Julian1234

Lid

Bekijk profiel Bekijk hun activiteit

Items
136
Registratiedatum
28 juni 2012
Laatst bezocht
23 juli 2015

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door Julian1234

trage pc en browser

Julian1234 reageerde op Julian1234's topic in Archief Windows 7

log.txt ik weet nie of ik het goed gedaan heb maar ik denk van wel nog thx dat u me wilt helpen AdwCleaner[S0].txt mbam scanlog.txt
- 28 mei 2014
- 5 antwoorden
nieuwe muis

Julian1234 plaatste een topic in Archief Aan- en verkoopadvies

hallo ik wil een nieuwe muis kopen ik ga de muis veel voor het gamen gebruiken ook voor mmo games dus het zou wel chill zijn als de muis ook meerdere knoppen heeft voor een mmo en hij moet onder de 90 euro blijven
- 27 mei 2014
- 3 antwoorden
trage pc en browser

Julian1234 plaatste een topic in Archief Windows 7

hallo de laatste tijd gaat mn pc heel traag en het internet laad heel langzaam ik krijg ook random reclame terwijl ik dat eerst nooit had ik hoop dat jullie me kunnen helpen
- 27 mei 2014
- 5 antwoorden
meer ram en toetsenbord

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

Is er nog iemand die me wil helpen?
- 1 juli 2013
- 11 antwoorden
meer ram en toetsenbord

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

ik woon in nederland
- 28 juni 2013
- 11 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

oke hardstikke bedankt voor uw hulp echt bedankt
- 26 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

de snelheid is al heeeeel veel beter heeft u ook nog tips voor het verhogen van de fps tijdens het gamen
- 26 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

