Ga naar inhoud

geertje

Lid
  • Items

    5
  • Registratiedatum

  • Laatst bezocht

Over geertje

  • Verjaardag 27-04-1977

PC Specificaties

  • Besturingssysteem
    windows

geertje's prestaties

  1. ja hoor alles zoals voorheen heel erg bedankt aan de mensen die me geholpen hebben !!!
  2. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.25.2 Run by geert at 11:51:12 on 2013-07-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8183.6034 [GMT 2:00] . AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 TCP: NameServer = 195.130.130.133 195.130.131.133 TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7} : DHCPNameServer = 195.130.130.133 195.130.131.133 TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7}\2756075616475627 : DHCPNameServer = 0.0.0.0 TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141 TCP: Interfaces\{4D86E6A5-09D6-474E-BCE6-885328373A30} : DHCPNameServer = 195.130.130.133 195.130.131.133 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = hxxp://www.google.com x64-mDefault_Page_URL = hxxp://www.google.com x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - hxxps://www.google.be/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll FF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll FF - plugin: C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-07-17 06:15; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn FF - ExtSQL: 2013-07-17 22:40; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-7-21 52856] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-18 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-18 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-17 1393240] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-18 169048] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130717.001\IDSviA64.sys [2013-7-18 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-18 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-18 433752] R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-14 166400] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-14 128512] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccsvchst.exe [2013-6-18 144368] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-15 474168] R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\System32\drivers\wcmvcam64.sys [2012-4-15 1071032] R3 AVER_H193;AVerMedia H193 Video Capture;C:\Windows\System32\drivers\AVer888RC_64.sys [2009-11-13 543616] R3 CXCIR;AVerMedia Consumer Infrared Receiver;C:\Windows\System32\drivers\AVer888RCIR_64.sys [2009-11-13 39936] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-10 138912] R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-10-11 44928] R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2013-2-25 2426672] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-3 233472] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408] S3 cxbu0x64;OMNIKEY 1021;C:\Windows\System32\drivers\cxbu0x64.sys [2011-9-6 177920] S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-1-9 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-1-9 171008] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-4 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-4 57856] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-2 1255736] . =============== File Associations =============== . ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L" . =============== Created Last 30 ================ . 2013-07-18 05:39:18 -------- d-----w- C:\Users\geert\AppData\Local\{88A827EF-4F5E-4F40-AFC7-84587CD9EC8F} 2013-07-17 20:40:47 -------- d-sh--w- C:\$RECYCLE.BIN 2013-07-17 20:38:34 24064 ----a-w- C:\Windows\zoek-delete.exe 2013-07-17 20:38:34 -------- d-----w- C:\Users\geert\AppData\Local\Temp 2013-07-17 07:54:54 388096 ----a-r- C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-07-17 07:54:54 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-06-29 09:14:41 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2013-06-30 09:41:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-30 09:41:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-29 09:14:35 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-06-29 09:14:35 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-19 00:50:37 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-05-23 05:25:28 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys 2013-05-22 18:33:50 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll 2013-05-21 05:02:00 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys 2013-05-17 17:27:10 156935 ----a-w- C:\Users\geert\AppData\Roaming\mdbu.bin 2013-05-16 05:02:14 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys 2013-04-25 00:43:56 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys . ============= FINISH: 11:52:50,13 =============== - - - Updated - - - UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 27/12/2011 18:18:05 System Uptime: 18/07/2013 11:46:36 (0 hours ago) . Motherboard: MSI | | Indio Processor: Intel® Core i5 CPU 750 @ 2.67GHz | CPU 1 | 1173/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 921 GiB total, 818,214 GiB free. D: is FIXED (NTFS) - 10 GiB total, 1,894 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable K: is FIXED (NTFS) - 932 GiB total, 239,769 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP175: 29/06/2013 11:13:48 - Installed Java 7 Update 25 RP176: 6/07/2013 23:06:21 - Gepland controlepunt RP177: 14/07/2013 11:50:56 - Gepland controlepunt RP178: 17/07/2013 9:54:36 - Installed HiJackThis RP179: 17/07/2013 22:25:11 - zoek.exe restore point . