deco1966

Kape, FDit zou de log moeten zijn: info.txt logfile of random's system information tool 1.09 2014-02-26 16:51:18 ======Uninstall list====== Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player 12.0-->"C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} AMD Catalyst Install Manager-->msiexec /q/x{5977D04D-1D6A-952C-97AF-04D9D4C0AE56} REBOOT=ReallySuppress Belgium e-ID middleware 4.0.5 (build 7382)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207382} BlueStacks App Player-->C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe BlueStacks Notification Center-->MsiExec.exe /X{783DCCCB-FBD0-4D1D-928D-7075DA8015E6} Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Catalyst Control Center - Branding-->MsiExec.exe /I{925652DC-D377-41CC-B97E-B0979B4F534D} Classic Shell-->MsiExec.exe /X{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68} Connected Music powered by Universal Music Group version 1.0-->"C:\Program Files (x86)\Connected Music powered by Universal Music Group\unins000.exe" CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\Setup.exe" /z-uninstall CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\Setup.exe" /z-uninstall CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Energy Star-->MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24} Gadwin PrintScreen-->C:\Program Files (x86)\Gadwin Systems\PrintScreen\Uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HP Connected Music (Meridian - installer)-->"C:\Program Files (x86)\HPConnectedMusic\Uninstall.exe" HP CoolSense-->MsiExec.exe /I{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Deskjet 3070 B611 series Basissoftware van het apparaat-->MsiExec.exe /I{E12C5B43-0EF3-450E-9973-597771B92BB2} HP Documentation-->MsiExec.exe /X{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A} HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD} HP Quick Launch-->MsiExec.exe /I{E5823036-6F09-4D0A-B05C-E2BAA129288A} HP Recovery Manager-->MsiExec.exe /I{528AB81B-D65A-4AB0-A2B6-82B51A087D01} HP Registration Service-->MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA} HP Software Framework-->MsiExec.exe /X{9A7B06AC-675B-428F-B632-97C7E6D45F8C} HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Utility Center-->MsiExec.exe /I{0C57987A-A03A-4B95-A309-D23F78F406CA} HP Wireless Button Driver-->MsiExec.exe /X{941DE69D-6CEE-4171-8F1F-3D7E352AA498} HPDiagnosticAlert-->MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE} IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly Intel® Display Audio Driver-->C:\Program Files (x86)\Intel\Intel® Display Audio Driver\Uninstall\setup.exe -uninstall Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} Java 7 Update 51-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF} Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA} Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA} REMOVE=ALL Lyrics Plug-->C:\Program Files (x86)\LyricsPlug\uninstall.exe Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC Mozilla Firefox 27.0.1 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Ralink Bluetooth Stack64-->MsiExec.exe /X{95DF815D-BE2D-9118-F549-39794C5869CF} Ralink RT3290 802.11bgn Wi-Fi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0013 -removeonly Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C} Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F} Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5} Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02AF2AA9-6FFA-47D7-BDBB-42B3A8AD8616} Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0} Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697} Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7112510-2575-4BA4-A576-78BF8A6307BC} Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D} Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1A0CA3FF-2BB8-4CF8-A5A9-9B314260C327} Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784} Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {12A1DD97-E9A1-4370-837E-D1BBD088584B} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70} Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8A8710F9-C828-440A-A2A7-2FCE899B7D99} Skype™ 6.13-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} Stuurprogrammapakket voor Windows - Fedict SmartCard (07/01/2013 4.0.0.8)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_f309236ff3c21f3f\beidmdrv.inf swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3} Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656} Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {128A5449-CF71-4DA4-A746-F49E3B5DB584} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} VLC media player 2.1.3-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194} Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe ======System event log====== Computer Name: WIN-F45IEF3PSRN Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van uitgeschakeld in automatisch starten. Record Number: 860 Source Name: Service Control Manager Time Written: 20121017113526.098160-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van automatisch starten in uitgeschakeld. Record Number: 859 Source Name: Service Control Manager Time Written: 20121017113525.019983-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand Setup is gewist. Record Number: 858 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.551005-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand Application is gewist. Record Number: 857 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.379121-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 856 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.316619-000 Event Type: Informatie User: =====Application event log===== Computer Name: laptopi7 Event Code: 1005 Message: Gegevens voor het Programma voor verbetering van de gebruikerservaring zijn samengevoegd in bestanden die voor analyse naar Microsoft worden verzonden. Deze bestanden worden alleen verzonden als de gebruiker deelneemt aan het Windows-programma voor verbetering van de gebruikerservaring. Record Number: 27021 Source Name: Microsoft-Windows-CEIP Time Written: 20131003121133.000000-000 Event Type: Informatie User: Computer Name: laptopi7 Event Code: 1001 Message: Foutbucket -1272859288, type 5 Naam van gebeurtenis: WPNConnectionFailure Antwoord: Niet beschikbaar Id van CAB-bestand: 0 Handtekening van probleem: P1: Data Reconnect P2: 80072749 P3: WNP P4: IPv4 P5: None P6: Other P7: 2 P8: 21 P9: P10: Toegevoegde bestanden: C:\Users\Philip\AppData\Local\Temp\wpn_13384820000391961667.evtx Deze bestanden zijn mogelijk hier beschikbaar: Analysesymbool: Opnieuw zoeken naar oplossing: 0 Rapport-id: d9ecb1d1-2c24-11e3-be94-6894239317d2 Rapportstatus: 0 Opgedeelde bucket: ce279a78b4b81fc10a1d506dd08cca90 Record Number: 27020 Source Name: Windows Error Reporting Time Written: 20131003121055.000000-000 Event Type: Informatie User: Computer Name: laptopi7 Event Code: 1001 Message: Foutbucket -1272859288, type 5 Naam van gebeurtenis: WPNConnectionFailure Antwoord: Niet beschikbaar Id van CAB-bestand: 0 Handtekening van probleem: P1: Data Reconnect P2: 80072749 P3: WNP P4: IPv4 P5: None P6: Other P7: 2 P8: 21 P9: P10: Toegevoegde bestanden: C:\Users\Philip\AppData\Local\Temp\wpn_3359905176062472814.evtx Deze bestanden zijn mogelijk hier beschikbaar: Analysesymbool: Opnieuw zoeken naar oplossing: 0 Rapport-id: bffcaab0-2c24-11e3-be94-6894239317d2 Rapportstatus: 0 Opgedeelde bucket: ce279a78b4b81fc10a1d506dd08cca90 Record Number: 27019 Source Name: Windows Error Reporting Time Written: 20131003121012.000000-000 Event Type: Informatie User: Computer Name: laptopi7 Event Code: 1001 Message: Foutbucket -1272859288, type 5 Naam van gebeurtenis: WPNConnectionFailure Antwoord: Niet beschikbaar Id van CAB-bestand: 0 Handtekening van probleem: P1: Data Reconnect P2: 80072749 P3: WNP P4: IPv4 P5: None P6: Other P7: 2 P8: 21 P9: P10: Toegevoegde bestanden: C:\Users\Philip\AppData\Local\Temp\wpn_6538969484897807723.evtx Deze bestanden zijn mogelijk hier beschikbaar: Analysesymbool: Opnieuw zoeken naar oplossing: 0 Rapport-id: b48e3a0e-2c24-11e3-be94-6894239317d2 Rapportstatus: 0 Opgedeelde bucket: ce279a78b4b81fc10a1d506dd08cca90 Record Number: 27018 Source Name: Windows Error Reporting Time Written: 20131003120954.000000-000 Event Type: Informatie User: Computer Name: laptopi7 Event Code: 1001 Message: Foutbucket -1272859288, type 5 Naam van gebeurtenis: WPNConnectionFailure Antwoord: Niet beschikbaar Id van CAB-bestand: 0 Handtekening van probleem: P1: Data Reconnect P2: 80072749 P3: WNP P4: IPv4 P5: None P6: Other P7: 2 P8: 21 P9: P10: Toegevoegde bestanden: C:\Users\Philip\AppData\Local\Temp\wpn_7389678152252091906.evtx Deze bestanden zijn mogelijk hier beschikbaar: Analysesymbool: Opnieuw zoeken naar oplossing: 0 Rapport-id: a925712c-2c24-11e3-be94-6894239317d2 Rapportstatus: 0 Opgedeelde bucket: ce279a78b4b81fc10a1d506dd08cca90 Record Number: 27017 Source Name: Windows Error Reporting Time Written: 20131003120933.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: laptopi7 Event Code: 4634 Message: Er is een account afgemeld. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0xD046D05 Aanmeldingstype: 7 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt vernietigd. De gebeurtenis kan met behulp van de aanmeldings-id positief worden afgestemd met een aanmeldingsgebeurtenis. Aanmeldings-id's zijn alleen uniek wanneer de computer opnieuw is opgestart. Record Number: 70962 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131123201027.064670-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4634 Message: Er is een account afgemeld. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0xD046D38 Aanmeldingstype: 7 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt vernietigd. De gebeurtenis kan met behulp van de aanmeldings-id positief worden afgestemd met een aanmeldingsgebeurtenis. Aanmeldings-id's zijn alleen uniek wanneer de computer opnieuw is opgestart. Record Number: 70961 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131123201027.064670-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0xD046D05 Bevoegdheden: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 70960 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131123201027.064670-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: LAPTOPI7$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Aanmeldingstype: 7 Imitatieniveau: Imitatie Nieuwe aanmelding: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0xD046D38 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x4c74 Naam proces: C:\Windows\System32\winlogon.exe Netwerkgegevens: Naam van werkstation: LAPTOPI7 Netwerkadres van bron: 127.0.0.1 Poort van bron: 0 Gedetailleerde verificatiegegevens: Aanmeldingsproces: User32 Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 70959 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131123201027.064670-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: LAPTOPI7$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Aanmeldingstype: 7 Imitatieniveau: Imitatie Nieuwe aanmelding: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0xD046D05 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x4c74 Naam proces: C:\Windows\System32\winlogon.exe Netwerkgegevens: Naam van werkstation: LAPTOPI7 Netwerkadres van bron: 127.0.0.1 Poort van bron: 0 Gedetailleerde verificatiegegevens: Aanmeldingsproces: User32 Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 70958 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131123201027.064670-000 Event Type: Controle geslaagd User: ======Environment variables====== "FP_NO_HOST_CHECK"=NO "USERNAME"=SYSTEM "Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Belgium Identity Card "ComSpec"=%SystemRoot%\system32\cmd.exe "TMP"=%SystemRoot%\TEMP "OS"=Windows_NT "windir"=%SystemRoot% "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=8 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=3a09 "OnlineServices"=Online Services "Platform"=MCD "AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\ "PCBRAND"=Pavilion "CLASSPATH"=C:\Program Files (x86)\Belgium Identity Card -----------------EOF-----------------

