zon_

3 keer CCleaner en voila, alles is schoon.

Aan jullie weer eens een dikke: DANK JULLIE WEL! Wat zijn jullie toch een ontzettende hulp, en dat allemaal in jullie vrije tijd!

Groetjes Brigitte

Wat fijn, dat die goed was. Ik heb straks getest of ik weer van buitenaf op het werk kan inloggen. JA! Dus dat probleem is verholpen Verder draait alles weer veel sneller nu. Dus ik kan op dit moment niet echt nog een ernstig probleem vaststellen. Ik ga er maar vanuit, dat er alles weer een beetje "op orde" is zo en wil jullie hartelijk danken!!!

Groetjes Brigitte

Ik weet nu echt even niet of ik het goed heb gedaan. Aangezien het programma leek te blijven hangen, heb ik toch maar op de knop "verwijderen" gedrukt (clean heb ik niet). Hierna restartte de laptop inderdaad en kwam ook een file. Echter niet met de naam S0, maar S1.

Ik heb in de map de S0-file gezocht, maar die is van 29-9 en niet van vandaag. Heel apart, want ik had dit programma een week geleden nog helemaal niet.

Ik stuur jullie nu beide files mee, S0- is dus van 29-9 en S1 van net.

Graag hoor ik als ik iets niet goed heb gedaan.

Groetjes Brigitte

AdwCleaner[S0].txt

AdwCleaner[S1].txt

Helaas, adwcleaner doet niets. Ik heb de pc nu 3 keer opgestart en de scan geprobeerd uit te voeren, maar hij blijft altijd hangen, zie screenshot eerder. Alle programma's staan uit. Knop "clean" heb ik dus nooit gezien. Onder tabblad rapport staat wel een korte tekst, maar daar hebben jullie misschien niet zoveel aan?

Nog een ander idee?

Hoi, Na een eerste korte actie doet de AdwCleaner verder niet veel. Hij hangt nu al 1 uur op hetzelfde, zie screenshot. Is dat OK? Misschien duurt het gewoon uren?

yeah gelukt. Jullie uitleg is dan ook altijd zo super helder!

Kon zoek.exe echter pas draaien nadat ik het antivirus-programma had verwijderd.

Groetjes Brigitte

zoek-results.txt

Ik denk dat het gelukt is. Bij dezen de bijlage.

Groetjes en alvast bedankt voor de hulp, Brigitte

log.txt

Beste jullie,

Ik heb een probleem bij het inloggen vanuit mijn thuis laptop op het werk. Dat gaat via het programma VMware Horizon. Lukte altijd prima, maar nu krijg ik een foutmelding:"... authentication failed...please check your proxy settings." Ik heb contact gehad met mijn Internetprovider, aangezien ik ook in Firefox af en toe een Proxy-foutmelding kreeg deze week. Maar door deze te negeren en opnieuw te proberen op een Internetsite te komen, lukte dit altijd. Ik heb dus gewoon verbinding met het Internet.

Hierna had ik contact met de ICT-afdeling van mijn werk. Maar het ligt niet aan hun. Er moet dus iets op mijn laptop mis zijn, zij vermoeden eventueel een proxy virus. Ergens was er een instelling niet helemaal goed, maar zodra de ICT-er deze wilde wijzigingen in de juiste, sprong het vinkje vanzelf helemaal weer terug in de onjuiste positie. Sorry, dat ik zo vaag ben, maar ik heb niet onthouden waar dat precies was.

Hebben jullie al eerder iets van een proxy virus gehoord?

Ik stuur een screenshot van de foutmelding mee.

Alvast bedankt voor jullie tijd!

Groetjes Brigitte

# AdwCleaner v2.200 - Verslag gemaakt op 07/04/2013 om 21:14:58

# Geactualiseerd op 02/04/2013 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruiker : zon - WOLF

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\zon\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijdert : C:\Windows\SysWOW64\bandoolmx.dll

Map Verwijdert : C:\Program Files (x86)\Ilivid

Map Verwijdert : C:\Program Files (x86)\Speedbit Video Downloader

Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid

Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedbit Video Downloader

Map Verwijdert : C:\ProgramData\Speedbit

Map Verwijdert : C:\Users\Gast\AppData\LocalLow\Toolbar4

Map Verwijdert : C:\Users\zon\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb

Map Verwijdert : C:\Users\zon\AppData\Roaming\dvdvideosoftiehelpers

Map Verwijdert : C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\jetpack

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\1ClickDownload

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\RewardsArcade

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\searchqutoolbar

Sleutel Verwijdert : HKCU\Software\Ask&Record

Sleutel Verwijdert : HKCU\Software\BrowserCompanion

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\Cr_Installer

Sleutel Verwijdert : HKCU\Software\DataMngr

Sleutel Verwijdert : HKCU\Software\DealPly

Sleutel Verwijdert : HKCU\Software\ilivid

Sleutel Verwijdert : HKCU\Software\InstallCore

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Software\SpeedBit

Sleutel Verwijdert : HKLM\Software\Babylon

Sleutel Verwijdert : HKLM\Software\Bandoo

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ilivid

Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160

Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchPredictObj.SearchPredictObj

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\Software\DealPly

Sleutel Verwijdert : HKLM\Software\ilivid

Sleutel Verwijdert : HKLM\Software\Iminent

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijdert : HKLM\Software\SpeedBit

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\djcpfkccckpeeghiklnhienllljccglb

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SPEEDbit Video Downloader

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Tarma Installer

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]

Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v19.0.2 (nl)

File : C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\prefs.js

C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\user.js ... Verwijdert !

Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\zzvbh57h.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [18386 octets] - [07/04/2013 21:15:00]

########## EOF - C:\AdwCleaner[s1].txt - [18447 octets] ##########

Hoi jullie,

Ik heb alles zo gedaan als jullie zeiden en voila, ik heb nu al 1/2 dag geen ad-browse-save sumbooltje meer kunnen spotten Heeeeeeeeeeeeeel erg bedankt!

Zoek.exe Version 4.0.0.2 Updated 31-03-2013

Tool run by zon on vr 05-04-2013 at 23:44:59,13.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

64 Bit HP CIO Components Installer

Aangifte inkomstenbelasting 2010

Aangifte inkomstenbelasting 2011

Aangifte inkomstenbelasting 2012

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.4 MUI

Alcor Micro USB Card Reader

ASUS AI Recovery

ASUS AP Bank

ASUS CopyProtect

ASUS Data Security Manager

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS Power4Gear Hybrid

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ASUS WebStorage

Asus_Camera_ScreenSaver

ATK Package

Audacity 2.0

Avira Free Antivirus

Boingo Wi-Fi

ControlDeck

D3DX10

DAEMON Tools Lite

DealPly

DeLorme Send To GPS 1.2

DivX Setup

Dropbox

Druckerdeinstallation fr EPSON Stylus SX200 Series

ETDWare PS/2-x64 7.0.5.12_WHQL

Facebook Video Calling 1.2.0.287

Fast Boot

FireArc Arcade

FoxTab Video To MP3

Game Park Console

Garmin BaseCamp

Garmin Trip and Waypoint Manager v5

Garmin USB Drivers

Google Chrome

Google Update Helper

HiJackThis

HP LaserJet Professional CP1520 Series

HP Update

HPLaserJetHelp_LearnCenter

HPLJUT

hppCP1520LaserJetService

hppLaserJetService

hppTLBXFXCP1520

hpzTLBXFX

iLivid

Intel® Control Center

Intel® Graphics Media Accelerator Driver

IrfanView (remove only)

Java Auto Updater

Java 6 Update 37

Lexmark X1100 Series

Malwarebytes Anti-Malware versie 1.60.0.1800

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (Dutch) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 19.0.2 (x86 nl)

Mozilla Thunderbird 17.0.5 (x86 nl)

MSVCRT

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Neuratron PhotoScore Ultimate Demo

OSM generic routable

OSM World Routable

PDFCreator

Platform

PowerISO

Revo Uninstaller Pro 2.5.5

Rosetta Stone Ltd Services

Rosetta Stone Version 3

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Sibelius 6 Demo

Simple Adblock

SkypeT 6.1

SpeedBit Video Downloader

Speedy MIDI Version 1.0

Spotify

TomTom HOME 2.8.3.2499

TomTom HOME Visual Studio Merge Modules

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

USB 2.0 1.3M UVC WebCam

VC80CRTRedist - 8.0.50727.6195

Verzoek of wijziging voorlopige aanslag 2012

VIA Platform Device Manager

VLC media player 1.0.1

VMware View Client

VoipDiscount

Vuze

Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

WinFlash

Wireless Console 3

Yontoo 1.10.02

==== FireFox Fix ======================

Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\zzvbh57h.default\prefs.js:

Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\zzvbh57h.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.nl/");

user_pref("browser.newtab.url", "www.google.nl");

user_pref("browser.search.defaultenginename", "Search the web (Babylon)");

user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

user_pref("browser.search.order.1", "Search the web (Babylon)");

user_pref("keyword.URL", "http://search.babylon.com/?AF=109217&babsrc=adbartrp&mntrId=78f7b34800000000000020cf303038e8&q=");

Added to C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\zzvbh57h.default

user.js not found

---- Lines BabylonToolbar removed from prefs.js ----

---- Lines BabylonToolbar modified from prefs.js ----

---- Lines speedbit removed from prefs.js ----

---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"searchpredict@speedbit.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1309527330116},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SpeedBit Video Downloader\\\\SPFireFox\",\"mtime\":1309527334735},\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\",\"mtime\":1326224654778}}},{\"name\":\"app-global\",\"addons\":{\"{906305f7-aafc-45e9-8bbd-941950a84dad}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{906305f7-aafc-45e9-8bbd-941950a84dad}\",\"mtime\":1325200159990},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1329586206658}}}]");

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_06-04-2013_0001_.backup

ProfilePath: C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217");

user_pref("extensions.BabylonToolbar_i.hardId", "78f7b34800000000000020cf303038e8");

user_pref("extensions.BabylonToolbar_i.id", "78f7b34800000000000020cf303038e8");

user_pref("extensions.BabylonToolbar_i.instlDay", "15398");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?AF=109217&babsrc=NT_ss&mntrId=78f7b34800000000000020cf303038e8");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:55:14");

---- Lines BabylonToolbar modified from prefs.js ----

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.id", "78f7b34800000000000020cf303038e8");

user_pref("extensions.BabylonToolbar_i.hardId", "78f7b34800000000000020cf303038e8");

user_pref("extensions.BabylonToolbar_i.instlDay", "15398");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:55:14");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