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 6.0 Adobe Reader XI - Nederlands Bass Avenger Battle Of Britain Belgium e-ID middleware 4.0.4 (build 7251) Blokker Blokker Fotoservice Burn4Free DVD Burning 6.0.0.0 CCleaner cdrtfe 1.4.1 Championship Surfer Compatibiliteitspakket voor het 2007 Microsoft Office system ContinueToSave D3DX10 Diagnostisch hulpprogramma voor hardware DirectX for Managed Code Update (Summer 2004) Doxillion Document Converter DVD Flick 1.3.0.7 EPSON Attach To Email Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) EPSON File Manager EPSON Scan EPSON Scan Assistant EPSON SX218 Series Printer Uninstall Express Zip Facebook Video Calling 1.2.0.287 FaceOnBody Pro v 2.4 Fun Morph 3.0 GIMP 2.8.0 GoforFiles GOM Player Google Chrome Google Earth Plug-in Google Update Helper HaJé's Woordjes Maken 2.11 Hewlett-Packard ACLM.NET v1.1.0.0 High-Definition Video Playback 10 HiJackThis Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Customer Experience Enhancements HP MAINSTREAM KEYBOARD HP MediaSmart DVD HP MediaSmart Movie Themes HP MediaSmart Music/Photo/Video HP MediaSmart SmartMenu HP Odometer HP Product Detection HP Remote Solution HP Setup HP Support Information HP Update ImageShack Uploader 2.2.0 ImgBurn Intel® Matrix Storage Manager IZArc 4.1.6 Java 7 Update 25 Java Auto Updater Java 6 Update 31 (64-bit) JDownloader Junk Mail filter update Kruidvat fotoservice LabelPrint LightScribe System Software ManyCam 3.1.43 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Application Error Reporting Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 MixPad Mozilla Firefox 22.0 (x86 nl) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) Nokia Connectivity Cable Driver Nokia Suite Norton 360 Premier Edition NVIDIA-configuratiescherm 296.19 NVIDIA Grafisch stuurprogramma 296.19 NVIDIA Install Application OpenOffice.org 3.4 PC Connectivity Solution Photo DVD Maker Professional 8.10 Photo DVD Slideshow Pro 8.35 Photodex Presenter PhotodexProShowProducer Photoupz 1.63 Picasa 3 PlayMemories Home Power2Go PowerDirector PowerRecover Print Artist Platinum 24 PrintMaster 2012 Platinum Prism Video File Converter ProShow Producer Reader for PC Realtek High Definition Audio Driver Samsung Kies SAMSUNG USB Driver for Mobile Phones Search Assistant WebSearch 1.74 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) SketchUp 8 Skype™ 6.5 SPCA1528 PC Driver Spotify Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Switch Sound File Converter Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD Tony Hawk's Pro Skater 3® Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VLC media player 2.0.7 Vuze WavePad Sound Editor WBFS Manager 3.0 WBFS to ISO WebcamMax Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 4.20 (64-bit) WinRAR archiver Wondershare DVD Slideshow Builder Deluxe(Build 6.0.0.22) XviD MPEG-4 Video Codec ZipGenius 6.3 . ==== End Of File ===========================
  3. PC Helpforum moderator bericht: @ geertje - je mag alle bijlagen en logjes steeds in dit topic posten, zo hoeven we ze niet naar deze locatie te verplaatsen en blijft alles overzichtelijk en bij elkaar # AdwCleaner v2.305 - Verslag gemaakt op 18/07/2013 om 11:45:37 # Geactualiseerd op 11/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : geert - GEERT-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\geert\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare Map Verwijderd : C:\ProgramData\Wondershare Map Verwijderd : C:\Users\fanny\AppData\Local\AskToolbar Map Verwijderd : C:\Users\fanny\AppData\LocalLow\AskToolbar Map Verwijderd : C:\Users\fanny\AppData\LocalLow\BabylonToolbar Map Verwijderd : C:\Users\fanny\AppData\LocalLow\Conduit Map Verwijderd : C:\Users\fanny\AppData\LocalLow\PriceGong Map Verwijderd : C:\Users\fanny\AppData\LocalLow\Vuze_Remote ***** [Register] ***** Data Verwijderd : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746 Data Verwijderd : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1371285854 Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll Sleutel Verwijderd : HKCU\Software\1ClickDownload Sleutel Verwijderd : HKCU\Software\APN Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKCU\Software\AppDataLow\AskToolbarInfo Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\AskToolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\NCH_EN Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Vuze_Remote Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijderd : HKCU\Software\Ask.com Sleutel Verwijderd : HKCU\Software\AskToolbar Sleutel Verwijderd : HKCU\Software\BabylonToolbar Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\delta LTD Sleutel Verwijderd : HKCU\Software\IM Sleutel Verwijderd : HKCU\Software\ImInstaller Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKCU\Software\WNLT Sleutel Verwijderd : HKLM\Software\APN Sleutel Verwijderd : HKLM\Software\AskToolbar Sleutel Verwijderd : HKLM\Software\Babylon Sleutel Verwijderd : HKLM\Software\BabylonToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\I Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.dskBnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IncredibarApp.appCore Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2801948 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\delta-homesSoftware Sleutel Verwijderd : HKLM\Software\Desksvc Sleutel Verwijderd : HKLM\Software\eSafeSecControl Sleutel Verwijderd : HKLM\Software\IB Updater Sleutel Verwijderd : HKLM\Software\Iminent Sleutel Verwijderd : HKLM\Software\incredibar.com Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{125B7A09-B405-46FB-95FB-96CF6B72992D} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Sleutel Verwijderd : HKLM\Software\NCH_EN Sleutel Verwijderd : HKLM\Software\PIP Sleutel Verwijderd : HKLM\Software\qvo6Software Sleutel Verwijderd : HKLM\Software\SP Global Sleutel Verwijderd : HKLM\Software\SProtector Sleutel Verwijderd : HKLM\Software\systweak Sleutel Verwijderd : HKLM\Software\Vuze_Remote Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4327837B-8B64-4511-AF16-E659A6F87B6F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74AC6363-7252-428E-9032-BEFAC37E5CAC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A92BDDF-5CC9-4EAD-8206-6BD1010313E0} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD5B9150-6313-452F-9701-892A9883C463} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746 --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746 --> hxxp://www.google.com -\\ Mozilla Firefox v22.0 (nl) File : C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\prefs.js C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\user.js ... Verwijderd ! [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\prefs.js Verwijderd : user_pref("aol_toolbar.default.homepage.check", false); Verwijderd : user_pref("aol_toolbar.default.search.check", false); File : C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\prefs.js Verwijderd : user_pref("aol_toolbar.default.homepage.check", false); Verwijderd : user_pref("aol_toolbar.default.search.check", false); Verwijderd : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Verwijderd : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Verwijderd : user_pref("browser.startup.homepage", "hxxps://isearch.avg.com/?cid={B6837E05-BD6F-427E-9D02-8B43C76[...] Verwijderd : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={B6837E05-BD6F-427E-9D02-8B43C7610D53}&[...] -\\ Google Chrome v28.0.1500.72 File : C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijderd [l.429] : homepage = "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10[...] Verwijderd [l.625] : urls_to_restore_on_startup = [ "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&[...] ************************* AdwCleaner[s1].txt - [19869 octets] - [18/07/2013 11:45:37] ########## EOF - C:\AdwCleaner[s1].txt - [19930 octets] ##########
  4. Zoek.exe Version 4.0.0.4 Updated 17-July-2013 Tool run by geert on wo 17/07/2013 at 22:26:43,63. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EB1FF8ED-B8C2-4B8B-BDEC-6CAB556D6448} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default user.js not found ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines CT2801948 removed from prefs.js ---- ---- Lines CT2801948 modified from prefs.js ---- ---- Lines CT2504091 removed from prefs.js ---- ---- Lines CT2504091 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines mystart removed from prefs.js ---- ---- Lines mystart modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines babylon removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); ---- Lines babylon modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines asktb removed from prefs.js ---- ---- Lines asktb modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines Search Results removed from prefs.js ---- ---- Lines Search Results modified from prefs.js ---- ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines SweetIM modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131707_2231_.backup ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default ---- Lines delta removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=119776&tt=110413_noprt&babsrc=NT_ss&mntrId=94CA00225FA93ECD"); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.bbDpng", "10"); user_pref("extensions.delta.cntry", "BE"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.hdrMd5", "BE21C048787F921F3A4E50CCC285F45F"); user_pref("extensions.delta.id", "94caf93b00000000000000225fa93ecd"); user_pref("extensions.delta.instlDay", "15808"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.lastVrsnTs", "1.8.16.169:20:44"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.sg", "azb"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.16.16"); user_pref("extensions.delta.vrsnTs", "1.8.16.169:20:44"); user_pref("extensions.delta.vrsni", "1.8.16.16"); ---- Lines delta modified from prefs.js ---- user_pref("extensions.enabledAddons", "belgiumeid%40eid.belgium.be:1.0.18,%7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37,ffxtlbr%40delta.com:1.5.0,%7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.4,personas%40christopher.beard:1.7.2.