Zoek.exe Version 4.0.0.2 Updated 25-June-2013 Tool run by julian on di 25-06-2013 at 21:06:24,89. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe C:\Program Files (x86)\Expat Shield\bin\hsswd.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Windows\system32\hasplms.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe D:\dead island\Steam.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\Logitech\G930\G930.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\WinRAR\WinRAR.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\julian\AppData\Local\Temp\Rar$EXa0.437\zoek.exe C:\Windows\system32\conhost.exe ==== Older Logs ====================== C:\zoek-results23-06-2013-2252.log 5604 bytes C:\zoek-results25-06-2013-2105.log 373 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F5F8CEF0-2B99-4C75-8BBF-C60A817400ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js: user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57"); user_pref("browser.search.defaulturl", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q="); user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=CE9300FF472E1D57"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Delta Search"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q="); user_pref("browser.search.useDBForOrder", "false"); Added to C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489 ---- Lines pc0ho2@zgkjmczm.org removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"pc0ho2@zgkjmczm.org\":{\"version\":\"3.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\"},\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"version\":\"1.0.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\"}}"); ---- Lines pc0ho2@zgkjmczm.org modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"pc0ho2@zgkjmczm.org\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]"); ---- Lines pc0ho2@zgkjmczm.org removed from user.js ---- ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119534&babsrc=NT_ss&mntrId=ce930259000000000000c86000ce59a3"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- ---- Lines delta removed from prefs.js ---- user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119534&babsrc=HP_ss&mntrId=ce930259000000000000c86000ce59a3"); user_pref("avg.install.userSPSettings", "Delta Search"); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"disabled\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\disabled\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines WebSearch removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_25-06-2013_2110_.backup prefs_25-06-2013_2110_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\delta.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted "C:\Users\julian\Battlefield 2\BF2VoipServer.dll" deleted "C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.dll" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_gadwin-printscreen.exe" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_peggle-deluxe.exe" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted "C:\Users\julian\update-bf2.bat" deleted "C:\windows\SysNative\dmwu.exe" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\windows\SysNative\Tasks\Express FilesUpdate" deleted "C:\windows\SysNative\Tasks\EPUpdater" deleted "C:\END" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\babylon.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\askcom.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bProtector_extensions.sqlite" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bprotector_prefs.js" deleted "C:\Users\julian\Desktop\Oude Firefox-gegevens\ilividtoolbarguid\search\ilividtoolbarguid-search-history.xml" deleted "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" deleted "C:\Program Files (x86)\TornTV.com" deleted "C:\ProgramData\cOOntiNuetaosave" deleted "C:\Program Files (x86)\SearchAmong Toolbar" deleted "C:\Program Files (x86)\Delta" deleted "C:\Program Files (x86)\smartdl" deleted "C:\Program Files (x86)\Search Results Toolbar" deleted "C:\Program Files (x86)\Babylon" deleted "C:\Program Files (x86)\WebSearch" deleted "C:\Program Files (x86)\WebCake" deleted "C:\Program Files (x86)\PriceGong" deleted "C:\Program Files (x86)\PricePeep" deleted "C:\Program Files (x86)\BittorrentBar_NL" deleted "C:\Program Files (x86)\ContinueToSave" deleted "C:\Program Files (x86)\OApps" deleted "C:\Program Files (x86)\Gophoto.it" deleted "C:\Program Files (x86)\Wajam" deleted "C:\Program Files (x86)\SweetIM" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Users\julian\AppData\Roaming\ExpressFiles" deleted "C:\Users\julian\AppData\Roaming\WebCake" deleted "C:\Users\julian\AppData\Roaming\BabSolution" deleted "C:\Users\julian\AppData\Roaming\Babylon" deleted "C:\Users\julian\AppData\Roaming\Delta" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\StarApp" deleted "C:\ProgramData\BrowserDefender" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\SweetIM" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Trymedia" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cOOntiNuetaosave" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchAmong Toolbar" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted "C:\Users\julian\AppData\Local\Ilivid Player" deleted "C:\Users\julian\AppData\Local\CRE" deleted "C:\Users\julian\AppData\Local\Wajam" deleted "C:\Users\julian\AppData\Local\Conduit" deleted "C:\Users\julian\AppData\LocalLow\searchresultstb" deleted "C:\Users\julian\AppData\LocalLow\BittorrentBar_NL" deleted "C:\Users\julian\AppData\LocalLow\Delta" deleted "C:\Users\julian\AppData\LocalLow\DataMngr" deleted "C:\Users\julian\AppData\LocalLow\PriceGong" deleted "C:\Users\julian\AppData\LocalLow\searchquband" deleted "C:\Users\julian\AppData\LocalLow\Conduit" deleted "C:\Windows\Syswow64\jmdp" deleted "C:\Windows\Syswow64\ARFC" deleted "C:\Windows\Syswow64\WNLT" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pc0ho2@zgkjmczm.org" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\ffxtlbr@delta.com" deleted - - - Updated - - - dit was de verkeerde sorry hier is een nieuwe Zoek.exe Version 4.0.0.2 Updated 25-June-2013 Tool run by julian on di 25-06-2013 at 21:06:24,89. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe C:\Program Files (x86)\Expat Shield\bin\hsswd.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Windows\system32\hasplms.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe D:\dead island\Steam.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\Logitech\G930\G930.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\WinRAR\WinRAR.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\julian\AppData\Local\Temp\Rar$EXa0.437\zoek.exe C:\Windows\system32\conhost.exe ==== Older Logs ====================== C:\zoek-results23-06-2013-2252.log 5604 bytes C:\zoek-results25-06-2013-2105.log 373 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F5F8CEF0-2B99-4C75-8BBF-C60A817400ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js: user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57"); user_pref("browser.search.defaulturl", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q="); user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=CE9300FF472E1D57"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Delta Search"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q="); user_pref("browser.search.useDBForOrder", "false"); Added to C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489 ---- Lines pc0ho2@zgkjmczm.org removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"pc0ho2@zgkjmczm.org\":{\"version\":\"3.