---- Lines speedbit removed from prefs.js ----

user_pref("extensions.searchpredict@speedbit.com.install-event-fired", true);

---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"searchpredict@speedbit.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1309527330116},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SpeedBit Video Downloader\\\\SPFireFox\",\"mtime\":1309527334735},\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\",\"mtime\":1326224654778}}},{\"name\":\"app-global\",\"addons\":{\"{906305f7-aafc-45e9-8bbd-941950a84dad}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{906305f7-aafc-45e9-8bbd-941950a84dad}\",\"mtime\":1325200159990},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362819616117},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1340163807649},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1349349833245},\"{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\",\"mtime\":1351413243959}}},{\"name\":\"app-profile\",\"addons\":{\"50bb149ba0fa4@50bb149ba0fdd.com\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\50bb149ba0fa4@50bb149ba0fdd.com.xpi\",\"mtime\":1354436927571},\"OneClickDownloader@OneClickDownloader.com\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\OneClickDownloader@OneClickDownloader.com.xpi\",\"mtime\":1359575970539},\"userzoom_survey_tool@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\userzoom_survey_tool@jetpack\",\"mtime\":1346343678742},\"{a3a5c777-f583-4fef-9380-ab4add1bc2a8}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi\",\"mtime\":1342469080588},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1360824541400},\"{dc572301-7619-498c-a57d-39143191b318}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{dc572301-7619-498c-a57d-39143191b318}.xpi\",\"mtime\":1361770521048}}}]");

---- Lines speedbit removed from user.js ----

---- Lines y2layers removed from prefs.js ----

user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,");

user_pref("extentions.y2layers.installId", "c15b43b2-ccaf-455d-825c-bc61fa7642b7");

user_pref("extentions.y2layers.lastDnsTest", 371995);

---- Lines y2layers modified from prefs.js ----

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "c15b43b2-ccaf-455d-825c-bc61fa7642b7");

user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,");

---- Lines Downloader.com removed from prefs.js ----

user_pref("extensions.OneClickDownloader@OneClickDownloader.com.install-event-fired", true);

---- Lines Downloader.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"searchpredict@disabled.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1309527330116},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\disabled Video Downloader\\\\SPFireFox\",\"mtime\":1309527334735},\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\",\"mtime\":1326224654778}}},{\"name\":\"app-global\",\"addons\":{\"{906305f7-aafc-45e9-8bbd-941950a84dad}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{906305f7-aafc-45e9-8bbd-941950a84dad}\",\"mtime\":1325200159990},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362819616117},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1340163807649},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1349349833245},\"{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\",\"mtime\":1351413243959}}},{\"name\":\"app-profile\",\"addons\":{\"50bb149ba0fa4@50bb149ba0fdd.com\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\50bb149ba0fa4@50bb149ba0fdd.com.xpi\",\"mtime\":1354436927571},\"OneClickDownloader@OneClickDownloader.com\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\OneClickDownloader@OneClickDownloader.com.xpi\",\"mtime\":1359575970539},\"userzoom_survey_tool@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\userzoom_survey_tool@jetpack\",\"mtime\":1346343678742},\"{a3a5c777-f583-4fef-9380-ab4add1bc2a8}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi\",\"mtime\":1342469080588},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1360824541400},\"{dc572301-7619-498c-a57d-39143191b318}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{dc572301-7619-498c-a57d-39143191b318}.xpi\",\"mtime\":1361770521048}}}]");

---- Lines Downloader.com removed from user.js ----

---- Lines OneClickDownload removed from prefs.js ----

user_pref("extensions.OneClickDownloader.last_register", "2012-6-30");

user_pref("extensions.OneClickDownloader.SupportedSite", "[]");

user_pref("extensions.OneClickDownloader.UserID", "10.54.14.1674f9cf6184f0960.22965686");

---- Lines OneClickDownload modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"searchpredict@disabled.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1309527330116},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\disabled Video Downloader\\\\SPFireFox\",\"mtime\":1309527334735},\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\",\"mtime\":1326224654778}}},{\"name\":\"app-global\",\"addons\":{\"{906305f7-aafc-45e9-8bbd-941950a84dad}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{906305f7-aafc-45e9-8bbd-941950a84dad}\",\"mtime\":1325200159990},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362819616117},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1340163807649},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1349349833245},\"{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\",\"mtime\":1351413243959}}},{\"name\":\"app-profile\",\"addons\":{\"50bb149ba0fa4@50bb149ba0fdd.com\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\50bb149ba0fa4@50bb149ba0fdd.com.xpi\",\"mtime\":1354436927571},\"OneClickDownloader@OneClickdisabled\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\OneClickDownloader@OneClickdisabled.xpi\",\"mtime\":1359575970539},\"userzoom_survey_tool@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\userzoom_survey_tool@jetpack\",\"mtime\":1346343678742},\"{a3a5c777-f583-4fef-9380-ab4add1bc2a8}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi\",\"mtime\":1342469080588},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1360824541400},\"{dc572301-7619-498c-a57d-39143191b318}\":{\"descriptor\":\"C:\\\\Users\\\\zon\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\sratwpzb.default\\\\extensions\\\\{dc572301-7619-498c-a57d-39143191b318}.xpi\",\"mtime\":1361770521048}}}]");