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1"); user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\N360_6.0.0.145\\\\IPSFFPlgn\",\"mtime\":1368167943607},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\N360_6.0.0.145\\\\coFFPlgn\",\"mtime\":1368082906173},\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1362752332994}}},{\"name\":\"app-global\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\belgiumeid@eid.belgium.be\",\"mtime\":1365761273572},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1365761276575},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1365761273680},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1365761273786},\"{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\",\"mtime\":1365761273846}}},{\"name\":\"app-profile\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\belgiumeid@eid.belgium.be.xpi\",\"mtime\":1348766894653},\"en-US@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\en-US@dictionaries.addons.mozilla.org\",\"mtime\":1364067257703},\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1365837644727},\"GlassMyFox@ArisT2_Noia4dev\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\GlassMyFox@ArisT2_Noia4dev.xpi\",\"mtime\":1366220361066},\"jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack.xpi\",\"mtime\":1366445103801},\"personas@christopher.beard\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\personas@christopher.beard.xpi\",\"mtime\":1367135967788},\"TFToolbarX@torrent-finder\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\TFToolbarX@torrent-finder.xpi\",\"mtime\":1359547810206},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1361468229180},\"torntv2@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\torntv2@torntv.com.xpi\",\"mtime\":1365837614151},\"{37483b40-c254-4a72-bda4-22ee90182c1e}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{37483b40-c254-4a72-bda4-22ee90182c1e}\",\"mtime\":1368083814718},\"{9AA46F4F-4DC7-4c06-97AF-5035170634FE}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi\",\"mtime\":1366797619080},\"{ba14329e-9550-4989-b3f2-9732e92d17cc}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{ba14329e-9550-4989-b3f2-9732e92d17cc}\",\"mtime\":1360510785832},\"{DDC359D1-844A-42a7-9AA1-88A850A938A8}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi\",\"mtime\":1365096432401}}}]"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "94caf93b00000000000000225fa93ecd"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15808"); user_pref("extensions.delta.vrsn", "1.8.16.16"); user_pref("extensions.delta.vrsni", "1.8.16.16"); user_pref("extensions.delta.vrsnTs", "1.8.16.169:20:44"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines incredibar removed from user.js ---- user_pref("extensions.incredibar_i.ms_url_id", ""); user_pref("extensions.incredibar_i.upn2", "6R8QbCmh5A"); user_pref("extensions.incredibar_i.upn2n", "92825682046951662"); user_pref("extensions.incredibar_i.productid", "26"); user_pref("extensions.incredibar_i.installerproductid", "26"); user_pref("extensions.incredibar_i.did", "10643"); user_pref("extensions.incredibar_i.ppd", "35"); user_pref("extensions.incredibar_i.newTab", false); user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8QbCmh5A&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar_i.id", "94caf93b00000000000000225fa93ecd"); user_pref("extensions.incredibar_i.instlDay", "15708"); user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:55:19"); user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); user_pref("extensions.incredibar_i.prdct", "incredibar"); user_pref("extensions.incredibar_i.aflt", "orgnl"); user_pref("extensions.incredibar_i.smplGrp", "none"); user_pref("extensions.incredibar_i.tlbrId", "base"); user_pref("extensions.incredibar_i.instlRef", ""); user_pref("extensions.incredibar_i.dfltLng", ""); user_pref("extensions.incredibar_i.excTlbr", false); ---- Lines CT2801948 removed from prefs.js ---- ---- Lines CT2801948 modified from prefs.js ---- ---- Lines CT2801948 removed from user.js ---- ---- Lines CT2504091 removed from prefs.js ---- ---- Lines CT2504091 modified from prefs.js ---- ---- Lines CT2504091 removed from user.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from user.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from user.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines conduit removed from user.js ---- ---- Lines mystart removed from prefs.js ---- ---- Lines mystart modified from prefs.js ---- ---- Lines mystart removed from user.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines qvo6 removed from user.js ---- ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines WebSearch removed from user.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines Torntv removed from user.js ---- ---- Lines babylon removed from prefs.js ---- ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.id", "94caf93b00000000000000225fa93ecd"); user_pref("extensions.BabylonToolbar_i.hardId", "94caf93b00000000000000225fa93ecd"); user_pref("extensions.BabylonToolbar_i.instlDay", "15396"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:43:44"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines ask.com removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines asktb removed from prefs.js ---- ---- Lines asktb modified from prefs.js ---- ---- Lines asktb removed from user.