ecSetupX.exe E: 3 [] "Netdrive"=C:\Program Files\NetDrive\netdrive.exe -tray [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-08-25 228864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=C:\Program Files\Acer Bio Protection\PwdFilter [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "msacm.siren"=sirenacm.dll "msacm.msaudio1"=msaud32.acm "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi2"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-30 12:24:44 ----D---- C:\rsit 2014-01-30 12:15:28 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys 2014-01-29 18:37:02 ----D---- C:\ProgramData\HitmanPro 2014-01-29 18:36:33 ----D---- C:\Program Files\Enigma Software Group 2014-01-29 18:35:46 ----D---- C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-01-29 18:22:24 ----D---- C:\AdwCleaner 2014-01-29 16:39:44 ----D---- C:\Program Files\MediaPlayerV1 2014-01-23 19:45:25 ----A---- C:\extensions.ini 2014-01-23 19:43:46 ----D---- C:\Program Files\VideoPlayerV3 2014-01-06 20:23:36 ----A---- C:\Windows\system32\GPhotos.scr ======List of files/folders modified in the last 1 month====== 2014-01-30 12:25:26 ----D---- C:\Program Files\Trend Micro 2014-01-30 12:21:49 ----D---- C:\ProgramData\MFAData 2014-01-30 12:21:38 ----SHD---- C:\System Volume Information 2014-01-30 12:21:36 ----D---- C:\Windows\Temp 2014-01-30 12:21:12 ----SHD---- C:\Windows\Installer 2014-01-30 12:21:12 ----SHD---- C:\Config.Msi 2014-01-30 12:21:07 ----RD---- C:\Program Files 2014-01-30 12:21:03 ----DC---- C:\Windows\system32\DRVSTORE 2014-01-30 12:21:03 ----D---- C:\Windows\system32\drivers 2014-01-30 12:21:02 ----D---- C:\Windows\system32\DriverStore 2014-01-30 12:21:02 ----D---- C:\Windows\system32\catroot 2014-01-30 12:21:01 ----D---- C:\Windows\inf 2014-01-30 12:20:59 ----D---- C:\Windows\system32\catroot2 2014-01-30 12:20:59 ----D---- C:\Windows 2014-01-30 12:20:54 ----D---- C:\Windows\Logs 2014-01-30 12:19:46 ----D---- C:\Program Files\GAMESVOORIEDEREEN.NL 2014-01-30 12:15:51 ----D---- C:\Windows\system32\config 2014-01-30 12:15:45 ----D---- C:\Windows\System32 2014-01-29 19:14:15 ----SD---- C:\Users\Erik\AppData\Roaming\Microsoft 2014-01-29 18:37:02 ----HD---- C:\ProgramData 2014-01-29 18:36:49 ----D---- C:\Windows\system32\Tasks 2014-01-29 18:35:46 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2014-01-29 18:27:31 ----D---- C:\Windows\Tasks 2014-01-29 18:27:18 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2014-01-29 18:27:18 ----D---- C:\Program Files\Common Files 2014-01-29 18:13:15 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-29 17:02:55 ----D---- C:\Windows\system32\wbem 2014-01-29 17:01:44 ----D---- C:\ProgramData\McAfee Security Scan 2014-01-29 17:01:40 ----D---- C:\Users\Erik\AppData\Roaming\vlc 2014-01-29 17:01:37 ----HD---- C:\Windows\system32\GroupPolicy 2014-01-29 17:01:37 ----D---- C:\Windows\system32\CodeIntegrity 2014-01-29 17:01:37 ----D---- C:\Windows\AppCompat 2014-01-29 17:01:36 ----D---- C:\Windows\system32\NDF 2014-01-29 17:01:36 ----D---- C:\Windows\registration 2014-01-17 18:53:13 ----D---- C:\Windows\system32\MRT 2014-01-17 18:52:58 ----A---- C:\Windows\system32\MRT.exe 2014-01-09 20:48:23 ----D---- C:\ProgramData\AVG Nation toolbar 2014-01-05 14:23:03 ----D---- C:\Users\Erik\AppData\Roaming\uTorrent 2014-01-05 14:13:29 ----D---- C:\Program Files\TRANSPOSIA ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-10-24 147768] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448] R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880] R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 209176] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-17 22840] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-04 37664] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2008-01-23 501560] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032] R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-09-21 659328] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-05-30 260648] R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792] R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-24 36608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-01-30 30976] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-23 2737248] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256] R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 15360] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 229040] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 14336] R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448] R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2009-12-15 37632] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880] S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-09-21 1815800] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-08-12 24576] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-05-28 233472] R2 Greg_Service;GRegService; C:\Program Files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] R2 IGBASVC;EgisTec Service; C:\Program Files\Acer Bio Protection\BASVC.exe [2009-09-22 3449856] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-09-10 185632] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-14 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944] S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 257416] S3 AdobeVersionCue;AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [2003-10-22 61440] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-14 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-09 194032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF-----------------
-
mijn laptop is besmet met het bettersurf virus. Hoe moet ik dat verwijderen?
-
telkens wanneer ik een website start (vb hbvl.be of twitter ....) verschijnen lks en rts en soms bovenaan in het scherm banners met reclame. Bij sommige toepassingen lijkt het ook alsof andere opdrachten gegeven worden. bijvoorbeeld: wanneer ik daarnet op de knop 'nieuwe discussie starten' drukte opende er een nieuw scherm met reclame voor cofidis. Hoe kan ik dit oplossen?
-
Ik had via google gezocht naar visio en kwam zo op een pagina van microsoft terecht. Ik dacht dat dit volledig legaal was. Dan kan ik best deze versie gewoon verwijderen. Bedankt.
-
De download komt van de site van microsoft. via google heb ik een key code gevonden.
-
Ik heb onlangs microsoft 2010 geinstalleerd. Ik krijg nu de melding dat mijn software maar 28 dagen beschikbaar zou zijn omv problemen met de key. Nochtans waren er geen problemen bij het installeren. Hoe kan dit opgelost worden?
-
doc1 is wat het nu is. Doc 2 is wat het moet zijn. Doc1.docx Doc2.docx