Bij het downloaden van Vuze heb ik nochtans alles uitgevinkt wat ze voorstelden als toolbar en startpgina. Blijkbaar is deze (Trovi) toch binnengeraakt. Hoe verwijder ik die best?

Bedankt!!

deze dan: # AdwCleaner v3.019 - Report created 20/02/2014 at 17:52:15 # Updated 17/02/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : Philip - LAPTOPI7 # Running from : C:\Users\Philip\Downloads\adwcleaner(1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Vuze File Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Classes\pokki Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\caphyon Key Deleted : HKLM\Software\hdcode Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16798 -\\ Mozilla Firefox v27.0.1 (nl) [ File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [21506 octets] - [31/01/2014 21:28:12] AdwCleaner[R1].txt - [1636 octets] - [20/02/2014 17:51:45] AdwCleaner[s0].txt - [21815 octets] - [31/01/2014 21:28:47] AdwCleaner[s1].txt - [1481 octets] - [20/02/2014 17:52:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1541 octets] ##########

deze dan: Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Philip on wo 19/02/2014 at 15:02:19,35. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 19/02/2014 15:02:59 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Nokia deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\AVAST Software deleted successfully C:\PROGRA~3\Iminent deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\SSScanAppDataDir deleted successfully C:\Users\Philip\AppData\Roaming\Iminent deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F9D1C772-F749-4CC5-89E4-622CD4B9C98D} deleted successfully HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default ---- Lines CT2504091 removed from prefs.js ---- user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.FF19Solved", "true"); user_pref("CT2504091.FirstTime", "true"); user_pref("CT2504091.FirstTimeFF3", "true"); user_pref("CT2504091.PG_ENABLE", "ZmFsc2U="); user_pref("CT2504091.UserID", "UN53202459253772442"); user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT2504091.appOptions", "{}"); user_pref("CT2504091.cbfirsttime.enc", "U2F0IEZlYiAxNSAyMDE0IDE4OjA4OjM4IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk="); user_pref("CT2504091.countryCode", "BE"); user_pref("CT2504091.defaultSearch", "false"); user_pref("CT2504091.enableAlerts", "true"); user_pref("CT2504091.enableSearchFromAddressBar", "false"); user_pref("CT2504091.firstTimeDialogOpened", "true"); user_pref("CT2504091.fixPageNotFoundError", "false"); user_pref("CT2504091.fixPageNotFoundErrorByUser", "false"); user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); user_pref("CT2504091.fullUserID", "UN53202459253772442.IN.20140215180710"); user_pref("CT2504091.installDate", "15/02/2014 18:07:10"); user_pref("CT2504091.installSessionId", "{5D182438-20F4-4774-BA0E-290DCC455579}"); user_pref("CT2504091.installSp", "false"); user_pref("CT2504091.installType", "conduitnsisintegration"); user_pref("CT2504091.installUsage", "2014-02-15T20:07:15.5326855+03:00"); user_pref("CT2504091.installUsageEarly", "2014-02-15T20:07:15.0022787+03:00"); user_pref("CT2504091.installerVersion", "1.8.1.4"); user_pref("CT2504091.isCheckedStartAsHidden", true); user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.isFirstTimeToolbarLoading", "false"); user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource user_pref("CT2504091.lastVersion", "10.23.0.822"); user_pref("CT2504091.mam_gk_installer_preapproved.enc", "ZmFsc2U="); user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN user_pref("CT2504091.openThankYouPage", "false"); user_pref("CT2504091.openUninstallPage", "true"); user_pref("CT2504091.revertSettingsEnabled", "false"); user_pref("CT2504091.search.searchAppId", "129079840422026594"); user_pref("CT2504091.search.searchCount", "0"); user_pref("CT2504091.searchInNewTabEnabledByUser", "false"); user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); user_pref("CT2504091.searchRevert", "false"); user_pref("CT2504091.searchSuggestEnabledByUser", "false"); user_pref("CT2504091.searchUninstallUserMode", "1"); user_pref("CT2504091.searchUserMode", "1"); user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//x user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote \"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT2504091.serviceLayer_services_Configuration_lastUpdate", "1392795831680"); user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1392484036161"); user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1392484035700"); user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1392484036006"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1392484035380"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1392484036153"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.722_lastUpdate", "1392538690350"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.822_lastUpdate", "1392795831794"); user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1392484035887"); user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1392795831664"); user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1392795831627"); user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1392484035774"); user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1392795831641"); user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1392795831658"); user_pref("CT2504091.settingsINI", true); user_pref("CT2504091.shouldFirstTimeDialog", "false"); user_pref("CT2504091.showToolbarPermission", "false"); user_pref("CT2504091.smartbar.CTID", "CT2504091"); user_pref("CT2504091.smartbar.Uninstall", "0"); user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); user_pref("CT2504091.startPage", "false"); user_pref("CT2504091.toolbarBornServerTime", "15-2-2014"); user_pref("CT2504091.toolbarCurrentServerTime", "19-2-2014"); user_pref("CT2504091.toolbarInstallDate", "15-02-2014 18:07:10"); user_pref("CT2504091.toolbarLoginClientTime", "Sat Feb 15 2014 18:07:16 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2504091.versionFromInstaller", "10.23.0.722"); user_pref("CT2504091.xpeMode", "1"); user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1392802255496,\"isWithState\":\"\",\"timeFromStar user_pref("valueApps.CT2504091./9B+7E+x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E,x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E-x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E.:2z527.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E.x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E/x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:", "6E6D68706F6C71767175"); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E767572777C777B242F4B49474F42357D5D5C3D"); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E0x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E1x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E2x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E31;CJ7FK;KG#NCEP@MC+VKN.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E3x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E4x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E5x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E6x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E7x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E8x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E9x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E:x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E;x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E<x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E=x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E>x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E?x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E@x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7EAx305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D.storedInFile", false); user_pref("valueApps.CT2504091./9B+7EBx305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7ECx305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7EDx305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7Etx305.storedInFile", true); user_pref("valueApps.CT2504091./9B-0?3G>D", "3D3D406F3E6D74447A42477A48204C762020254E20257D2A222058575A255B295A302E2A"); user_pref("valueApps.CT2504091./9B-0?3G>D.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3G@6:5;", ""); user_pref("valueApps.CT2504091./9B-0?3G@6:5;.