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines y2layers removed from user.js ---- user_pref("extentions.y2layers.installId", "60a16b51-bb7c-4cf2-9d6b-c1363a42fc9a"); user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,"); ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines yontoo removed from user.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines CommunityToolbar removed from user.js ---- ---- Lines Search Results removed from prefs.js ---- ---- Lines Search Results modified from prefs.js ---- ---- Lines Search Results removed from user.js ---- ---- Lines SweetIM removed from prefs.js ---- ---- Lines SweetIM modified from prefs.js ---- ---- Lines SweetIM removed from user.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- Lines smartbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20131707_2231_.backup prefs_20131707_2231_.backup ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000 user.js not found ---- Lines delta removed from prefs.js ---- user_pref("browser.search.defaultenginename", "delta-homes"); user_pref("browser.search.order.1", "delta-homes"); user_pref("browser.search.selectedEngine", "delta-homes"); ---- Lines delta modified from prefs.js ---- ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines CT2801948 removed from prefs.js ---- ---- Lines CT2801948 modified from prefs.js ---- ---- Lines CT2504091 removed from prefs.js ---- ---- Lines CT2504091 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ---- ---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines mystart removed from prefs.js ---- ---- Lines mystart modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- user_pref("extensions.ui.lastCategory", "addons://search/qvo6"); ---- Lines qvo6 modified from prefs.js ---- ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines babylon removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); ---- Lines babylon modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines asktb removed from prefs.js ---- ---- Lines asktb modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines Search Results removed from prefs.js ---- ---- Lines Search Results modified from prefs.js ---- ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines SweetIM modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131707_2231_.backup ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\searchplugins\MyStart Search.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\delta.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\MyStart Search.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\WebSearch.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\torntv2@torntv.com.xpi" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\babylon.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\searchplugins\MyStart Search.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\windows\SysNative\dmwu.exe" deleted "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\windows\SysNative\Tasks\GoforFilesUpdate" deleted "C:\user.js" deleted "C:\END" deleted "C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\searchplugins\MyStart Search.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\babylon.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\MyStart Search.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\WebSearch.xml" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\searchplugins\MyStart Search.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Windows\Syswow64\jmdp\lmrn.dll" deleted "C:\Windows\Syswow64\jmdp\msvcp100.dll" deleted "C:\Windows\Syswow64\jmdp\msvcr100.dll" deleted "C:\Windows\Syswow64\jmdp\sqlite3.dll" deleted "C:\Windows\Syswow64\jmdp\stij.exe" deleted "C:\Program Files (x86)\TornTV.com" deleted "C:\Program Files (x86)\NCH_EN" deleted "C:\Program Files\Babylon" deleted "C:\Program Files (x86)\Vuze_Remote" deleted "C:\Program Files (x86)\GoforFiles" deleted "C:\Program Files (x86)\1ClickDownload" deleted "C:\Program Files (x86)\WebSearch" deleted "C:\Program Files (x86)\Incredibar.com" deleted "C:\Program Files (x86)\Desk 365" deleted "C:\Program Files (x86)\MyPC Backup" deleted "C:\Program Files\IB Updater" deleted "C:\Program Files (x86)\ContinueToSave" deleted "C:\Program Files (x86)\Wondershare" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Program Files (x86)\Common Files\Wondershare" deleted "C:\Users\geert\AppData\Roaming\GoforFiles" deleted "C:\Users\geert\AppData\Roaming\eIntaller" deleted "C:\Users\geert\AppData\Roaming\WebCake" deleted "C:\Users\geert\AppData\Roaming\Babylon" deleted "C:\Users\geert\AppData\Roaming\Systweak" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted "C:\Users\geert\AppData\Local\CRE" deleted "C:\Users\geert\AppData\Local\Wondershare" deleted "C:\Users\geert\AppData\Local\AskToolbar" deleted "C:\Users\geert\AppData\Local\Conduit" deleted "C:\Users\geert\AppData\LocalLow\Vuze_Remote" deleted "C:\Users\geert\AppData\LocalLow\AskToolbar" deleted "C:\Users\geert\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\geert\AppData\LocalLow\Incredibar.com" deleted "C:\Users\geert\AppData\LocalLow\PriceGong" deleted "C:\Users\geert\AppData\LocalLow\Conduit" deleted "C:\Users\geert\AppData\LocalLow\NCH_EN" deleted "C:\Windows\Syswow64\jmdp" deleted "C:\Windows\Syswow64\ARFC" deleted "C:\Windows\Syswow64\WNLT" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\jetpack" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948" deleted "C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\ffxtlbr@delta.com" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\conduitCommon" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\toolbar@ask.com" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\smartbar" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\ffxtlbr@delta.com" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - ciointinuetosave - %ProfilePath%\extensions\lqps7qgtw@rcof-.org - NCH EN - %ProfilePath%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} - Vuze Remote Community Toolbar - %ProfilePath%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - GlassMyFox - %ProfilePath%\extensions\GlassMyFox@ArisT2_Noia4dev.xpi - The Pirate Bay Forwarder - %ProfilePath%\extensions\jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack.xpi - Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi - Torrent Finder Toolbar - %ProfilePath%\extensions\TFToolbarX@torrent-finder.xpi - ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi - DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000 - Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17 025F127536724D29F5426F624BFB224D - C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17 025F127536724D29F5426F624BFB224D - C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}" deleted "C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] gclijllifhfpomppedeljakfegbcpojn - C:\Users\geert\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx[31/05/2013 03:49] nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gclijllifhfpomppedeljakfegbcpojn - C:\Users\geert\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[] Delta Toolbar - geert - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde WebCake - geert - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh NCH EN - geert - Default\Extensions\gclijllifhfpomppedeljakfegbcpojn Norton Identity Protection - geert - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Torntv 2 - geert - Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje ==== Chrome Fix ====================== C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gclijllifhfpomppedeljakfegbcpojn_0.localstorage deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gclijllifhfpomppedeljakfegbcpojn_0 deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjoijdanhaiflhibkljeklcghcmmfffh_0.localstorage deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" "Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" "Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" "Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {0A359229-A432-4443-BC32-24FBC64F4D90} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found" {2D78CADC-7256-41E8-8499-011D0E6741C2} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcndtie7-nl-be" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {773824FE-657B-456E-85BA-19514CBDEEC2} Yahoo//nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\fanny\Desktop\FaceOnBody Pro.lnk - C:\Program Files (x86)\FaceOnBody Pro\FaceOnBody.exe C:\Users\fanny\Desktop\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe C:\Users\fanny\Desktop\Tony Hawks Pro Skater 3.lnk - C:\Program Files (x86)\Activision\Thps3\Skate3.exe C:\Users\fanny\Desktop\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Users\fanny\Desktop\ZeallSoft Products.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\Web\ourproducts.htm C:\Users\geert\Desktop\Blokker Fotoservice.lnk - C:\Program Files (x86)\Blokker Fotoservice\Loader.exe C:\Users\geert\Desktop\Burn4Free.lnk - C:\Program Files (x86)\Burn4Free\Burn4Free.exe C:\Users\geert\Desktop\FaceOnBody Pro.lnk - C:\Program Files (x86)\FaceOnBody Pro\FaceOnBody.exe C:\Users\geert\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\geert\Desktop\HiJackThis.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\geert\Desktop\Photo DVD Maker Professional.lnk - C:\Program Files (x86)\AnvSoft\Photo DVD Maker Professional\DVDPhotoMaker.exe C:\Users\geert\Desktop\Photo DVD Slideshow Professional.lnk - C:\Program Files (x86)\Photo DVD Slideshow Professional\DVDPhotoMaker.exe C:\Users\geert\Desktop\PlayMemories Home.lnk - C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe C:\Users\geert\Desktop\Spotify.lnk - C:\Users\geert\AppData\Roaming\Spotify\spotify.exe C:\Users\geert\Desktop\WBFS Manager 3.0.lnk - C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe C:\Users\geert\Desktop\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Users\geert\Desktop\Wondershare DVD Slideshow Builder Deluxe.lnk - C:\Program Files (x86)\Wondershare\DVD Slideshow Builder\DSB.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\Photoshop Elements 6.0.