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\"},\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"version\":\"1.0.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\"}}"); ---- Lines pc0ho2@zgkjmczm.org modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"pc0ho2@zgkjmczm.org\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]"); ---- Lines pc0ho2@zgkjmczm.org removed from user.js ---- ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119534&babsrc=NT_ss&mntrId=ce930259000000000000c86000ce59a3"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- ---- Lines delta removed from prefs.js ---- user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119534&babsrc=HP_ss&mntrId=ce930259000000000000c86000ce59a3"); user_pref("avg.install.userSPSettings", "Delta Search"); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"disabled\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\disabled\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15865"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=121845"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines WebSearch removed from prefs.js ---- ---- Lines WebSearch modified from prefs.js ---- ---- Lines WebSearch removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_25-06-2013_2110_.backup prefs_25-06-2013_2110_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\delta.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted "C:\Users\julian\Battlefield 2\BF2VoipServer.dll" deleted "C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.dll" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_gadwin-printscreen.exe" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_peggle-deluxe.exe" deleted "C:\Users\julian\Downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted "C:\Users\julian\update-bf2.bat" deleted "C:\windows\SysNative\dmwu.exe" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\windows\SysNative\Tasks\Express FilesUpdate" deleted "C:\windows\SysNative\Tasks\EPUpdater" deleted "C:\END" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\babylon.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\askcom.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bProtector_extensions.sqlite" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bprotector_prefs.js" deleted "C:\Users\julian\Desktop\Oude Firefox-gegevens\ilividtoolbarguid\search\ilividtoolbarguid-search-history.xml" deleted "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" deleted "C:\Program Files (x86)\TornTV.com" deleted "C:\ProgramData\cOOntiNuetaosave" deleted "C:\Program Files (x86)\SearchAmong Toolbar" deleted "C:\Program Files (x86)\Delta" deleted "C:\Program Files (x86)\smartdl" deleted "C:\Program Files (x86)\Search Results Toolbar" deleted "C:\Program Files (x86)\Babylon" deleted "C:\Program Files (x86)\WebSearch" deleted "C:\Program Files (x86)\WebCake" deleted "C:\Program Files (x86)\PriceGong" deleted "C:\Program Files (x86)\PricePeep" deleted "C:\Program Files (x86)\BittorrentBar_NL" deleted "C:\Program Files (x86)\ContinueToSave" deleted "C:\Program Files (x86)\OApps" deleted "C:\Program Files (x86)\Gophoto.it" deleted "C:\Program Files (x86)\Wajam" deleted "C:\Program Files (x86)\SweetIM" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Users\julian\AppData\Roaming\ExpressFiles" deleted "C:\Users\julian\AppData\Roaming\WebCake" deleted "C:\Users\julian\AppData\Roaming\BabSolution" deleted "C:\Users\julian\AppData\Roaming\Babylon" deleted "C:\Users\julian\AppData\Roaming\Delta" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\StarApp" deleted "C:\ProgramData\BrowserDefender" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\SweetIM" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Trymedia" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cOOntiNuetaosave" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchAmong Toolbar" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" deleted "C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted "C:\Users\julian\AppData\Local\Ilivid Player" deleted "C:\Users\julian\AppData\Local\CRE" deleted "C:\Users\julian\AppData\Local\Wajam" deleted "C:\Users\julian\AppData\Local\Conduit" deleted "C:\Users\julian\AppData\LocalLow\searchresultstb" deleted "C:\Users\julian\AppData\LocalLow\BittorrentBar_NL" deleted "C:\Users\julian\AppData\LocalLow\Delta" deleted "C:\Users\julian\AppData\LocalLow\DataMngr" deleted "C:\Users\julian\AppData\LocalLow\PriceGong" deleted "C:\Users\julian\AppData\LocalLow\searchquband" deleted "C:\Users\julian\AppData\LocalLow\Conduit" deleted "C:\Windows\Syswow64\jmdp" deleted "C:\Windows\Syswow64\ARFC" deleted "C:\Windows\Syswow64\WNLT" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pc0ho2@zgkjmczm.org" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\ffxtlbr@delta.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\julian\AppData\Local\Temp ==== 2013-06-22 13:20:15 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\julian\AppData\Local\Temp\vlc-2.0.7-win32.exe 2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\julian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe 2013-06-15 18:05:19 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\julian\AppData\Local\Temp\SkypeSetup.exe ====== C:\Windows\SysWOW64 ===== 2013-06-22 06:06:50 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-06-14 16:57:52 F2ABFA6DFA985C9CF581B2F544AE47E7 234536 ----a-w- C:\Windows\SysWOW64\PnkBstrB.xtr 2013-06-14 16:55:50 F2ABFA6DFA985C9CF581B2F544AE47E7 234536 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe 2013-06-14 16:55:50 D90E8EC1E5F0A7C95DEEEED776864231 282296 ----a-w- C:\Windows\SysWOW64\PnkBstrB.ex0 2013-06-14 16:55:49 205E1B699FD3F2F9B036EEA2EC30C620 76888 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe 2013-06-13 01:01:34 756D0A65C1FB5528DBD04A44F773E608 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-06-13 01:01:34 56DF028F2EE4A2C2972E06907815C822 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-06-13 01:01:34 43697D7CDAEAE3EBBADE2C05107418FF 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-06-13 01:01:33 DBA747919344CD1353F8107134A20D62 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-06-13 01:01:33 C2CDBB424CF2461199322D6825F7B426 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-06-13 01:01:33 A1400CCB4D99E0B9E76EB45782D5C7FC 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-06-13 01:01:33 977176C4A8F4039F17F9BA939AA857A0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-06-13 01:01:33 84C8AFD609A3DE18F40AA64CDEB40194 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-06-13 01:01:33 71D8D1FD4989932674CD1F5743191286 1104384 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-06-13 01:01:33 6A25377A76479A0C0BF3DB6FC42FE09A 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-06-13 