---- Lines OneClickDownload removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_06-04-2013_0001_.backup

prefs_06-04-2013_0001_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\System32\roboot64.exe deleted successfully

==== Deleting Files \ Folders ======================

"C:\Windows\SysNative\roboot64.exe" not found

"C:\user.js" deleted

"C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml" deleted

"C:\Users\zon\lametritonus_en.dll" deleted

"C:\Users\zon\lame_enc_en.dll" deleted

"C:\user.js" deleted

"C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Program Files (x86)\Bandoo" deleted

"C:\Program Files (x86)\speedbit video downloader\Toolbar" deleted

"C:\Program Files (x86)\SearchPredict" deleted

"C:\Program Files (x86)\BrowserCompanion" deleted

"C:\Program Files (x86)\DealPly" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\found.000" deleted

"C:\found.001" deleted

"C:\Users\zon\AppData\Roaming\Babylon" deleted

"C:\Users\zon\AppData\Roaming\Systweak" deleted

"C:\Users\zon\AppData\Roaming\pdfforge" deleted

"C:\ProgramData\Partner" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly" deleted

"C:\Users\zon\AppData\Local\Ilivid Player" deleted

"C:\Users\zon\AppData\Local\PackageAware" deleted

"C:\Users\zon\AppData\Local\Babylon" deleted

"C:\Users\zon\AppData\Local\Conduit" deleted

"C:\Users\zon\AppData\LocalLow\boost_interprocess" deleted

"C:\Users\zon\AppData\LocalLow\DataMngr" deleted

"C:\Users\zon\AppData\LocalLow\searchquband" deleted

"C:\Users\zon\AppData\LocalLow\Conduit" deleted

"C:\Users\zon\AppData\LocalLow\Toolbar4" deleted

"C:\Users\zon\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted

"C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\jetpack" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\zon\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-03-29 18:09:22 EC68C565EFEE1AAE6174C17F826C9384 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-03-29 18:09:22 E3FA8AEAA2F40EC1BB00FEFB2C4F3AD9 14317568 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-03-29 18:09:22 E14A07B768EC49D382CABCE2F078D576 232960 ----a-w- C:\Windows\SysWOW64\url.dll

2013-03-29 18:09:22 DEFB55D4FF094673DF31FA89A8A8A2F0 226816 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2013-03-29 18:09:22 C68FBBF01E86CB6CF0B797748FBD6C1A 357888 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2013-03-29 18:09:22 C28A634CF127DA67D566B5E14D0A0170 719360 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2013-03-29 18:09:22 C225E5307D8D4982A1687F2702C37C78 158720 ----a-w- C:\Windows\SysWOW64\msls31.dll

2013-03-29 18:09:22 BA15504FA59A8DC304F1CBAEBA6252A1 1766912 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-03-29 18:09:22 B96C13B5C85AC4240FE95DE115945D59 38400 ----a-w- C:\Windows\SysWOW64\imgutil.dll

2013-03-29 18:09:22 B3D105459BBA576A763E8C061E49F5C5 1129984 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-03-29 18:09:22 AFE08AAD4D0D54FE2EF44739255AAA0F 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-03-29 18:09:22 AF0332E09DDBE0172237D1958A7DADB8 79872 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-03-29 18:09:22 A7E8E3A9F92D9B0D495F636A1D282883 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll

2013-03-29 18:09:22 A3DA36A9E63FD0F9B45781E326AC6501 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-03-29 18:09:22 9DF7A7C74D8632CB5EBD37E3A374825E 204800 ----a-w- C:\Windows\SysWOW64\webcheck.dll

2013-03-29 18:09:22 96E0F0BED5D9EBABB899D8CA83C36A7E 523264 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-03-29 18:09:22 8C3D32A4A46326031309A43C52539D7F 1400416 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat

2013-03-29 18:09:22 8A45166CD9874463AB76B552C9C2D3AD 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll

2013-03-29 18:09:22 87E71F2A83681F41B796CA685818EF2D 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll

2013-03-29 18:09:22 87513A002B7B0F9C259F2431DFD008DC 137216 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-03-29 18:09:22 84AC80FCD61D389948B8C0E47623B79B 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-03-29 18:09:22 828B4A41BE891A7AEC07E693422B4A3A 117248 ----a-w- C:\Windows\SysWOW64\iepeers.dll

2013-03-29 18:09:22 81C4D657D37C3A5418B54BFECE821B84 57344 ----a-w- C:\Windows\SysWOW64\pngfilt.dll

2013-03-29 18:09:22 80B47F0F45C3EBF41C30E0BA367D25D3 125440 ----a-w- C:\Windows\SysWOW64\occache.dll

2013-03-29 18:09:22 6DF2C6438CFF6EFCBBB88AEE01795501 73728 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-03-29 18:09:22 66D8CDC28A0AADDA34133AE733934658 2046464 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-03-29 18:09:22 56E51C26745FF7413514EA4DDF33BC6C 11776 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-03-29 18:09:22 52A7D73D5570F757D865DDECD087FB41 138752 ----a-w- C:\Windows\SysWOW64\wextract.exe

2013-03-29 18:09:22 50EE6790FBBCE920FFABAD5D747F2788 391680 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-03-29 18:09:22 4BF21D1946E8119D9C23F6F925D43F01 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-03-29 18:09:22 4A47CAEA8D3B82DE439A79771ECED4B1 361984 ----a-w- C:\Windows\SysWOW64\html.iec