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3GFA7EF", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B-0?3GFA7EF.storedInFile", false); user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>.storedInFile", false); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576"); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false); user_pref("valueApps.CT2504091./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); user_pref("valueApps.CT2504091./9B3=>@44I48?.storedInFile", false); user_pref("valueApps.CT2504091./9B5BA==9CJAG", "6E6A3E726F6D6E437A467976737A7C4D764E507D52"); user_pref("valueApps.CT2504091./9B5BA==9CJAG.storedInFile", false); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P", "6E6D68706F6C71767273757377"); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); user_pref("valueApps.CT2504091./9B9643G3/9E", "6A"); user_pref("valueApps.CT2504091./9B9643G3/9E.storedInFile", false); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<", "393F352F3E"); user_pref("valueApps.CT2504091./9B<:222H64<.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ", "6D70706E7674737976732A7974727D77757C7E"); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ.storedInFile", false); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:", "4443"); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:.storedInFile", false); user_pref("valueApps.CT2504091./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); user_pref("valueApps.CT2504091./9B?+E2A52D8.storedInFile", false); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H", "6D"); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H.storedInFile", false); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?", "6C"); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?.storedInFile", false); user_pref("valueApps.CT2504091.PG_ENABLE", "74727565"); user_pref("valueApps.CT2504091.PG_ENABLE.storedInFile", false); user_pref("valueApps.CT2504091._key_cl_active", "33313339323038302D353932642D346331352D613365622D613734663565636163643766"); user_pref("valueApps.CT2504091._key_cl_active.storedInFile", false); user_pref("valueApps.CT2504091.cb_experience_000", "36"); user_pref("valueApps.CT2504091.cb_experience_000.storedInFile", false); user_pref("valueApps.CT2504091.cb_firstuse0100", "31"); user_pref("valueApps.CT2504091.cb_firstuse0100.storedInFile", false); user_pref("valueApps.CT2504091.cb_user_id_000", "43423632383938353832343430355F313339323438363932343739335F46697265666F78"); user_pref("valueApps.CT2504091.cb_user_id_000.storedInFile", false); user_pref("valueApps.CT2504091.cbfirsttime", "5361742046656220313520323031342031383A30393A343820474D542B303130302028526F6D616E636520287374616E64616172 user_pref("valueApps.CT2504091.cbfirsttime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime", "31333932343834303337393832"); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appsConfig.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled", "6E756C6C"); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_calledSetupService", "31"); user_pref("valueApps.CT2504091.mam_gk_calledSetupService.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_currentVersion", "312E31332E302E3137"); user_pref("valueApps.CT2504091.mam_gk_currentVersion.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_eventsCache", "7B2232393432333338392D316365382D343064322D623636312D393466643265633765316364223A7B22746F706963223 user_pref("valueApps.CT2504091.mam_gk_eventsCache.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone", "31"); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_first_time", "31"); user_pref("valueApps.CT2504091.mam_gk_first_time.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_gadgetOpen", "77656C636F6D65"); user_pref("valueApps.CT2504091.mam_gk_gadgetOpen.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime", "31333932343834303338323632"); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_localization.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_mamEnabled", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_mamEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls", "31"); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience", "31"); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_settings1.13.0.17.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_stamp", "35345F30"); user_pref("valueApps.CT2504091.mam_gk_stamp.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userBornDate", "4E2F41"); user_pref("valueApps.CT2504091.mam_gk_userBornDate.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); user_pref("valueApps.CT2504091.mam_gk_userId.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted", "31"); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode", "31"); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode.storedInFile", false); user_pref("valueApps.CT2504091.url_history0001", "687474703A2F2F777777312E636C69636B646F776E6C6F616465722E636F6D2F646F776E6C6F61642F70726F647563745F64 user_pref("valueApps.CT2504091.url_history0001.storedInFile", true); ---- FireFox user.js and prefs.js backups ---- user_20141902_1509_.backup prefs_20141902_1509_.backup ==== Deleting Files \ Folders ====================== C:\Users\Philip\AppData\LocalLow\PriceGong deleted C:\END deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted C:\Windows\Syswow64\SearchProtect deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\searchplugins\conduit-search.xml deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\valueApps deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\CT2504091 deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\smartbar deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Philip\AppData\Local\Temp ==== 2014-02-15 17:13:42 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Philip\AppData\Local\Temp\vlc-2.1.3-win32.exe 2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-15 17:07:04 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe 2014-02-15 12:57:03 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Temp\nskC697\SpSetup.exe 2014-02-06 14:29:30 5EB1F04CB37E11F103B7B822204B943E 6180176 ----a-w- C:\Users\Philip\AppData\Local\Temp\SPSetup.exe 2014-02-06 12:48:46 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Philip\AppData\Local\Temp\nsh68DB.exe ====== Java Cache ===== 2014-02-12 18:27:26 E80F61B4996AC25DE624DEE5ABC49852 37 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\588ee9bb-6.0.lap ====== C:\Windows\SysWOW64 ===== 2014-02-14 11:02:09 568C888D74169B679E4D9E1F4E7E75BD 523776 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-14 06:24:36 9F38E0E4F9EA7DD9E58C48B21F202B63 1419264 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-14 06:24:29 FFD94811DD4D65FFA5EF36B5C1432B06 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-14 06:24:29 E016BB18F1D978772EF5D1662E536372 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-14 06:24:29 A66F7525EBF8530C495D10E742FCDA2B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2014-02-14 06:24:29 952B209CA4A39FB67C9CF110B9855583 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-14 06:24:29 71EB230269480E7F5F62E46261404B10 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-14 06:24:29 6733B2B5EEA3243E1B0FC5EABDA7223B 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-14 06:24:29 66A313E15312F666829D024235B1BA24 1140736 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-14 06:24:29 64AA1B23EFDF4B8776135C31B583D33A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll 2014-02-14 06:24:29 5668E7858F32D61FA8750470FF07C9BA 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll 2014-02-14 06:24:29 1FF83D2BE92B40DAE234CF4236680B6E 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-14 06:24:28 FAF025218BF7A20BDD899C097B86E4A8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-14 06:24:27 96484B4ED8FD9838692E3B5896C6DA61 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-14 06:24:14 5DC326473A638CC67EA5A4AF4C776BEB 2049024 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-14 06:24:14 2F867C9A274B4C731E3ADB9BAF3337C4 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2014-02-14 06:24:14 0AAE2EE5A85EA18E00079CAF359B9387 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-14 06:24:10 4098C722E878697489F0207108C8E0DA 14359040 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-14 06:24:07 FC925BF83D0EA5E0E524F86E310D64F4 451072 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-14 06:23:58 CB0AD586EA7C13AEF616848B64C5CC53 2032640 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-14 06:23:58 C7E96470AD5552C67092B073B667121B 3288576 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 18:26:23 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe 2014-02-14 11:02:36 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-02-14 11:02:09 05F9C60AD29EDF12929663B1227D28F5 600064 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-14 06:24:36 C93EC176F21B90D9B04661E134ECF984 1845248 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-14 06:24:29 600FB9CB67C48F76C5ECE67E7B76D4B0 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-14 06:24:29 4CA2A7EB74EB959C23E359887D617E69 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2014-02-14 06:24:29 2ACDD6E1522DDA16D73F3E61A02EFCEB 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-14 06:24:28 EFC64446D5881A95674E04DFAC39AB7A 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-14 06:24:28 7A824F15114E3D34691946E0D2F58911 