01:01:32 B49CEF589D47D9D3F602E118B1F5F3B5 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-06-13 01:01:32 A6F5B25905CD01AE714990E02C7205A5 12329984 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-06-13 01:01:32 6057AA7FDF03309A18FAE4E9FCFE7D8F 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-06-13 01:01:32 57E68AE0BCEB0F70C8AA1C4A6D5C2050 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-06-13 01:01:32 45194B4B2280B7745AC6C483C32385A8 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-06-13 01:01:30 B81388E9FE895065FD5CEAF3C11FDC3F 9738752 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-06-12 10:15:22 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\SysWOW64\win32spl.dll 2013-06-12 10:15:22 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll 2013-06-12 10:15:21 5B2E4E90C04FB9AE9F2C5E99FF59B283 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-12 10:15:20 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\SysWOW64\certenc.dll 2013-06-12 10:15:20 92245C959E5BC378809D2CC5E9F6E9C7 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-06-12 10:15:20 8A8B277067C22F4BF6AA9A31692FC4D3 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-06-12 10:15:20 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\SysWOW64\d3d11.dll 2013-06-12 10:15:20 3897DFF247D9ED0006190349DE264E14 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-06-12 10:15:20 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\SysWOW64\certutil.exe ====== C:\Windows\SysWOW64\drivers ===== 2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS ====== C:\Windows\Sysnative ===== 2013-06-13 01:01:34 5239CFF7EA2207665E387AA0BAAA50C4 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-06-13 01:01:34 47DA92AB70D910D018B11FA86A7808E4 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-06-13 01:01:33 F7737C8F19ED1525B171ED4BA3F5EEC0 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-06-13 01:01:33 B7AB4EDBAC1DD6680DE7E3E2A82B31F9 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-06-13 01:01:33 AB32F17AAC815660530F50E688234DAA 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-06-13 01:01:33 9F7E78EE2A213023AC5CF20FFFF66575 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-06-13 01:01:33 6542163C675E19A1F1A638734662F0AA 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-06-13 01:01:33 4FBE96D97A1E070A06F76F67255C756D 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-06-13 01:01:33 43BBAF4696BF995143EA57DC304CC05B 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-06-13 01:01:33 043A615B2E8C15AEA6BC5709ED140D80 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-06-13 01:01:32 DE3DC975F1A9F82BAB9812A272018810 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-06-13 01:01:32 92C534EAD395871614F5A0A556139033 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-06-13 01:01:32 3360345F0084EE8405E6C60B4D9CD7F7 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-06-13 01:01:32 0C4C70A05734A684B0183C1B68DAE881 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-06-13 01:01:31 A820869140978CCAF33CF7770EEE19F5 17824768 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-06-13 01:01:31 64A3B1E55FBB7E36AE856FD1A8A4E00C 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-06-12 10:15:22 C06FAAF13E37CE482F612AFF2D2331F3 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll 2013-06-12 10:15:22 67CF11E00D026A5C0C88EA5F84D501E5 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll 2013-06-12 10:15:21 3D7BB6DD7A87B3E36E44CA94444247A8 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2013-06-12 10:15:20 D8129C49798CBBFB2E4351D4B7B8EF9C 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-06-12 10:15:20 A96D5ECA5742603E0E345C4F6B801F5E 1464320 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-06-12 10:15:20 4C92EB7535CAA1681A77D928FBF9771F 1887232 ----a-w- C:\Windows\Sysnative\d3d11.dll 2013-06-12 10:15:20 4586B77B18FA9A8518AF76CA8FD247D9 1192448 ----a-w- C:\Windows\Sysnative\certutil.exe 2013-06-12 10:15:20 2C4C22EA1735F21F355EB1A39832F7DF 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-06-12 10:15:20 189B0BAE1B0EDD51CEF1CD3F4CDEE02E 52224 ----a-w- C:\Windows\Sysnative\certenc.dll ====== C:\Windows\Sysnative\drivers ===== 2013-06-23 20:15:42 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-06-17 18:03:13 F19E5E37ED8134B9E5F6287F2D3A75D7 177312 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-06-17 18:03:13 9D9C047446821A064AE1A5C4AED636FA 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-06-17 18:03:13 3DA43F1C05B62945A33EC3153327EE77 7631 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-06-12 10:15:22 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-06-04 23:09:44 454451A6A699C07040F406E44C457A50 11833856 ----a-w- C:\Windows\Sysnative\drivers\atikmdag.sys 2013-06-04 21:35:04 61FBDA851233587CE9C9B7020146359E 608768 ----a-w- C:\Windows\Sysnative\drivers\atikmpag.sys 2013-06-04 21:31:40 DBBDAF523A78C79FE98F1C10F77DD6FE 43520 ----a-w- C:\Windows\Sysnative\drivers\ati2erec.dll ====== C:\Windows\Tasks ====== 2013-06-14 18:31:42 3B249AF8802523242BD25DFB4F2B81EC 3380 ----a-w- C:\Windows\Sysnative\Tasks\{3EFAA257-95C3-4ABC-A74A-F3514B5A6B08} 2013-06-10 16:25:05 577B2B0FD2EC46B45E501B239D77AFBA 2964 ----a-w- C:\Windows\Sysnative\Tasks\{B0293800-DF23-472A-A108-6EC4906342CE} 2013-06-08 10:17:33 8BD7E11BC3152AC20249E5E992478891 3104 ----a-w- C:\Windows\Sysnative\Tasks\{02D9861F-4892-49B6-959D-D1818889C73F} 2013-06-07 14:17:13 3467D0CE30F41EFF277824952F96D12F 3144 ----a-w- C:\Windows\Sysnative\Tasks\{F13B5C83-4367-4944-B256-D3D004BB4F7E} 2013-06-06 18:02:10 06257C6A2403709D98F141F6E7C04514 2956 ----a-w- C:\Windows\Sysnative\Tasks\{5D4E1B59-06CF-4374-8EFE-7D5FC482D592} 2013-06-06 18:01:13 06257C6A2403709D98F141F6E7C04514 2956 ----a-w- C:\Windows\Sysnative\Tasks\{83A96BC4-1DE2-4C38-9E48-C4243152416B} 2013-06-02 07:50:30 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{A0CAF408-DF20-410F-B641-76B0FED8F827} 2013-06-01 15:07:10 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{1C415C97-203F-4C70-8D38-644F068AEAF4} 2013-06-01 11:07:04 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{029673D1-7AD4-4F1E-A4B9-EF9ACE288557} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-06-23 15:42:04 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-06-22 06:24:29 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2013-06-18 15:21:41 -------- d-----w- C:\Program Files (x86)\AMD AVT 2013-06-14 16:51:53 -------- d-----w- C:\Program Files (x86)\EA Games 2013-06-13 14:10:01 -------- d-----w- C:\Program Files (x86)\ElcomSoft 2013-06-09 13:21:44 -------- d-----w- C:\Program Files (x86)\Pando Networks 2013-06-06 16:52:42 -------- d-----w- C:\Program Files (x86)\BFG ======= C: ===== ====== C:\Users\julian\AppData\Roaming ====== 2013-06-22 06:26:11 -------- d-----w- C:\users\julian\AppData\Local\eSupport.com 2013-06-15 12:24:35 -------- d-----w- C:\users\julian\AppData\Roaming\.minecraft 2013-06-13 14:09:04 -------- d-----w- C:\users\julian\AppData\Local\Programs 2013-06-09 13:56:25 -------- d-----w- C:\users\julian\AppData\Roaming\LolClient 2013-06-09 13:21:49 -------- d-----w- C:\users\julian\AppData\Local\PMB Files 2013-06-09 