2013-03-29 18:09:22 49C9634AD2516448A0250812B7F5325C 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-03-29 18:09:22 414A3D9AAE072CDEFE0B64C2EBEE18D2 61952 ----a-w- C:\Windows\SysWOW64\tdc.ocx

2013-03-29 18:09:22 404FAD93ABFBD86D1AAAB47D5DFA6505 242200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2013-03-29 18:09:22 3AB2A38F7EA9E62D176A78FB58761E24 12800 ----a-w- C:\Windows\SysWOW64\mshta.exe

2013-03-29 18:09:22 338520304B99471BD0ED121954FE7863 82432 ----a-w- C:\Windows\SysWOW64\inseng.dll

2013-03-29 18:09:22 2D7A29C35D0894481A69FA3AC45F18F0 41984 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

2013-03-29 18:09:22 1DACF9167B6544536B6E9813EC026703 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-03-29 18:09:22 0F44172A5B34E8F208CD0F209EDD4A73 629248 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2013-03-29 18:09:22 059F9C59DAEDE8AF2C8C55BE278A99B0 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-03-29 18:09:22 0402BFC25AB49E02256BC24E32829773 185344 ----a-w- C:\Windows\SysWOW64\elshyph.dll

2013-03-29 18:09:22 038F76279EC64878A072D988DE13C7B2 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe

2013-03-29 18:09:21 F0D4AE074D9BC0741DC6E91C741F2F8C 23040 ----a-w- C:\Windows\SysWOW64\licmgr10.dll

2013-03-29 18:09:21 9D9AC6CE9A9D951AC40DE91CD6F0A620 1441280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-03-29 18:09:21 932571EFF79B93F94E84ADF4989A277F 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll

2013-03-29 18:09:21 826D75A36336858B004774792DC4CF4F 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-03-29 18:09:21 1FF56AC32B38A94C3C88497BD6E00C96 25185 ----a-w- C:\Windows\SysWOW64\ieuinit.inf

2013-03-29 18:09:21 06A2617B25C920887D80E8A79B7E48EA 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-03-29 18:09:22 5051BB40FFB2BA4870C0A059CA03294F 1054720 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2013-03-29 18:09:22 3531FA12A76A32ECECD972196775DF7C 226304 ----a-w- C:\Windows\Sysnative\elshyph.dll

2013-03-29 18:09:21 FC6B4D5450871A4D5CB344AFF6C090EF 281600 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2013-03-29 18:09:21 F651D95B5043EFC20A6108A853553984 92160 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe

2013-03-29 18:09:21 EC08E38751854C5B8899139B7DD29FF9 197120 ----a-w- C:\Windows\Sysnative\msrating.dll

2013-03-29 18:09:21 EBA7F74ACC7FF61FF92C2072C92CEF14 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-03-29 18:09:21 E965529C43D25F2BDA77D705098BF777 135680 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll

2013-03-29 18:09:21 E1055A7FAD39F1F7C44F6152044056EA 905728 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2013-03-29 18:09:21 D9C10A4A0B3411146E6FC8936B079934 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe

2013-03-29 18:09:21 D8DD5CBB9668EEE98915EA49C72F78FA 441856 ----a-w- C:\Windows\Sysnative\html.iec

2013-03-29 18:09:21 D8076F8A3C34064582035AE6696DC34A 27648 ----a-w- C:\Windows\Sysnative\licmgr10.dll

2013-03-29 18:09:21 D6FCE28376454CDED6E9B144B6EF309A 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-03-29 18:09:21 D2685013EEF64BB5DCD252BAB5C5FAD0 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-03-29 18:09:21 D0F66CFAED5B85543216EF526D380B8B 270848 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2013-03-29 18:09:21 D0D4CE6C6CE87269A34A184356475D17 149504 ----a-w- C:\Windows\Sysnative\occache.dll

2013-03-29 18:09:21 CF1387441D1096DBD4A23E155F1EE958 173568 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-03-29 18:09:21 C6EEC6399077E12FA902BD31F009699E 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-03-29 18:09:21 C2F21E3059AFF5E616F3E361D9FA10CD 62976 ----a-w- C:\Windows\Sysnative\pngfilt.dll

2013-03-29 18:09:21 C28A152C8F971B209C685F1B34B0CBF4 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-03-29 18:09:21 BC0D4AFBE94D8E1F81C8926D805C3366 247296 ----a-w- C:\Windows\Sysnative\webcheck.dll

2013-03-29 18:09:21 B3B0F58C489048D8DC1927164402EA31 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-03-29 18:09:21 ADE73A865A5F136E84F49BB6B1627C6E 1509376 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-03-29 18:09:21 A4DC3CD413A4D0E7CE805CAEC39CE724 15407616 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-03-29 18:09:21 9D8B838E173E6C69A735ADEF3C55D31D 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-03-29 18:09:21 96938C3BA9C09CEF29A7B909E3881538 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-03-29 18:09:21 942E110384668EEFF44751A02EDDF5E4 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll

2013-03-29 18:09:21 8C3D32A4A46326031309A43C52539D7F 1400416 ----a-w- C:\Windows\Sysnative\ieapfltr.dat