197120 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-14 06:24:28 2D9B01CE9C1F93D047131175F4C07F7C 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2014-02-14 06:24:27 F62A5D527794DCBC1F84B1976FB44244 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-14 06:24:27 56DDB27B59BDE8CA6C9D563D38BC4673 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2014-02-14 06:24:26 D5B3FD1A39B6EBFD65B260B1E0FAF7D0 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-14 06:24:26 B61F1163B0717D7781CBD140AF80D3BA 15403520 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-14 06:24:25 F75B88A57B3264914FD80462CB992F0C 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2014-02-14 06:24:24 DBF5C7BFBAB5E01020E16156E2D5FEC3 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-14 06:24:24 90860E913075B03369BEB7B0B510DC2F 2241536 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-14 06:24:22 1B59269891A17BD804F3F640A66F2A08 19274240 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-14 06:24:14 CB0DB3C57ED00FCDCDE7536CC505EF55 2648576 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-14 06:24:14 027D0EAECAC2358406A088EA218A47C0 3960320 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-14 06:24:08 9C6302820FEA434728A14B2E356A600A 583680 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-14 06:23:59 D05FDB359808642231FC244CD06E8E4C 2238976 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-14 06:23:59 B9868B46EC3A67EF9B85B9437DB2CB65 3842560 ----a-w- C:\Windows\Sysnative\d2d1.dll ====== C:\Windows\Sysnative\drivers ===== 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch 2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-02-15 17:06:55 -------- d-----w- C:\PROGRA~2\Vuze 2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype 2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC 2014-01-29 20:28:08 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-01-25 22:41:39 -------- d-----w- C:\PROGRA~2\BlueStacks ======= C: ===== ====== C:\Users\Philip\AppData\Roaming ====== 2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide 2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype 2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype 2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC ====== C:\Users\Philip ====== 2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype 2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe 2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe 2014-01-29 19:25:16 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2014-01-25 22:41:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-01-25 22:39:05 -------- d-----w- C:\ProgramData\BlueStacksSetup 2014-01-25 22:39:01 -------- d-----w- C:\ProgramData\BlueStacks ====== C: exe-files == 2014-02-19 13:47:24 EACE638669468F28485736A3A240D57C 54272 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\IsPinned.exe 2014-02-19 13:47:24 9BCCC92E3DBDD539704B79E53D384CA2 119296 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe 2014-02-19 13:47:24 164AC719018728884E50232212001AA5 53760 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerServiceExec.exe 2014-02-18 18:03:26 072CCD2DC02D4EE12AA9D7032E9A3008 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IXQYGDS.exe 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-02-16 10:13:29 237F8A820B885EDEF7FBF26D1C9C680E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IKMCNL8.exe 2014-02-16 10:13:19 824C8B34E89F6829855B543586E7EF13 10073120 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\Vuze_Installer32[1].exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:13:42 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Philip\AppData\Local\Temp\vlc-2.1.3-win32.exe 2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\statisticsstub[2].exe 2014-02-15 17:07:07 68451FA1A3674235269EBE6A4BD2690B 2570128 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\vuze_remote[2].exe 2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\checktbexist[2].exe 2014-02-15 17:07:04 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-15 17:07:03 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe 2014-02-15 17:07:03 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe 2014-02-15 17:07:03 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe 2014-02-15 17:06:57 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe 2014-02-15 17:06:57 18CB4A32F75F0082F43918077C3BD05F 3616584 ----a-w- C:\Users\Philip\AppData\Roaming\Azureus\plugins\aznettor\AzureusTor.exe 2014-02-15 17:06:55 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe 2014-02-15 17:06:55 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe 2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe 2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\ism[1].exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-15 13:32:18 EBA34BB14E2191B7C9F20C2B438AEBA2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IDQPXYA.exe 2014-02-15 12:58:29 516362443B2786F52FF91776490868B9 12509928 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\kitty[1].exe 2014-02-15 12:57:04 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\SPSetup[1].exe 2014-02-15 12:57:03 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Temp\nskC697\SpSetup.exe 2014-02-15 12:57:01 DE24D470B32B657EADF336232963E9EC 123896 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3QJ6R8H\spstub[1].exe 2014-02-15 12:56:57 DD3580281FD53A9A993AE99F6B683F61 2038160 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\mycutebuddy%7B4.wfBHCKiGLgWE12.9%7D[1].exe 2014-02-15 12:56:57 2CE4650B44AD47A1FC51B71835B1850A 714616 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3QJ6R8H\PriceGong[1].exe 2014-02-15 12:56:54 3382EA67CFD0D218914B7D25C95D1AA4 712528 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HLW9Q3DK\embededstub[1].exe 2014-02-15 12:54:54 A4EE7DE7DE6363E710CFAD220473DE1E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$I5FB8K5.exe 2014-02-15 12:53:38 CB41792F97C9FFCA95BADFB9C84CD37E 692840 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$RDQPXYA.exe 2014-02-15 12:53:38 5417E5D581449CA1E026028B732C87A2 2072784 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$R5FB8K5.exe 2014-02-15 11:37:07 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-15 11:37:07 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-15 11:37:07 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-15 11:37:07 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-15 11:37:07 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-15 11:37:07 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-15 11:37:01 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-14 23:45:45 2839BF9E2B335A27EA13434F4CC12242 213549896 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$RXQYGDS.exe 2014-02-14 06:24:29 BC327B65D38FF611B40A718AFC6C248B 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-14 06:24:29 B04EE6BFF70C11D478680BB74E1D33AB 770736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-14 06:24:28 5E9A6ED18D9F54E7BEFF1A247FC202E6 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-14 06:24:27 A799D8222F6F06A952424CBBEE243DBE 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe 2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-12 18:24:48 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe === C: other files == 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 -c--a-w- C:\Windows\System32\DRVSTORE\CSVirtualD_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 -c--a-w- C:\Windows\System32\DRVSTORE\CSCrySec_w_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSCrySec.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\System32\Drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\System32\Drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\System32\Drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\System32\Drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\System32\Drivers\hidclass.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default - Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com - PriceGong - %ProfilePath%\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Deleted Firefox Extensions ====================== C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06] fhmbbigfkgcficoehkhadjbokhhaijea - C:\Program Files (x86)\LyricsPlug\Chrome.crx[] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06] Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Chrome Fix ====================== C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA5B1A71F-BC85-4D50-A158-6D54ED36A892&SSPV=" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fhmbbigfkgcficoehkhadjbokhhaijea deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=525 folders=128 9555990 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Philip\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Philip\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 19/02/2014 at 15:14:56,48 ======================