13:20:51 -------- d-----w- C:\users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTRAX 2013-06-08 11:38:34 -------- d-----w- C:\users\julian\AppData\Roaming\dvdcss 2013-06-01 11:07:09 -------- d-----w- C:\users\julian\AppData\Roaming\Sony Online Entertainment 2013-05-31 22:18:58 9BF6B8D9E3A59750CC16CAA24E346074 20480000 ----a-w- C:\users\julian\AppData\Locallow\store-pp.jbs 2013-05-28 18:15:33 -------- d-----w- C:\users\julian\AppData\Locallow\Sony Online Entertainment 2013-05-28 18:15:33 -------- d-----w- C:\users\julian\AppData\Local\SCE ====== C:\Users\julian ====== 2013-06-23 20:15:24 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\julian\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-22 13:20:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2013-06-22 06:26:22 35AE5FA5E91E644A2405301A667D58B0 41472 ----a-w- C:\Users\julian\Downloads\launcher64.dll 2013-06-22 06:26:07 139E26F4B1497C4F870111FDF275CF7E 627784 ----a-w- C:\Users\julian\Downloads\driveragent-987.exe 2013-06-18 15:23:00 -------- d-----w- C:\ProgramData\ATI 2013-06-18 15:21:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2013-06-18 15:20:29 -------- d-----w- C:\ProgramData\Package Cache 2013-06-18 15:18:57 1A6772E132C09D940F6C2717F061DF22 1684592 ----a-w- C:\Users\julian\Downloads\AMD_Catalyst_13.5_CAP1.05212013.exe 2013-06-18 15:17:31 FCFDF043FEF6F94F1A945D04DAF74D79 187682976 ----a-w- C:\Users\julian\Downloads\AMD_Catalyst_13.6_Beta2.exe 2013-06-18 15:12:28 D1B49918236FDCA8388F15E471608E79 141110624 ----a-w- C:\Users\julian\Downloads\13-4_win7_win8_64_dd_ccc_whql.exe 2013-06-17 18:00:42 F8EC08D5771C22CA55C7AE136EA77EEA 153633520 ----a-w- C:\Users\julian\Downloads\NIS_20.1.0.24_SYMTB_PROMO_4_MRFTT_373_7607_NL1.exe 2013-06-15 12:24:32 B63CCB43F2779CBEA5D8D3CE2E3D90FB 263186 ----a-w- C:\Users\julian\Desktop\Minecraft.exe 2013-06-15 12:24:23 A67016DD1020895185C81774C4950764 2542151 ----a-w- C:\Users\julian\Downloads\Minecraft_Server.exe 2013-06-14 18:31:20 DC97F872AE2D94C95B49F007A9486EF9 3174 ----a-w- C:\Users\julian\bf2reg.reg 2013-06-14 18:31:20 C57374648823A8E9730AAB7C372C30FD 3186 ----a-w- C:\Users\julian\update-bf2.html 2013-06-14 18:31:20 B4EF39939007A555F23829824C021E35 1036288 ----a-w- C:\Users\julian\Battlefield 2\SwiffPlayer.dll 2013-06-14 18:31:20 A7103908C2AA35FB6BBD7D8224E4AADB 98304 ----a-w- C:\Users\julian\Battlefield 2\zlib122.dll 2013-06-14 18:31:20 122DAE458F40E8328D62F63F8602E6A5 97792 ----a-w- C:\Users\julian\Battlefield 2\key-generator.exe 2013-06-14 18:31:20 1132A012CB6188A309824EF9153CB268 270336 ----a-w- C:\Users\julian\Battlefield 2\TextureAtlasBuilder.dll 2013-06-14 18:31:12 E383AEF908C4CDABCBC96C6720A10F68 3584 ----a-w- C:\Users\julian\Battlefield 2\SD0412.dll 2013-06-14 18:31:12 C26EBA8592F0C005CAB4C04C3E065EFE 4608 ----a-w- C:\Users\julian\Battlefield 2\SD040e.dll 2013-06-14 18:31:12 B646200A2AC124DF4F07B4F415DE7121 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0414.dll 2013-06-14 18:31:12 AAF43741C3E1504F8D1498D366F9F4FA 2555392 ----a-w- C:\Users\julian\Battlefield 2\RendDX9.dll 2013-06-14 18:31:12 A6172E91D5C0D36C95D5B6ABBDEC47F5 4096 ----a-w- C:\Users\julian\Battlefield 2\SD041d.dll 2013-06-14 18:31:12 A31F77FE2D953B88C766C67222042CD3 5120 ----a-w- C:\Users\julian\Battlefield 2\SD040c.dll 2013-06-14 18:31:12 9A437A56A6E9137D6E95A2B2A9FFDDA4 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0410.dll 2013-06-14 18:31:12 8472382414C51DC1B354050ED42D3C76 77824 ----a-w- C:\Users\julian\Battlefield 2\PCRegExp.dll 2013-06-14 18:31:12 7AB0DF1C88444DA4B3FA7E61DAC98E6C 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0809.dll 2013-06-14 18:31:12 7038E50AC41CAFE317798F2765C984B6 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0416.dll 2013-06-14 18:31:12 6EB704E488FCB2BC0EA59D17D16D7352 4608 ----a-w- C:\Users\julian\Battlefield 2\SD041e.dll 2013-06-14 18:31:12 6A2E0F32C2366A79F7AF546F89DCF9DD 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0c0a.dll 2013-06-14 18:31:12 670224330A0AB969855032A39E500E95 5120 ----a-w- C:\Users\julian\Battlefield 2\SD0407.dll 2013-06-14 18:31:12 586B1C086848B93B5E258F4C8A132CF4 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0415.dll 2013-06-14 18:31:12 39AA404E2B16ED616CBE1CC5FF5509C6 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0816.dll 2013-06-14 18:31:12 2E0DD34F0B2EAF3D6E3CFAAABC5DC667 3072 ----a-w- C:\Users\julian\Battlefield 2\SD0804.dll 2013-06-14 18:31:12 2D533E1654920B95942E3018DA17AB41 2115072 ----a-w- C:\Users\julian\Battlefield 2\RendDX9x2.dll 2013-06-14 18:31:12 2CCCAF4B2D70CF7D85248BF0A30A9A2E 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0405.dll 2013-06-14 18:31:12 225761FEE6F67D2BD61F26A10C8EAD73 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0413.dll 2013-06-14 18:31:12 1ED52CE1821F4685C4808DBA0A823070 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0409.dll 2013-06-14 18:31:12 184FF00B0B815FC05736835496DD1A4B 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0406.dll 2013-06-14 18:31:12 155B4566C3F529181EBA89B7F9CEDDB2 3584 ----a-w- C:\Users\julian\Battlefield 2\SD0411.dll 2013-06-14 18:31:12 0DB52597CE44BB1277827170155BD28C 3072 ----a-w- C:\Users\julian\Battlefield 2\SD0404.dll 2013-06-14 18:31:12 0789F4DBF08AD534479CED9F1D0B0A54 4608 ----a-w- C:\Users\julian\Battlefield 2\SD040b.dll 2013-06-14 18:31:11 D04F7AACA2319A3BCDB2C5D5DD6F6026 487424 ----a-w- C:\Users\julian\Battlefield 2\msvcp70.dll 2013-06-14 18:31:11 CA3A59D92F479A17E5CA6A0E13896846 54784 ----a-w- C:\Users\julian\Battlefield 2\msvci70.dll 2013-06-14 18:31:11 B90BEC0DF65B91840916C6F03905E80A 226304 ----a-w- C:\Users\julian\Battlefield 2\NovintHFX.dll 2013-06-14 18:31:11 9972A6ED4F2388DBFA8E0A96F6F3FDF1 344064 ----a-w- C:\Users\julian\Battlefield 2\msvcr70.dll 2013-06-14 18:31:11 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\Users\julian\Battlefield 2\msvcr71.dll 2013-06-14 18:31:11 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Users\julian\Battlefield 2\msvcp71.dll 2013-06-14 18:30:12 F35A584E947A5B401FEB0FE01DB4A0D7 1060864 ----a-w- C:\Users\julian\Battlefield 2\MFC71.dll 2013-06-14 18:30:12 E58A20C9E7B342D5CA1F5BA75F1D1108 358963 ----a-w- C:\Users\julian\Battlefield 2\binkw32.dll 2013-06-14 18:30:12 DF5D05D4322A2442C4F58D244555C77A 894464 ----a-w- C:\Users\julian\Battlefield 2\dbghelp.dll 2013-06-14 18:30:12 D7CE65481FBCBE30B6BEE9A5F06EED76 49152 ----a-r- C:\Users\julian\Battlefield 2\FireWallDLL.dll 2013-06-14 18:30:12 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Users\julian\Battlefield 2\d3dx9_24.dll 2013-06-14 18:30:12 B5EC891A8B9C562336AA375E148F681D 3584 ----a-w- C:\Users\julian\Battlefield 2\CoreDLL.dll 2013-06-14 18:30:12 AE3844CDED71D93206F594C14AB156B6 307200 ----a-w- C:\Users\julian\Battlefield 2\BF2Audio.dll 2013-06-14 18:30:12 A9A3E14F8547E6A7904FBD0DF0C924D9 1581056 ----a-w- C:\Users\julian\Battlefield 2\dice_py.dll 2013-06-14 18:30:12 A3E30D7D91AE7002E61F251CA038E620 40960 ----a-w- C:\Users\julian\Battlefield 2\Memory_w32ded.dll 2013-06-14 18:30:12 9FFB15934631863E82F1EF75128E519E 1052672 ----a-w- C:\Users\julian\Battlefield 2\BFMFC.DLL 2013-06-14 18:30:12 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Users\julian\Battlefield 2\BF2OpenAL.dll 2013-06-14 18:30:12 972D2128C77939F09E97943DAA2341A0 1255853 ----a-w- C:\Users\julian\Battlefield 2\DIAG.EXE 2013-06-14 18:30:12 95967D5480D4D12C4705F4B61380046D 1507328 ----a-w- C:\Users\julian\Battlefield 2\AIDLL.dll 2013-06-14 18:30:12 90E3FEBE17E21ABA348B32964446988D 196608 ----a-w- C:\Users\julian\Battlefield 2\BF2VoipServer.exe 2013-06-14 18:30:12 8DD2A9D25EEE18BF295EF796CBD1562C 9216 ----a-w- C:\Users\julian\Battlefield 2\ihdl.dll 2013-06-14 18:30:12 7E42D1506087B227AC048864F5743C67 2977792 ----a-w- C:\Users\julian\Battlefield 2\AIDLL_w32ded.dll 2013-06-14 18:30:12 7D72BA67C8AB5A616473709476DB4661 40960 ----a-w- C:\Users\julian\Battlefield 2\Memory.dll 2013-06-14 18:30:12 694D388DF50BE1E370713C59003126A4 196608 ----a-w- C:\Users\julian\Battlefield 2\BF2VoiceSetup.exe 2013-06-14 18:30:12 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Users\julian\Battlefield 2\d3dx9_25.dll 2013-06-14 18:30:12 4C8BE829901194FE5EA4CC6EC39FBB19 618496 ----a-w- C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.exe 2013-06-14 18:30:12 4C843DCEE79388341F72C3A7ADB1ACE6 6556160 ----a-w- C:\Users\julian\Battlefield 2\BF2.exe 2013-06-14 18:30:12 2A00CF875D2B046FA8B655F747097B48 4980736 ----a-w- C:\Users\julian\Battlefield 2\bf2_w32ded.exe 2013-06-14 18:30:12 09AEF167EB1531E965053D0DCF6CC573 974848 ----a-w- C:\Users\julian\Battlefield 2\mfc70.dll 2013-06-14 18:30:12 -------- d-----w- C:\Users\julian\Battlefield 2 2013-06-10 17:22:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1 2013-06-09 13:21:49 -------- d-----w- C:\ProgramData\PMB Files 2013-06-09 13:21:20 -------- d-----w- C:\Users\julian\.swt 2013-06-09 13:20:51 -------- d-----w- C:\Users\julian\Qtrax 2013-06-06 16:53:53 -------- d-----w- C:\ProgramData\Big Fish Games 2013-06-02 18:05:09 -------- d-----w- C:\ProgramData\YTD Video Downloader 2013-05-31 20:29:52 -------- d-sh--w- C:\ProgramData\Realtek0 2013-05-28 18:15:09 -------- d-----w- C:\Users\Public\Sony Online Entertainment ====== C: exe-files == 2013-06-23 20:15:24 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\julian\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-23 16:07:16 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_updateCAB9T4TH.exe 2013-06-22 16:07:14 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_updateCASTJ157.exe 2013-06-22 13:20:15 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\julian\AppData\Local\Temp\vlc-2.0.7-win32.exe 2013-06-22 06:26:07 139E26F4B1497C4F870111FDF275CF7E 627784 ----a-w- C:\Users\julian\Downloads\driveragent-987.exe 2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\julian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe 2013-06-21 16:07:14 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_updateCAKVK61B.exe 2013-06-20 18:00:47 80633916458CC8041D0F483B7633E9F6 1582944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.116\27.0.1453.116_27.0.1453.110_chrome_updater.exe 2013-06-20 16:07:13 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_updateCA99GL3Q.exe 2013-06-19 16:07:01 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_updateCARN1WV2.exe === C: other files == 2013-06-23 20:15:42 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-22 06:32:05 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\julian\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\res2.windows.microsoft.com 2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\Temp\DriverAgent\DrvAgent64.sys 2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS ==== Firefox Extensions ====================== ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489 - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com - PricePeep - %ProfilePath%\extensions\pricepeep@getpricepeep.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Expat Shield Helper Please allow this installation - %AppDir%\extensions\afurladvisor@anchorfree.com - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 8F0B95B3AC17DAE9E138E7BBE2429B6C - C:\Users\julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pricepeep@getpricepeep.com.xpi" deleted "C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\plugin@getwebcake.com" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx[] eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\julian\AppData\Roaming\BabSolution\CR\Delta.crx[] fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\WebCake\WebCakeLayers.crx[] jbpkiefagocgkmemidfngdkamloieekf - No path found[] jcdgjdiieiljkfkdcloehkohchhpekkn - No path found[] jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\julian\AppData\Local\Wajam\Chrome\wajam.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[31-05-2013 03:49] mkndcbhcgphcfkkddanakjiepeknbgle - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\julian\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx[31-05-2013 03:49] ogccgbmabaphcakpiclgcnmcnimhokcj - No path found[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\julian\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] cOOntiNuetaosave - julian - Default\Extensions\bfgggnbjollgggilpnbgmknchfmefafk PriceGong - julian - Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Battlefield Heroes - julian - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Delta Toolbar - julian - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde WebCake - julian - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Wajam - julian - Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp PricePeep - julian - Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb Norton Identity Protection - julian - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk BittorrentBar_NL - julian - Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn Norton Identity Protection - julian - Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob GoPhoto.it - julian - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ==== Chrome Fix ====================== C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfgggnbjollgggilpnbgmknchfmefafk deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfgggnbjollgggilpnbgmknchfmefafk_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfgggnbjollgggilpnbgmknchfmefafk_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="https://isearch.avg.com/search?cid={AF53778E-845E-46A3-8290-0A5AD3C5987B}&mid=440a2429c79c47d0a3b31929462ab050-571c1ccf3ab1d3391e42b1126e5a835d476d1854〈=nl&ds=st011&pr=sa&d=2012-07-19" ==== Reset Google Chrome ====================== C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H03FDAM will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PVA574A will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6ZACT6 will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MI4DRWWM will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\julian\AppData\Local\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\julian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H03FDAM" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PVA574A" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6ZACT6" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MI4DRWWM" not found ==== EOF on di 25-06-2013 at 21:14:41,64 ======================
- 25 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