2013-03-29 18:09:21 82D602EBBBA6D08E4691F32269FD3494 12800 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2013-03-29 18:09:21 7EC25F7ABF7CE6B0FE93787524EE537B 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2013-03-29 18:09:21 7539E5B4A9763C22CE5CACE3E9A6246F 19221504 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-03-29 18:09:21 69F1D418B4C4EC23033D598E4CBC6B73 2240512 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-03-29 18:09:21 658E8FEC79A4AB5BFDE032627B5C9667 13824 ----a-w- C:\Windows\Sysnative\mshta.exe

2013-03-29 18:09:21 63CAE56FE4215F98FEB0188748A99378 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2013-03-29 18:09:21 62077020B3106089469922A93EF3ECE1 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-03-29 18:09:21 5B64B732BD620A873A2FD74862CC9018 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-03-29 18:09:21 5B15164486C66B76699E1CD2CD2F3A2A 51200 ----a-w- C:\Windows\Sysnative\imgutil.dll

2013-03-29 18:09:21 4E426A67C46379B75A5E671B46FC07F6 102912 ----a-w- C:\Windows\Sysnative\inseng.dll

2013-03-29 18:09:21 4CFBEC37E4FAD530E623E1541E1EA958 599552 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-03-29 18:09:21 440104AEB9DAF8AC9842080AE59740FA 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx

2013-03-29 18:09:21 40738329209CBE2C9B48F7E30F7C1414 144896 ----a-w- C:\Windows\Sysnative\wextract.exe

2013-03-29 18:09:21 402D797A7905DC3C6FE11E75CD5252EB 235008 ----a-w- C:\Windows\Sysnative\url.dll

2013-03-29 18:09:21 364D3FB12030D214433E794A67CD4C41 526848 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-03-29 18:09:21 2AAE2B8FED8390879C2369FC63F7001F 97280 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-03-29 18:09:21 23C80181B93AA17DACB08A7474A8558B 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-03-29 18:09:21 23556D116D5FB93395B2A648EEB24251 81408 ----a-w- C:\Windows\Sysnative\icardie.dll

2013-03-29 18:09:21 1FF56AC32B38A94C3C88497BD6E00C96 25185 ----a-w- C:\Windows\Sysnative\ieuinit.inf

2013-03-29 18:09:21 18A94D6E9D27D169D38DAB91F6A97518 136192 ----a-w- C:\Windows\Sysnative\iepeers.dll

2013-03-29 18:09:21 1456EECCB5CF6B91513200F95D61706E 762368 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2013-03-29 18:09:21 112183DF91C9BAECB498E4A86ECDE598 216064 ----a-w- C:\Windows\Sysnative\msls31.dll

2013-03-29 18:09:21 0524F299A1C79CBB537AA03376C552B7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

====== C:\Windows\Sysnative\drivers =====

2013-03-30 09:32:29 490FA25161BF3E51993EB724ECF0ACEB 28600 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys

2013-03-21 05:16:08 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys

2013-03-20 05:14:26 BF9A487F5DB57E339A27716582DA83AB 52376 ----a-w- C:\Windows\Sysnative\drivers\hcmon.sys

2013-03-20 05:14:24 415B167695C4B5960A13098622EF3D80 37680 ----a-w- C:\Windows\Sysnative\drivers\vmusb.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-03-20 05:13:48 -------- d-----w- C:\Program Files\VMware

2013-03-14 07:11:44 -------- d-----w- C:\Program Files\Microsoft Silverlight

======= C:\Program Files (x86) =====

2013-03-20 05:13:48 -------- d-----w- C:\Program Files (x86)\Common Files\VMware

2013-03-14 07:11:44 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

======= C: =====

====== C:\Users\zon\AppData\Roaming ======

2013-03-20 05:29:09 -------- d-----w- C:\users\zon\AppData\Roaming\VMware

2013-03-20 05:13:48 -------- d-----w- C:\users\zon\AppData\Local\VMware

====== C:\Users\zon ======

2013-03-20 05:14:28 -------- d-----w- C:\ProgramData\VMware

====== C: exe-files ==

2013-03-30 19:23:57 5945B121AC1E658F4049E0EEC68F2973 183208 ------r- C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

=== C: other files ==

2013-03-30 09:32:29 490FA25161BF3E51993EB724ECF0ACEB 28600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys

2013-03-30 09:32:29 488486DAD09A5B6C6DBB8B990A8B2307 130016 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys

2013-03-30 09:32:29 09E6069EF94B345061B4BD3CEBD974C8 100712 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Facebook Update"="C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Google Update"="C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Spotify Web Helper"="C:\Users\zon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"

"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"ToolboxFX"="C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Facebook Update"="C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Google Update"="C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Spotify Web Helper"="C:\Users\zon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"

"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]

"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"

"hkey"="HKLM"

"item"="ADSMTray"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver]

"command"="C:\\Windows\\AsScrProlog.exe"

"hkey"="HKLM"

"item"="ASUS Camera ScreenSaver"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-648035464-3342752320-20647198-1001Core.job --a------ C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-07-2012 22:39]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-648035464-3342752320-20647198-1001UA.job --a------ C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-07-2012 22:39]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-01-2012 01:55]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-01-2012 01:55]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-648035464-3342752320-20647198-1001Core1cc77a2a2c9e1d6.job --a------ C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe [29-01-2011 00:55]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-648035464-3342752320-20647198-1001UA1cc77a2a322ffa4.job --a------ C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe [29-01-2011 00:55]