Het logje: Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Philip on wo 19/02/2014 at 15:19:26,22. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2014-02-19-141456.log 52130 bytes ==== Empty Folders Check ====================== C:\Users\Philip\AppData\Roaming\PANASONIC SD-2500WXE user guide ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Philip\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-02-14 11:02:09 568C888D74169B679E4D9E1F4E7E75BD 523776 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-14 06:24:36 9F38E0E4F9EA7DD9E58C48B21F202B63 1419264 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-14 06:24:29 FFD94811DD4D65FFA5EF36B5C1432B06 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-14 06:24:29 E016BB18F1D978772EF5D1662E536372 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-14 06:24:29 A66F7525EBF8530C495D10E742FCDA2B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2014-02-14 06:24:29 952B209CA4A39FB67C9CF110B9855583 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-14 06:24:29 71EB230269480E7F5F62E46261404B10 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-14 06:24:29 6733B2B5EEA3243E1B0FC5EABDA7223B 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-14 06:24:29 66A313E15312F666829D024235B1BA24 1140736 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-14 06:24:29 64AA1B23EFDF4B8776135C31B583D33A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll 2014-02-14 06:24:29 5668E7858F32D61FA8750470FF07C9BA 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll 2014-02-14 06:24:29 1FF83D2BE92B40DAE234CF4236680B6E 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-14 06:24:28 FAF025218BF7A20BDD899C097B86E4A8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-14 06:24:27 96484B4ED8FD9838692E3B5896C6DA61 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-14 06:24:14 5DC326473A638CC67EA5A4AF4C776BEB 2049024 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-14 06:24:14 2F867C9A274B4C731E3ADB9BAF3337C4 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2014-02-14 06:24:14 0AAE2EE5A85EA18E00079CAF359B9387 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-14 06:24:10 4098C722E878697489F0207108C8E0DA 14359040 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-14 06:24:07 FC925BF83D0EA5E0E524F86E310D64F4 451072 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-14 06:23:58 CB0AD586EA7C13AEF616848B64C5CC53 2032640 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-14 06:23:58 C7E96470AD5552C67092B073B667121B 3288576 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 18:26:23 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe 2014-02-14 11:02:36 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-02-14 11:02:09 05F9C60AD29EDF12929663B1227D28F5 600064 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-14 06:24:36 C93EC176F21B90D9B04661E134ECF984 1845248 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-14 06:24:29 600FB9CB67C48F76C5ECE67E7B76D4B0 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-14 06:24:29 4CA2A7EB74EB959C23E359887D617E69 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2014-02-14 06:24:29 2ACDD6E1522DDA16D73F3E61A02EFCEB 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-14 06:24:28 EFC64446D5881A95674E04DFAC39AB7A 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-14 06:24:28 7A824F15114E3D34691946E0D2F58911 197120 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-14 06:24:28 2D9B01CE9C1F93D047131175F4C07F7C 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2014-02-14 06:24:27 F62A5D527794DCBC1F84B1976FB44244 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-14 06:24:27 56DDB27B59BDE8CA6C9D563D38BC4673 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2014-02-14 06:24:26 D5B3FD1A39B6EBFD65B260B1E0FAF7D0 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-14 06:24:26 B61F1163B0717D7781CBD140AF80D3BA 15403520 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-14 06:24:25 F75B88A57B3264914FD80462CB992F0C 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2014-02-14 06:24:24 DBF5C7BFBAB5E01020E16156E2D5FEC3 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-14 06:24:24 90860E913075B03369BEB7B0B510DC2F 2241536 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-14 06:24:22 1B59269891A17BD804F3F640A66F2A08 19274240 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-14 06:24:14 CB0DB3C57ED00FCDCDE7536CC505EF55 2648576 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-14 06:24:14 027D0EAECAC2358406A088EA218A47C0 3960320 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-14 06:24:08 9C6302820FEA434728A14B2E356A600A 583680 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-14 06:23:59 D05FDB359808642231FC244CD06E8E4C 2238976 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-14 06:23:59 B9868B46EC3A67EF9B85B9437DB2CB65 3842560 ----a-w- C:\Windows\Sysnative\d2d1.dll ====== C:\Windows\Sysnative\drivers ===== 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch 2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-02-15 17:06:55 -------- d-----w- C:\PROGRA~2\Vuze 2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype 2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC 2014-01-29 20:28:08 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-01-25 22:41:39 -------- d-----w- C:\PROGRA~2\BlueStacks ======= C: ===== ====== C:\Users\Philip\AppData\Roaming ====== 2014-02-19 14:13:30 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-02-19 14:13:30 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-02-19 14:13:30 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-02-19 14:13:30 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-02-19 14:13:29 -------- d-----w- C:\Users\Philip\AppData\Local\Temp 2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide 2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype 2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype 2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC ====== C:\Users\Philip ====== 2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype 2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe 2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe 2014-01-29 19:25:16 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2014-01-25 22:41:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-01-25 22:39:05 -------- d-----w- C:\ProgramData\BlueStacksSetup 2014-01-25 22:39:01 -------- d-----w- C:\ProgramData\BlueStacks ====== C: exe-files == 2014-02-19 13:47:24 EACE638669468F28485736A3A240D57C 54272 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\IsPinned.exe 2014-02-19 13:47:24 9BCCC92E3DBDD539704B79E53D384CA2 119296 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe 2014-02-19 13:47:24 164AC719018728884E50232212001AA5 53760 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerServiceExec.exe 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:07:03 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe 2014-02-15 17:07:03 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe 2014-02-15 17:07:03 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe 2014-02-15 17:06:57 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe 2014-02-15 17:06:57 18CB4A32F75F0082F43918077C3BD05F 3616584 ----a-w- C:\Users\Philip\AppData\Roaming\Azureus\plugins\aznettor\AzureusTor.exe 2014-02-15 17:06:55 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe 2014-02-15 17:06:55 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-15 11:37:07 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-15 11:37:07 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-15 11:37:07 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-15 11:37:07 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-15 11:37:07 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-15 11:37:07 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-15 11:37:01 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-14 06:24:29 BC327B65D38FF611B40A718AFC6C248B 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-14 06:24:29 B04EE6BFF70C11D478680BB74E1D33AB 770736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-14 06:24:28 5E9A6ED18D9F54E7BEFF1A247FC202E6 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-14 06:24:27 A799D8222F6F06A952424CBBEE243DBE 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe 2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-12 18:24:48 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe === C: other files == 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 -c--a-w- C:\Windows\System32\DRVSTORE\CSVirtualD_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 -c--a-w- C:\Windows\System32\DRVSTORE\CSCrySec_w_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSCrySec.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\System32\Drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\System32\Drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\System32\Drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\System32\Drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\System32\Drivers\hidclass.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default - Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06] Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=525 folders=128 9555990 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Philip\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Philip\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 19/02/2014 at 15:35:12,88 ======================