hoe zet ik mijn antivirus uit ik heb norton en ik ben naar die site geweest en heb het geprobeerd maar dat gene wat zij doen staat er geneens als ik rechtermuisklik doe
- 24 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

effe bewrkt
- 23 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

dit is alvast het logje van malware bytes ik ga nu me comp opnieuw opstarten en geef daarna het logje van hijakck: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.06.23.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 julian :: JULIAN14 [administrator] Bescherming: Ingeschakeld 23-6-2013 22:16:48 mbam-log-2013-06-23 (22-16-48).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 218064 Verstreken tijd: 2 minuut/minuten, Geheugenprocessen gedetecteerd: 2 C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (PUP.Adware.RelevantKnowledge) -> 6392 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe (PUP.Adware.RelevantKnowledge) -> 1208 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 1 C:\Program Files (x86)\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 13 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (PUP.Adware.RelevantKnowledge) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Typelib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\bho_project.bho_object (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 26 C:\Program Files (x86)\RelevantKnowledge (PUP.Spyware.MarketScore) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\RelevantKnowledge\components (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\defaults (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\defaults\preferences (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\locale (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\dom (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\.idea (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\.idea\scopes (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 99 C:\Program Files (x86)\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\InstallMate\{9486C007-2091-408F-A264-68B34F65E2F1}\Custom.dll (Trojan.MSIL.Injector) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\julian\AppData\Local\Temp\pricepeep_1.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\julian\AppData\Local\Temp\toolbar109650029.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\julian\Downloads\VIO_Player_Setup (1).exe (PUP.Bundle.Installer.OI) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\julian\Downloads\VIO_Player_Setup.exe (PUP.Bundle.Installer.OI) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\chrome.manifest (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\install.rdf (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\nscf.dat (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlcm.crx (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlcm.txt (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlls64.dll (PUP.Spyware.MarketScore) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlph.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\rlxf.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\components\rlxg.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\bootstrap.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\harness-options.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\install.rdf (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\locales.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\rlnx.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\defaults\preferences\prefs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\locale\en-GB.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\locale\eo.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\locale\fr-FR.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\chrome.manifest (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\page-mod.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\tabs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\windows.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\content-proxy.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-content-symbiont.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-message-manager.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-trusted-document.html (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\api-utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\byte-streams.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\channel.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\collection.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\cortex.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\cuddlefish.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\environment.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\errors.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\file.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\globals!.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\hidden-frame.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\light-traits.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\list.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\match-pattern.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\memory.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\message-manager.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\namespace.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\observer-service.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\plain-text-console.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\process.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\runtime.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\sandbox.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\self!.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\system.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\text-streams.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\timer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traceback.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\unload.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\url.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\window-utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\xpcom.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\xul-app.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\loader.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\symbiont.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\worker.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\dom\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events\assembler.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\observer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\tab.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits\core.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\data.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\function.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\object.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\registry.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\thumbnail.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\dom.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\loader.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\observer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\tabs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\content.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\dompilot.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\dputil.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\main.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) - - - Updated - - - oke hier is het logje van hijack en wat is eigenlijk spyware en malware Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:26:26, on 23-6-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16490) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe D:\dead island\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\Logitech\G930\G930.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - !{0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - (no file) O3 - Toolbar: (no name) - !{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file) O3 - Toolbar: (no name) - !{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file) O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe O4 - HKLM\..\Run: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [steam] "D:\dead island\Steam.exe" -silent O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14365 bytes
- 23 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