==== Firefox Extensions ======================

ProfilePath: C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default

- UserZoom Survey Tool - %ProfilePath%\extensions\userzoom_survey_tool@jetpack

- SaveIt - %ProfilePath%\extensions\50bb149ba0fa4@50bb149ba0fdd.com.xpi

- Undetermined - %ProfilePath%\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- Tab Mix Plus - %ProfilePath%\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- G Data BankGuard - %AppDir%\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default

47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

E0FF893763BA82BAABB869A351F0C455 - C:\Users\zon\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\zon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

3E21E80D10E1033D9C137440554FF724 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 6.0.370.6

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\zon\AppData\Roaming\Mozilla\Firefox\Profiles\sratwpzb.default\extensions\50bb149ba0fa4@50bb149ba0fdd.com.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]

dcmagccbogebndpoodhhhafmofelpffh - C:\Users\zon\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[]

djcpfkccckpeeghiklnhienllljccglb - C:\Program Files (x86)\SpeedBit Video Downloader\Chrome\DownloaderChrome.crx[28-06-2011 17:47]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click11.crx[]

ledcpigomgblcmofccnacobhmcdkpiea - C:\Program Files (x86)\SearchPredict\Chrome\SearchPredictChrome.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Users\zon\AppData\Local\Temp\YontooLayers.crx[28-02-2012 19:55]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 15:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

SpeedBit Video Downloader - zon - Default\Extensions\djcpfkccckpeeghiklnhienllljccglb

DealPly - zon - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

SpeedBit Search Predict - zon - Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea

DivX Plus Web Player HTML5 \u003Cvideo\u003E - zon - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

Cuevana Stream - zon - Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj

==== Chrome Fix ======================

C:\Users\zon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

C:\Users\zon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://isearch.avg.com/tab?cid={D3E77F67-2425-4327-976F-F91384244EEB}&mid=f6bf7fed7fae47d198b8a3b92b68a11e-0b3ee9ad5a83f777ba57e1aea3dd3275bb9a76ca〈=nl&ds=is015&pr=sa&d=2012-01-28 10:37:05&v=9.0.0.23&sap=nt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://isearch.avg.com/tab?cid={D3E77F67-2425-4327-976F-F91384244EEB}&mid=f6bf7fed7fae47d198b8a3b92b68a11e-0b3ee9ad5a83f777ba57e1aea3dd3275bb9a76ca〈=nl&ds=is015&pr=sa&d=2012-01-28 10:37:05&v=9.0.0.23&sap=nt"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{30173BD6-A654-4052-9BC8-7CD0F3BC4E67} Unknown Url="Not_Found"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={D3E77F67-2425-4327-976F-F91384244EEB}&mid=f6bf7fed7fae47d198b8a3b92b68a11e-0b3ee9ad5a83f777ba57e1aea3dd3275bb9a76ca〈=nl&ds=is015&pr=sa&d=2012-01-28"

{C20D6A3C-C2A4-4709-BDE0-40B5302921BF} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\users\zon\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\zon\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Internet Explorer\SearchScopes\{30173BD6-A654-4052-9BC8-7CD0F3BC4E67} deleted successfully

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

HKEY_USERS\S-1-5-21-648035464-3342752320-20647198-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C20D6A3C-C2A4-4709-BDE0-40B5302921BF} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ledcpigomgblcmofccnacobhmcdkpiea deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\zon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RosettaStoneLtdController - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\zon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\zon\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\zon\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\zon\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\zon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU508GKK will be deleted at reboot

C:\Users\zon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAC2I987 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\zzvbh57h.default\Cache emptied successfully

C:\users\zon\AppData\Local\Mozilla\Firefox\Profiles\sratwpzb.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\zon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\zon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\zon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU508GKK" not found

"C:\Users\zon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAC2I987" not found

komt ie dan eindelijk ...

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:31:22, on 5-4-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16521)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Users\zon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: PNBHO - {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - C:\Program Files (x86)\DeLorme\SendToGPS\PNPluginForIE.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\grabber.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

O3 - Toolbar: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - (no file)

O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\zon\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\zon\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\zon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RosettaStoneLtdController - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

--

End of file - 13546 bytes

dank je, vanavond na het werk ga ik alles doen zoals opgedragen

Al met het downloaden van HijackThis.msi krijg ik een virusmelding. Weet je zeker dat dit goed is?

Hier de screenshot van de virusmelding.

Hoi, Ik heb een virus of malware opgelopen vrees ik, ads by browse to save. Ik zie het vooral op FB. Ben al een week bezig om alle handleidingen die op Inet bestaan te handhaven om het virus weg te krijgen, maar niets werkt. Ik kan het nergens vinden... Weet iemand raad?