Mijn kapersky moest vernieuwd worden en heb dus enkele dagen zonder bescherming gezeten. Ik vermoed dat er "vuiligheid" is binnen gekomen. Hieronder is mijn logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:33:35, on 19/02/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16798) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Power2GoExpress8] NA O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [MyCuteBuddy] "C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe" "file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy" /m /u O4 - Startup: Dropbox.lnk = Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @oem31.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14703 bytes Bedankt op voorhand. Gr, Philippe

Bedankt Kape. Gaat weer goed zo. Dit is hier dan opgelost. Nogmaals dank voor alle moeite en hulp.

Deze dus. # AdwCleaner v3.018 - Report created 31/01/2014 at 21:28:47 # Updated 28/01/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : Philip - LAPTOPI7 # Running from : C:\Users\Philip\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro Folder Deleted : C:\Program Files (x86)\RegClean Pro Folder Deleted : C:\Program Files (x86)\TornTV.com Folder Deleted : C:\Program Files (x86)\Vuze Folder Deleted : C:\Users\Philip\AppData\Local\Temp\CT2504091 Folder Deleted : C:\Users\Philip\AppData\Roaming\Systweak Folder Deleted : C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\Smartbar Folder Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\ValueApps Folder Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\CT2504091 Folder Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} File Deleted : C:\END File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\prefs.js ] Line Deleted : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.FF19Solved", "true"); Line Deleted : user_pref("CT2504091.FirstTime", "true"); Line Deleted : user_pref("CT2504091.FirstTimeFF3", "true"); Line Deleted : user_pref("CT2504091.PG_ENABLE", "dHJ1ZQ=="); Line Deleted : user_pref("CT2504091.UserID", "UN33239417112522226"); Line Deleted : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); Line Deleted : user_pref("CT2504091.appOptions", "{}"); Line Deleted : user_pref("CT2504091.cbfirsttime.enc", "V2VkIEphbiAwMSAyMDE0IDEwOjU4OjM1IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk="); Line Deleted : user_pref("CT2504091.countryCode", "BE"); Line Deleted : user_pref("CT2504091.defaultSearch", "false"); Line Deleted : user_pref("CT2504091.enableAlerts", "true"); Line Deleted : user_pref("CT2504091.enableSearchFromAddressBar", "false"); Line Deleted : user_pref("CT2504091.firstTimeDialogOpened", "true"); Line Deleted : user_pref("CT2504091.fixPageNotFoundError", "false"); Line Deleted : user_pref("CT2504091.fixPageNotFoundErrorByUser", "false"); Line Deleted : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); Line Deleted : user_pref("CT2504091.fullUserID", "UN33239417112522226.IN.20140101105821"); Line Deleted : user_pref("CT2504091.installDate", "01/01/2014 10:58:22"); Line Deleted : user_pref("CT2504091.installSessionId", "{7813F985-0C4F-4CFD-B711-1EF89E67CB12}"); Line Deleted : user_pref("CT2504091.installSp", "false"); Line Deleted : user_pref("CT2504091.installType", "conduitnsisintegration"); Line Deleted : user_pref("CT2504091.installUsage", "2014-01-01T12:58:29.3525365+03:00"); Line Deleted : user_pref("CT2504091.installUsageEarly", "2014-01-01T12:58:29.0561346+03:00"); Line Deleted : user_pref("CT2504091.installerVersion", "1.8.1.4"); Line Deleted : user_pref("CT2504091.isCheckedStartAsHidden", true); Line Deleted : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.isFirstTimeToolbarLoading", "false"); Line Deleted : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Line Deleted : user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource=15&CUI=UN33239417112522226&SSPV=&Lay=1&UM=1\"}"); Line Deleted : user_pref("CT2504091.lastVersion", "10.23.0.822"); Line Deleted : user_pref("CT2504091.mam_gk_installer_preapproved.enc", "ZmFsc2U="); Line Deleted : user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://VuzeRemote.OurToolbar.com/\",\"EB_TOOL[...] Line Deleted : user_pref("CT2504091.openThankYouPage", "false"); Line Deleted : user_pref("CT2504091.openUninstallPage", "true"); Line Deleted : user_pref("CT2504091.revertSettingsEnabled", "false"); Line Deleted : user_pref("CT2504091.search.searchAppId", "129079840422026594"); Line Deleted : user_pref("CT2504091.search.searchCount", "0"); Line Deleted : user_pref("CT2504091.searchInNewTabEnabledByUser", "false"); Line Deleted : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); Line Deleted : user_pref("CT2504091.searchRevert", "false"); Line Deleted : user_pref("CT2504091.searchSuggestEnabledByUser", "false"); Line Deleted : user_pref("CT2504091.searchUninstallUserMode", "1"); Line Deleted : user_pref("CT2504091.searchUserMode", "1"); Line Deleted : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://VuzeRemote.OurToolbar.com//xpi\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote \"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); Line Deleted : user_pref("CT2504091.serviceLayer_services_Configuration_lastUpdate", "1391183627443"); Line Deleted : user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1388570306956"); Line Deleted : user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1388570306031"); Line Deleted : user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1388570306764"); Line Deleted : user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1388570305774"); Line Deleted : user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1388570306818"); Line Deleted : user_pref("CT2504091.serviceLayer_services_login_10.23.0.722_lastUpdate", "1388659897502"); Line Deleted : user_pref("CT2504091.serviceLayer_services_login_10.23.0.822_lastUpdate", "1391199591592"); Line Deleted : user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1388570306998"); Line Deleted : user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1391183627368"); Line Deleted : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1391183627360"); Line Deleted : user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1388570306730"); Line Deleted : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1391196441416"); Line Deleted : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1391183627479"); Line Deleted : user_pref("CT2504091.settingsINI", true); Line Deleted : user_pref("CT2504091.shouldFirstTimeDialog", "false"); Line Deleted : user_pref("CT2504091.showToolbarPermission", "false"); Line Deleted : user_pref("CT2504091.smartbar.CTID", "CT2504091"); Line Deleted : user_pref("CT2504091.smartbar.Uninstall", "0"); Line Deleted : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); Line Deleted : user_pref("CT2504091.startPage", "false"); Line Deleted : user_pref("CT2504091.toolbarBornServerTime", "1-1-2014"); Line Deleted : user_pref("CT2504091.toolbarCurrentServerTime", "31-1-2014"); Line Deleted : user_pref("CT2504091.toolbarInstallDate", "01-01-2014 10:58:21"); Line Deleted : user_pref("CT2504091.toolbarLoginClientTime", "Wed Jan 01 2014 10:58:27 GMT+0100 (Romance (standaardtijd))"); Line Deleted : user_pref("CT2504091.versionFromInstaller", "10.23.0.722"); Line Deleted : user_pref("CT2504091.xpeMode", "0"); Line Deleted : user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1391199590642,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2); Line Deleted : user_pref("smartbar.machineId", "C2QF4ILLPVZQUXIW6P/FITISO1NHK1+N3CPATFKRHDAYG8/0Z+OVNIJHMTAMF3FFYBLUTAEHWIJX+YAP3LX5DQ"); Line Deleted : user_pref("valueApps.CT2504091./9B+7E+x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E,x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E-x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E.:2z527.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E.x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E/x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E06CG5EL8:", "6E6D696A6E6D75737771"); Line Deleted : user_pref("valueApps.CT2504091./9B+7E06CG5EL8:.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K", "247E2D2F226A74736F7074737B797D77242F4B49474F42357D5D5C3D"); Line Deleted : user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B+7E0x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E1x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E2x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E3x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E4x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E5x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E6x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E7x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E8x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E9x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E:x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E;x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E<x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E=x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E>x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E?x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7E@x305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7EAx305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); Line Deleted : user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B+7EBx305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7ECx305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7EDx305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B+7Etx305.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3G>D", "3E6F716B6D3F71437A7844717320497B7E7E25204E4E262A225325222A2B5A2F2A312D2D"); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3G>D.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3G@6:5;", ""); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3G@6:5;.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3GFA7EF", "2B2E2C3D"); Line Deleted : user_pref("valueApps.CT2504091./9B-0?3GFA7EF.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E"); Line Deleted : user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576"); Line Deleted : user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); Line Deleted : user_pref("valueApps.CT2504091./9B3=>@44I48?.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B5BA==9CJAG", "6E3A6F72723F6F427A7643457B7A757B78787D4F20"); Line Deleted : user_pref("valueApps.CT2504091./9B5BA==9CJAG.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P", "6E6D696A6E6D75737678727672"); Line Deleted : user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); Line Deleted : user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B9643G3/9E", "6A"); Line Deleted : user_pref("valueApps.CT2504091./9B9643G3/9E.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B;45>:BI9I7IE", "2B2E2C3D"); Line Deleted : user_pref("valueApps.CT2504091./9B;45>:BI9I7IE.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B<:222H64<", "393F352F3E"); Line Deleted : user_pref("valueApps.CT2504091./9B<:222H64<.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ", "6D70706E7674747977772A7A72727876757E7A"); Line Deleted : user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B=+03EH8H8J?:", "4443"); Line Deleted : user_pref("valueApps.CT2504091./9B=+03EH8H8J?:.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); Line Deleted : user_pref("valueApps.CT2504091./9B?+E2A52D8.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H", "6D"); Line Deleted : user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?", "6C"); Line Deleted : user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.PG_ENABLE", "74727565"); Line Deleted : user_pref("valueApps.CT2504091.PG_ENABLE.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091._key_cl_active", "35626236363336612D633762612D346530302D613536362D363936616638653062373537"); Line Deleted : user_pref("valueApps.CT2504091._key_cl_active.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.cbfirsttime", "576564204A616E20303120323031342031303A35383A353020474D542B303130302028526F6D616E636520287374616E646161726474696A642929"); Line Deleted : user_pref("valueApps.CT2504091.cbfirsttime.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appStateReportTime", "31333838353730333038333131"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appStateReportTime.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active", "6F6E"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy", "6F6666"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook", "6F6666"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted", "6F6666"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong", "6F6666"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appsConfig.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled", "74727565"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_calledSetupService", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_calledSetupService.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_currentVersion", "312E31322E302E35"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_currentVersion.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_eventsCache", "7B2232633863393931302D366330302D346262342D383737642D636436646339613661323030223A7B22746F706963223A2273656E645573616765222C2264617461223A7B226361746[...] Line Deleted : user_pref("valueApps.CT2504091.mam_gk_eventsCache.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_first_time", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_first_time.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_gadgetOpen", "30"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_gadgetOpen.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_lastLoginTime", "31333838353730333038353734"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_lastLoginTime.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_lastSettingsOpen", "7B2273657474696E67735061676546756C6C55726C223A22687474703A2F2F6170702E6D616D2E636F6E647569742E636F6D2F6765746170702F73612F4354323530343039312F[...] Line Deleted : user_pref("valueApps.CT2504091.mam_gk_lastSettingsOpen.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_localization.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_mamEnabled", "66616C7365"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_mamEnabled.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_settings1.12.0.5.storedInFile", true); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget", "74727565"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_stamp", "35345F30"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_stamp.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_userId.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode", "31"); Line Deleted : user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode.storedInFile", false); Line Deleted : user_pref("valueApps.CT2504091.url_history0001", "687474703A2F2F69736F68756E742E746F2F666F72756D2F6C6F67696E2E7068703A3A3A636C69636B68616E646C65723A3A3A313338383537303539383831372C2C2C687474703A2F2F69[...] Line Deleted : user_pref("valueApps.CT2504091.url_history0001.storedInFile", true); -\\ Google Chrome v32.0.1700.102 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [21506 octets] - [31/01/2014 21:28:12] AdwCleaner[s0].txt - [21673 octets] - [31/01/2014 21:28:47] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [21734 octets] ##########