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Belgium EidViewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eid-viewer.exe C:\Users\Public\Desktop\Blokker.lnk - C:\Program Files (x86)\Blokker\Blokker.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Doxillion Document Converter.lnk - C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Public\Desktop\Fotoshow.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Fotoshow.exe C:\Users\Public\Desktop\Go for Files.lnk - C:\Program Files (x86)\GoforFiles\GoforFiles.exe C:\Users\Public\Desktop\GoforFiles.lnk - C:\Program Files (x86)\GoforFiles\GoforFiles.exe C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\Public\Desktop\ImageShack Uploader.lnk - C:\Windows\Installer\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}\ImageShackUploader.exe C:\Users\Public\Desktop\Kruidvat fotoservice.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe C:\Users\Public\Desktop\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe C:\Users\Public\Desktop\Nokia Suite.lnk - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Users\Public\Desktop\Norton 360.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Users\Public\Desktop\Photoupz.lnk - C:\Program Files (x86)\Photoupz\PhotoUpz.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\Print Artist Platinum 24.lnk - C:\Windows\Installer\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}\NewShortcut4_65415E4819CB4F309BC9AE8A2E4D21FC.exe C:\Users\Public\Desktop\PrintMaster 2012 Platinum.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\PrintMaster.exe C:\Users\Public\Desktop\ProShow Producer.lnk - C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe C:\Users\Public\Desktop\SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\Smilebox Trial.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\Smilebox Trial\PC\Autorun\autorun.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Public\Desktop\WBFS to ISO.lnk - C:\Program Files (x86)\WBFS to ISO\wbfstoiso.exe C:\Users\Public\Desktop\WebcamMax.lnk - C:\Program Files (x86)\WebcamMax\WebcamMax.exe C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\Public\Desktop\ZipGenius 6.lnk - C:\Program Files (x86)\ZipGenius 6\zipgenius.exe ==== shortcuts in Users Start Menu ====================== C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Wizard.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GomWiz.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Uninstall.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\LiveUpdate.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe /lu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\NBRT.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Norton 360.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Support.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\symerr.exe /support C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Uninstall Norton 360.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\2454B0AB\20.4.0.40\inststub.exe /X /shortcut C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IZArc.lnk - C:\Program Files (x86)\IZArc\IZArc.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PrintMaster 2012 Platinum.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\PrintMaster.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProShow Producer.lnk - C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ZipGenius 6.lnk - C:\Program Files (x86)\ZipGenius 6\zipgenius.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SketchUp.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\fanny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\fanny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\fanny\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\fanny\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\fanny\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\fanny\AppData\Local\Mozilla\Firefox\Profiles\7nngint1.default\Cache emptied successfully C:\users\geert\AppData\Local\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\Cache emptied successfully C:\users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\personas\cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\geert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\geert\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\SysNative\dmwu.exesearch" deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on wo 17/07/2013 at 22:40:45,15 ======================
  5. hallo wie kan mij helpen please Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:56:05, on 17/07/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\jmdp\stij.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Delta Homes R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Homes R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Delta Homes R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Homes R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4064551767-2209222074-200328689-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4064551767-2209222074-200328689-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~2\contin~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13379 bytes bedankt bij voorbaat
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.