Ik wil de blue stacks app player installeren, maar het lukt niet. Met starten van de .exe krijg ik de melding: Klik op het programma waarmee u het bestand wilt openen. Opties zijn een boel, zoals Adobe reader, Kladblok, paint

Wat moet ik hier dus kiezen om verder te kunnen?

maar het is niet opgelost

Totaal niets veranderd - vriend van mij, die de reactie hier had geplaatst was de laatste die aan het sleutelen was geslagen, maar ook hij kon geen oplossing aanbieden... Helaas, ik leef ermee

Hallo hulptroepen,

De ene screenshot gaf weer dat sfc /scannow fouten had gevonden:

Verificatie is 37% voltooid.
Er zijn beschadigde bestanden gevonden, maar deze kunnen niet allemaal worden hersteld.
De details zijn opgenomen in CBS.Log windir\Logs\CBS\CBS.log. Bijvoorbeeld
C:\Windows\Logs\CBS\CBS.log

De andere dat CBS.log niet geopend mocht worden (toegang geweigerd). Na kopiëren van die log naar een andere plek kon ik hem doorscannen, en heb ik de volgende fouten gevonden:

2012-02-18 19:08:10, Error                 CSI    00000135 (F) STATUS_OBJECT_NAME_NOT_FOUND #2668833# from Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile(flags = (AllowSharingViolation), handle = {provider=NULL, handle=0}, da = (SYNCHRONIZE|FILE_READ_ATTRIBUTES), oa = @0xd3c6d0->OBJECT_ATTRIBUTES {s:48; rd:NULL; on:[110]"\??\C:\Windows\WinSxS\amd64_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_1ebf38b449c0930f"; a:(OBJ_CASE_INSENSITIVE)}, iosb = @0xd3c6b0, as = (null), fa = 0, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), cd = FILE_OPEN, co = (FILE_SYNCHRONOUS_IO_NONALERT|0x00004000), eab = NULL, eal = 0, disp = Invalid)
[gle=0xd0000034]
2012-02-18 19:08:10, Error                 CSI    00000136@2012/2/18:18:08:10.450 (F) d:\win7sp1_gdr\base\wcp\sil\merged\ntu\ntsystem.cpp(2057): Error STATUS_OBJECT_NAME_NOT_FOUND originated in function Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile expression: (null)
[gle=0x80004005]
2012-02-18 19:08:10, Error                 CSI    00000137 (F) STATUS_OBJECT_NAME_NOT_FOUND #2668832# from Windows::Rtl::SystemImplementation::CDirectory::OpenExistingDirectory(...)[gle=0xd0000034]
2012-02-18 19:08:10, Error                 CSI    00000138 (F) STATUS_OBJECT_NAME_NOT_FOUND #2668831# from Windows::Rtl::SystemImplementation::CDirectory_IRtlDirectoryTearoff::OpenExistingDirectory(flags = 0, da = (SYNCHRONIZE), oa = @0xd3cfc8->SIL_OBJECT_ATTRIBUTES {s:40; on:"amd64_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_1ebf38b449c0930f"; a:(OBJ_CASE_INSENSITIVE)}, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), oo = (FILE_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT|FILE_OPEN_FOR_BACKUP_INTENT), dir = NULL, disp = Invalid)
[gle=0xd0000034]

Ik heb even gekeken, en onder C:\Windows\Winsxs\ bestaat de directory amd64_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_1ebf38b449c0930f inderdaad niet. Ben ook zo vrij geweest om even rond te googelen, en kan daar voor zover ik zie 2 kanten op: installatie-CD van Windows erop loslaten (repair), of downloaden van een dll (Rpcrtremote.dll), maar daarvan kom ik alleen een andere versie (6.1.7600.16385) tegen.

Zien jullie licht aan het eind van de tunnel?

Groets, Peter (lokale hulptroep die niet zo thuis is in moderne varianten van DLL-hel).

Heb beiden gedaan. Soluto kon niet alle programmas waar ik zei "pause" ook echt verwerken en zette ze dan weer teruig zoals het eerst was.

Opdrachtpromp ging ook niet helemaal vlekkeloos, zie screenshot. Het openen van het logbestand erna lukt helaas ook. Wie heeft er dan toegang als ik het niet ben ? Zie tweede sceerenshot.

Groetjes zon

Hoi clarkie,

De laptop is nieuw, er zat hiervoor geen andere windows versie op.

Hier de link naar het logje: (hier zit wel erg veel informatie over mijn laptop in, ik hoop dat hier geen mensen meelezen, die hier iets kwaads mee kunnen doen)

http://speccy.piriform.com/results/xZuFtCJTSAJghtKDt5Oh7Np

Hoi correos,

Zoals ik schreef heb ik dat allemaal gedaan en het heeft niets opgeleverd. Geen foutmeldingen meer, pc schoon, dus ik weet het ook niet meer

Groetjes zon

---------- Post toegevoegd om 09:57 ---------- Vorige post was om 09:56 ----------

De andere topics zijn netjes opgelost indd. Geen problemen verder, behalve de foutmelding met afsluiten. Hm Windows heb ik met de meegeleverde cd zelf erop gezet dacht ik, maar weet ik niet meer zeker.

Groetjes van zon

Dank je Clarkie, Ik had dit vanochtend weer eens gedaan, alles is schoon. Alle programma's werken naar behoren, behalve de bluetooth, waar ik nu wel de juiste driver heb en het apparaat zelf beweert, dat het prima werkt

Ach ik leef al 1 jaar me die foutmelding, dan zal ik dat maar blijven doen...

juiste driver is geïnstalleerd, tenminste de uitroeptekens zijn verdwenen, maar het apparaat doet het nog steeds niet en de foutmelding is na twee keer herstarten nog steeds niet verdwenen, helaas.

Yep, bij een randapparaat - bluetooth... Deze doet het inderdaad ook al bijna een jaar niet meer. En die heeft inderdaad een 32 bit-driver. Ik zal eens zoeken of er een voor 64bit bestaat.