ok hopelijk is deze gelukt Logfile.docx

Vreemd. Als ik de log-file copy-paste doe dan krijg ik op deze site dit antwoord: Fatal error: Maximum execution time of 30 seconds exceeded in /home/pchelpfor/domains/pc-helpforum.be/public_html/includes/functions.php on line 2351 Is er een andere manier om dit hier te plaatsen?

Dit zou het moeten zijn: info.txt logfile of random's system information tool 1.09 2014-01-30 17:26:25 ======Uninstall list====== Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player 12.0-->"C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} AMD Catalyst Install Manager-->msiexec /q/x{5977D04D-1D6A-952C-97AF-04D9D4C0AE56} REBOOT=ReallySuppress Belgium e-ID middleware 4.0.5 (build 7382)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207382} BlueStacks App Player-->C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe BlueStacks Notification Center-->MsiExec.exe /X{783DCCCB-FBD0-4D1D-928D-7075DA8015E6} Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Catalyst Control Center - Branding-->MsiExec.exe /I{925652DC-D377-41CC-B97E-B0979B4F534D} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Classic Shell-->MsiExec.exe /X{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68} Connected Music powered by Universal Music Group version 1.0-->"C:\Program Files (x86)\Connected Music powered by Universal Music Group\unins000.exe" CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\Setup.exe" /z-uninstall CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\Setup.exe" /z-uninstall CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Energy Star-->MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24} Gadwin PrintScreen-->C:\Program Files (x86)\Gadwin Systems\PrintScreen\Uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HP Connected Music (Meridian - installer)-->"C:\Program Files (x86)\HPConnectedMusic\Uninstall.exe" HP CoolSense-->MsiExec.exe /I{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Deskjet 3070 B611 series Basissoftware van het apparaat-->MsiExec.exe /I{E12C5B43-0EF3-450E-9973-597771B92BB2} HP Documentation-->MsiExec.exe /X{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A} HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD} HP Quick Launch-->MsiExec.exe /I{E5823036-6F09-4D0A-B05C-E2BAA129288A} HP Recovery Manager-->MsiExec.exe /I{528AB81B-D65A-4AB0-A2B6-82B51A087D01} HP Registration Service-->MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA} HP Software Framework-->MsiExec.exe /X{9A7B06AC-675B-428F-B632-97C7E6D45F8C} HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Utility Center-->MsiExec.exe /I{0C57987A-A03A-4B95-A309-D23F78F406CA} HP Wireless Button Driver-->MsiExec.exe /X{941DE69D-6CEE-4171-8F1F-3D7E352AA498} HPDiagnosticAlert-->MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE} IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly Intel® Display Audio Driver-->C:\Program Files (x86)\Intel\Intel® Display Audio Driver\Uninstall\setup.exe -uninstall Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF} Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA} Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA} REMOVE=ALL Lyrics Plug-->C:\Program Files (x86)\LyricsPlug\uninstall.exe Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Mozilla Firefox 26.0 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Ralink Bluetooth Stack64-->MsiExec.exe /X{95DF815D-BE2D-9118-F549-39794C5869CF} Ralink RT3290 802.11bgn Wi-Fi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0013 -removeonly Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C} Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F} Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5} Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02AF2AA9-6FFA-47D7-BDBB-42B3A8AD8616} Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0} Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697} Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7112510-2575-4BA4-A576-78BF8A6307BC} Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D} Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1A0CA3FF-2BB8-4CF8-A5A9-9B314260C327} Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784} Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {12A1DD97-E9A1-4370-837E-D1BBD088584B} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70} Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8A8710F9-C828-440A-A2A7-2FCE899B7D99} Stuurprogrammapakket voor Windows - Fedict SmartCard (07/01/2013 4.0.0.8)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_f309236ff3c21f3f\beidmdrv.inf swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TornTV-->C:\Program Files (x86)\TornTV.com\uninst.exe Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3} Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656} Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {128A5449-CF71-4DA4-A746-F49E3B5DB584} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194} Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe ======System event log====== Computer Name: WIN-F45IEF3PSRN Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van uitgeschakeld in automatisch starten. Record Number: 860 Source Name: Service Control Manager Time Written: 20121017113526.098160-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van automatisch starten in uitgeschakeld. Record Number: 859 Source Name: Service Control Manager Time Written: 20121017113525.019983-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand Setup is gewist. Record Number: 858 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.551005-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand Application is gewist. Record Number: 857 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.379121-000 Event Type: Informatie User: Computer Name: WIN-F45IEF3PSRN Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 856 Source Name: Microsoft-Windows-Eventlog Time Written: 20121017113520.316619-000 Event Type: Informatie User: =====Application event log===== Computer Name: laptopi7 Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 21171 Source Name: Bonjour Service Time Written: 20130904190041.000000-000 Event Type: Fout User: Computer Name: laptopi7 Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 97578 Record Number: 21170 Source Name: Bonjour Service Time Written: 20130904190040.000000-000 Event Type: Fout User: Computer Name: laptopi7 Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 97578 Record Number: 21169 Source Name: Bonjour Service Time Written: 20130904190040.000000-000 Event Type: Fout User: Computer Name: laptopi7 Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 21168 Source Name: Bonjour Service Time Written: 20130904190040.000000-000 Event Type: Fout User: Computer Name: laptopi7 Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 96235 Record Number: 21167 Source Name: Bonjour Service Time Written: 20130904190038.000000-000 Event Type: Fout User: =====Security event log===== Computer Name: laptopi7 Event Code: 4797 Message: Er is geprobeerd een query uit te voeren op het bestaan van een blanco wachtwoord voor een account. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0x1B43A Extra informatie: Werkstation beller: LAPTOPI7 Naam doelaccount: Administrator Domein doelaccount: laptopi7 Record Number: 59793 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131028060531.199645-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4797 Message: Er is geprobeerd een query uit te voeren op het bestaan van een blanco wachtwoord voor een account. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0x1B43A Extra informatie: Werkstation beller: LAPTOPI7 Naam doelaccount: HomeGroupUser$ Domein doelaccount: laptopi7 Record Number: 59792 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131028060527.590080-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4797 Message: Er is geprobeerd een query uit te voeren op het bestaan van een blanco wachtwoord voor een account. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0x1B43A Extra informatie: Werkstation beller: LAPTOPI7 Naam doelaccount: Gast Domein doelaccount: laptopi7 Record Number: 59791 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131028060527.590080-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4797 Message: Er is geprobeerd een query uit te voeren op het bestaan van een blanco wachtwoord voor een account. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0x1B43A Extra informatie: Werkstation beller: LAPTOPI7 Naam doelaccount: Administrator Domein doelaccount: laptopi7 Record Number: 59790 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131028060527.590080-000 Event Type: Controle geslaagd User: Computer Name: laptopi7 Event Code: 4797 Message: Er is geprobeerd een query uit te voeren op het bestaan van een blanco wachtwoord voor een account. Onderwerp: Beveiligings-id: S-1-5-21-2247059795-104316592-4163284125-1001 Accountnaam: Philip Accountdomein: laptopi7 Aanmeldings-id: 0x1B43A Extra informatie: Werkstation beller: LAPTOPI7 Naam doelaccount: HomeGroupUser$ Domein doelaccount: laptopi7 Record Number: 59789 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20131028060527.574456-000 Event Type: Controle geslaagd User: ======Environment variables====== "FP_NO_HOST_CHECK"=NO "USERNAME"=SYSTEM "Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Belgium Identity Card "ComSpec"=%SystemRoot%\system32\cmd.exe "TMP"=%SystemRoot%\TEMP "OS"=Windows_NT "windir"=%SystemRoot% "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=8 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=3a09 "OnlineServices"=Online Services "Platform"=MCD "AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\ "PCBRAND"=Pavilion "CLASSPATH"=C:\Program Files (x86)\Belgium Identity Card -----------------EOF-----------------