de link deed het toch hier is het: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:45:12, on 23-6-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16490) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe D:\dead island\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files (x86)\Logitech\G930\G930.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\jmdp\stij.exe C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: SearchAmong Toolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll O2 - BHO: cOOntiNuetaosave - {57084250-D60C-B4BB-033C-6DDF31EA3537} - C:\ProgramData\cOOntiNuetaosave\51a918db99cb1.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - (no file) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O3 - Toolbar: (no name) - !{0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - (no file) O3 - Toolbar: (no name) - !{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file) O3 - Toolbar: (no name) - !{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file) O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [steam] "D:\dead island\Steam.exe" -silent O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &SearchAmong - res://C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll/MENUSEARCH.HTM O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: WajamUpdater - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17435 bytes
- 23 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

de link doet het niet
- 23 juni 2013
- 15 antwoorden
nieuwe start

Julian1234 plaatste een topic in Archief Windows Algemeen

mijn computer is heel sloom geworden zou ik mischien alles weer kunnen wissen of naar fabrieks instellingen terug zetten zouden jullie me daarmee willen helpen en hoe zit het dan met windows 7 hoe instaleer ik dat opnieuw en met mijn ssd en videokaart hoe moet ik dat dan doen ik hoop dat jullie mij willen helpen en mijn computer is samengesteld bij alternate dit is mijn computer http://speccy.piriform.com/results/1Cdhc8Z1m5zmiGoKK2U6upf
- 23 juni 2013
- 15 antwoorden
alles veranderd naar tekst bestand

Julian1234 reageerde op Julian1234's topic in Archief Windows Algemeen

het is allemaal opgelost ik heb systeem herstel gedaan toch bedankt voor uw hulp/tijd
- 16 juni 2013
- 2 antwoorden
alles veranderd naar tekst bestand

Julian1234 plaatste een topic in Archief Windows Algemeen

iemand stuurde een bestandje en ik opende dat en ik kon het met bepaalde programmas openen dus opende ik het met kladblok en toen was echt alles op mn bureablad naar een kladblok bestand veranderd behalve skype en ik kon op het internet door erop te klikken en dan naar meest bezocht te gaan en toen kwam ik wel er wel in maar ik kan niet meer in mijn games echt help me zo snel mogelijk en als ik het open staan er allemaal teketjes in mvg julian
- 10 juni 2013
- 2 antwoorden
meer ram en toetsenbord

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

willen jullie mij nog helpen met het vinden van een perfecte toetsenbord voor mij en ik dacht aan deze Razer BlackWidow Ultimate 2013 wilt u u mening er over geven en of zeggen of u een betere vindt of weet groetjes julian
- 6 juni 2013
- 11 antwoorden
meer ram en toetsenbord

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

oke danku
- 4 juni 2013
- 11 antwoorden
meer ram en toetsenbord

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

srry van de weinige info ben al lang niet meer op deze site geweest maar wat voor toetsenbord raad u me aan die goed is en er vet uitziet met lichtjes enzo want ik kan niet goed kiezen tussen die allemaal
- 4 juni 2013
- 11 antwoorden
meer ram en toetsenbord

Julian1234 plaatste een topic in Archief Aan- en verkoopadvies

hallo allemaal, ik zou graag een gaming toetsenbord willen kopen die er vet uitziet en goed werkt ik wil hiervoor niet meer dan 120 euro aan uitgeven. Voor de rest wil ik nog 16 gb ram en dan 2 keer 8 nu heb ik 4 keer 4 gb en dan heb ik 2 keer 4 en 2 keer 8 maar ik zou ook graag weten of ik wel meer dan 16 gb ram kan hebben ik heb nu corsair vengeance lp ddr3 1600 hier aan wil ik niet meer dan 130 euro aan besteden ik hoop dat jullie mij kunnen helpen mvg, Julian
- 4 juni 2013
- 11 antwoorden
help bij aankoop

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

oke dank u voor uw help
- 26 februari 2013
- 14 antwoorden
help bij aankoop

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

Bent u het topic weer uit het oog verloren?????
- 25 februari 2013
- 14 antwoorden
help bij aankoop

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

ik wil liever een 22 inch scherm want ik denk dat het raar staat als de een groter is dan de ander maar wat voor scherm ik nu heb is deze LG M197WD Multi Function Monitor - Reviews, prijzen en specificaties van alle modellen van LG
- 22 februari 2013
- 14 antwoorden
help bij aankoop

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

ja ik game er best wel veel op dus meer voor gamen
- 21 februari 2013
- 14 antwoorden
help bij aankoop

Julian1234 reageerde op Julian1234's topic in Archief Aan- en verkoopadvies

Ik weet niet of je dit bedoeld sapphire hd 7870 het is soort van deze SAPPHIRE HD 7850 OC (11200-06-20G) maar dan een 7870
- 21 februari 2013
- 14 antwoorden

Inloggen

Profielen

Forums

Store

Alles dat geplaatst werd door Julian1234

OVER ONS

SITEMAP

Belangrijke informatie