Kan iemand ons helpen met onze laptop. We merken dat hij trager wordt. Ik heb een hijackthis-logje en plaats die hier al (herinner me dat dit altijd gevraagd werd). Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:51:49, on 29/01/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Power2GoExpress8] NA O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - Startup: Dropbox.lnk = Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @oem31.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14136 bytes Bedankt voor de moeite. gr Philippe en Ilse

Het wordt vreemder en vreemder. Daarnet glipte de laptop van tussen mijn vingers en viel van op 50 cm hoogte op mijn voet. Nu werkt alles zonder problemen. Dus bedankt juisterr voor de moeite en ik sluit dit als opgelost.

Ik vrees het ergste. Ik heb haar foto's en documenten op een externe harde schijf gezet. Daarna alles terug geplaatst naar de fabrieksinstellingen. Blijkt nu dat als je het klavier in een bepaalde hoek zet...deze niet meer uitvalt en als je ze gewoon op tafel plaatst, valt hij gewoon uit. Ik vrees dat er iets fout zit in het scharnier van het scherm ......

Nu blijkt dat als je de laptop opstart hij vanzelf afsluit eens hij het bureaublad wil weergeven. Als je op het icoontje van IE klikt, duurt het een eeuwigheid (ongeveer 4') voor je IE opstart. De dochter heeft daarnet een cd-rom met spelletjes willen spelen en toen maakte de laptop een vreemd zwaar bromgeluid en de hele laptop voelde je trillen.

Hebben jullie nog iets nodig?

het logje: Zoek.exe Version 4.0.0.2 Updated 06-May-2013 Tool run by acer on ma 06/05/2013 at 20:17:54,43. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\p5rw3tt7.default - Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} ProfilePath: C:\Users\Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\llhki43c.default - Undetermined - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru - Undetermined - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru - Undetermined - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dq6s9d1m.default AF43092E55306659CF366F9B42E4A981 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\urladvisor.crx[07/09/2012 15:01] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\virtkbd.crx[07/09/2012 15:01] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\ab.crx[07/09/2012 15:01] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Philippe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philippe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\acer\AppData\Local\Mozilla\Firefox\Profiles\dq6s9d1m.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\p5rw3tt7.default\Cache emptied successfully C:\users\Philippe\AppData\Local\Mozilla\Firefox\Profiles\llhki43c.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\acer\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied

Dit is de hijackthis-logje van de laptop van mijn vriendin: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:12:20, on 6/05/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12110 bytes Bedankt op voorhand

Alles is blijkbaar opgelost. Bedankt. Mag ik hier een hijack-logje plaatsen van de laptop van mijn vriendin? Blijkbaar kan ze niet meer op internet en blokkeerde soms Word. Of moet ik een nieuw topic starten?

ADW -logje: # AdwCleaner v2.300 - Verslag gemaakt op 05/05/2013 om 10:54:32 # Geactualiseerd op 28/04/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Philippe - PHILIPPE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Philippe\Downloads\adwcleaner(1).exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v20.0.1 (nl) File : C:\Users\Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\y8q061tt.default\prefs.js Verwijdert : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true); -\\ Opera v11.61.1250.0 File : C:\Users\Philippe\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [11733 octets] - [15/01/2013 10:38:44] AdwCleaner[R2].txt - [7550 octets] - [05/05/2013 09:20:11] AdwCleaner[R3].txt - [7610 octets] - [05/05/2013 09:21:17] AdwCleaner[s1].txt - [11929 octets] - [15/01/2013 10:39:19] AdwCleaner[s2].txt - [7786 octets] - [05/05/2013 09:22:55] AdwCleaner[s3].txt - [1273 octets] - [05/05/2013 10:54:32] ########## EOF - C:\AdwCleaner[s3].txt - [1333 octets] ########## hijjacktis-logje: - - - Updated - - - hijackthis-logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:41:06, on 5/05/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10065 bytes

Vreemd maar ik kan geen "uitvoeren als adminstrator" kiezen bij "opdrachtprompt" en kon dus ook die opdrachten niet typen. Wat Hijackthis betreft: ik vond geen van de items in de lijst en zet hieronder een logbestand van als ik hem liet scannen met "als adminstrator uitvoeren. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:04:36, on 4/05/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10380 bytes

Ik heb een hijackthis logje en plaats die hieronder. Bedankt voor de hulp die ik kan krijgen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:51:55, on 2/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.3\pdfforgeToolbarIE.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll R3 - URLSearchHook: (no name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.3\pdfforgeToolbarIE.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.3\pdfforgeToolbarIE.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Easy Driver Pro] C:\Program Files (x86)\Probit Software\Easy Driver Pro\DPLauncher.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12861 bytes

Heb het gedownload en laat het nu installeren. Waarom er het nog niet op stond, weet ik ook niet want het is mijn laptop niet. Maar bedankt in ieder geval.

HJT van vriendin: HLogfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:12:16, on 5/10/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17115) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\acer\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (Kopie 1).lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12666 bytes JT van vriendin: