Julian1234
-
Items
136 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Julian1234
-
-
hallo
ik wil een nieuwe muis kopen ik ga de muis veel voor het gamen gebruiken ook voor mmo games
dus het zou wel chill zijn als de muis ook meerdere knoppen heeft voor een mmo en hij moet onder de 90 euro blijven
-
hallo
de laatste tijd gaat mn pc heel traag en het internet laad heel langzaam ik krijg ook random reclame terwijl ik dat eerst nooit had
ik hoop dat jullie me kunnen helpen
-
Is er nog iemand die me wil helpen?
-
ik woon in nederland
-
oke hardstikke bedankt voor uw hulp echt bedankt
-
de snelheid is al heeeeel veel beter heeft u ook nog tips voor het verhogen van de fps tijdens het gamen
-
Zoek.exe Version 4.0.0.2 Updated 25-June-2013
Tool run by julian on di 25-06-2013 at 21:06:24,89.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Running Processes ======================
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
D:\dead island\Steam.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\julian\AppData\Local\Temp\Rar$EXa0.437\zoek.exe
C:\Windows\system32\conhost.exe
==== Older Logs ======================
C:\zoek-results23-06-2013-2252.log 5604 bytes
C:\zoek-results25-06-2013-2105.log 373 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F5F8CEF0-2B99-4C75-8BBF-C60A817400ED} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js:
user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57");
user_pref("browser.search.defaulturl", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q=");
user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=CE9300FF472E1D57");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Delta Search");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("keyword.URL", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q=");
user_pref("browser.search.useDBForOrder", "false");
Added to C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489
---- Lines pc0ho2@zgkjmczm.org removed from prefs.js ----
user_pref("extensions.bootstrappedAddons", "{\"pc0ho2@zgkjmczm.org\":{\"version\":\"3.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\"},\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"version\":\"1.0.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\"}}");
---- Lines pc0ho2@zgkjmczm.org modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"pc0ho2@zgkjmczm.org\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]");
---- Lines pc0ho2@zgkjmczm.org removed from user.js ----
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119534&babsrc=NT_ss&mntrId=ce930259000000000000c86000ce59a3");
---- Lines BabylonToolbar modified from prefs.js ----
---- Lines BabylonToolbar removed from user.js ----
---- Lines delta removed from prefs.js ----
user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119534&babsrc=HP_ss&mntrId=ce930259000000000000c86000ce59a3");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.srcExt", "ss");
---- Lines delta modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"disabled\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\disabled\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]");
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);
---- Lines WebSearch removed from prefs.js ----
---- Lines WebSearch modified from prefs.js ----
---- Lines WebSearch removed from user.js ----
---- Lines search.com removed from prefs.js ----
---- Lines search.com modified from prefs.js ----
---- Lines search.com removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_25-06-2013_2110_.backup
prefs_25-06-2013_2110_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Deleting Files \ Folders ======================
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\delta.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted
"C:\Users\julian\Battlefield 2\BF2VoipServer.dll" deleted
"C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.dll" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_gadwin-printscreen.exe" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_peggle-deluxe.exe" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted
"C:\Users\julian\update-bf2.bat" deleted
"C:\windows\SysNative\dmwu.exe" deleted
"C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted
"C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted
"C:\windows\SysNative\Tasks\Express FilesUpdate" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\END" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\babylon.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\askcom.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bProtector_extensions.sqlite" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bprotector_prefs.js" deleted
"C:\Users\julian\Desktop\Oude Firefox-gegevens\ilividtoolbarguid\search\ilividtoolbarguid-search-history.xml" deleted
"C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" deleted
"C:\Program Files (x86)\TornTV.com" deleted
"C:\ProgramData\cOOntiNuetaosave" deleted
"C:\Program Files (x86)\SearchAmong Toolbar" deleted
"C:\Program Files (x86)\Delta" deleted
"C:\Program Files (x86)\smartdl" deleted
"C:\Program Files (x86)\Search Results Toolbar" deleted
"C:\Program Files (x86)\Babylon" deleted
"C:\Program Files (x86)\WebSearch" deleted
"C:\Program Files (x86)\WebCake" deleted
"C:\Program Files (x86)\PriceGong" deleted
"C:\Program Files (x86)\PricePeep" deleted
"C:\Program Files (x86)\BittorrentBar_NL" deleted
"C:\Program Files (x86)\ContinueToSave" deleted
"C:\Program Files (x86)\OApps" deleted
"C:\Program Files (x86)\Gophoto.it" deleted
"C:\Program Files (x86)\Wajam" deleted
"C:\Program Files (x86)\SweetIM" deleted
"C:\Program Files (x86)\Conduit" deleted
"C:\Users\julian\AppData\Roaming\ExpressFiles" deleted
"C:\Users\julian\AppData\Roaming\WebCake" deleted
"C:\Users\julian\AppData\Roaming\BabSolution" deleted
"C:\Users\julian\AppData\Roaming\Babylon" deleted
"C:\Users\julian\AppData\Roaming\Delta" deleted
"C:\ProgramData\Ask" deleted
"C:\ProgramData\StarApp" deleted
"C:\ProgramData\BrowserDefender" deleted
"C:\ProgramData\boost_interprocess" deleted
"C:\ProgramData\SweetIM" deleted
"C:\ProgramData\InstallMate" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Trymedia" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cOOntiNuetaosave" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchAmong Toolbar" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted
"C:\Users\julian\AppData\Local\Ilivid Player" deleted
"C:\Users\julian\AppData\Local\CRE" deleted
"C:\Users\julian\AppData\Local\Wajam" deleted
"C:\Users\julian\AppData\Local\Conduit" deleted
"C:\Users\julian\AppData\LocalLow\searchresultstb" deleted
"C:\Users\julian\AppData\LocalLow\BittorrentBar_NL" deleted
"C:\Users\julian\AppData\LocalLow\Delta" deleted
"C:\Users\julian\AppData\LocalLow\DataMngr" deleted
"C:\Users\julian\AppData\LocalLow\PriceGong" deleted
"C:\Users\julian\AppData\LocalLow\searchquband" deleted
"C:\Users\julian\AppData\LocalLow\Conduit" deleted
"C:\Windows\Syswow64\jmdp" deleted
"C:\Windows\Syswow64\ARFC" deleted
"C:\Windows\Syswow64\WNLT" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted
"C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pc0ho2@zgkjmczm.org" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\ffxtlbr@delta.com" deleted
- - - Updated - - -
dit was de verkeerde sorry hier is een nieuwe
Zoek.exe Version 4.0.0.2 Updated 25-June-2013
Tool run by julian on di 25-06-2013 at 21:06:24,89.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Running Processes ======================
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
D:\dead island\Steam.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\julian\AppData\Local\Temp\Rar$EXa0.437\zoek.exe
C:\Windows\system32\conhost.exe
==== Older Logs ======================
C:\zoek-results23-06-2013-2252.log 5604 bytes
C:\zoek-results25-06-2013-2105.log 373 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F5F8CEF0-2B99-4C75-8BBF-C60A817400ED} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js:
user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57");
user_pref("browser.search.defaulturl", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q=");
user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=CE9300FF472E1D57");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Delta Search");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("keyword.URL", "http://websearch.a-searchpage.info/?pid=658&r=2013/05/31&hid=1511369152&lg=EN&cc=NL&unqvl=18&l=1&q=");
user_pref("browser.search.useDBForOrder", "false");
Added to C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489
---- Lines pc0ho2@zgkjmczm.org removed from prefs.js ----
user_pref("extensions.bootstrappedAddons", "{\"pc0ho2@zgkjmczm.org\":{\"version\":\"3.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\"},\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"version\":\"1.0.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\"}}");
---- Lines pc0ho2@zgkjmczm.org modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"pc0ho2@zgkjmczm.org\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pc0ho2@zgkjmczm.org\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]");
---- Lines pc0ho2@zgkjmczm.org removed from user.js ----
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119534&babsrc=NT_ss&mntrId=ce930259000000000000c86000ce59a3");
---- Lines BabylonToolbar modified from prefs.js ----
---- Lines BabylonToolbar removed from user.js ----
---- Lines delta removed from prefs.js ----
user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119534&babsrc=HP_ss&mntrId=ce930259000000000000c86000ce59a3");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.srcExt", "ss");
---- Lines delta modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\RelevantKnowledge\\\\firefox\",\"mtime\":1370880295318},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\coFFPlgn\",\"mtime\":1371880871910},\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\NIS_20.1.0.24\\\\IPSFFPlgn\",\"mtime\":1371882113517}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1364139763909},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361989143590}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PriceGong\\\\2.6.4\\\\FF\",\"mtime\":1350112492205}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1369044100000},\"disabled\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\disabled\",\"mtime\":1371296119823},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1370784052569},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\julian\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\z2sg51zl.default-1355409544489\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1366211036000}}}]");
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "ce93025900000000000000ff472e1d57");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15865");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.515:21:03");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta_i.babTrack", "affID=121845");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);
---- Lines WebSearch removed from prefs.js ----
---- Lines WebSearch modified from prefs.js ----
---- Lines WebSearch removed from user.js ----
---- Lines search.com removed from prefs.js ----
---- Lines search.com modified from prefs.js ----
---- Lines search.com removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_25-06-2013_2110_.backup
prefs_25-06-2013_2110_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Deleting Files \ Folders ======================
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\delta.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted
"C:\Users\julian\Battlefield 2\BF2VoipServer.dll" deleted
"C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.dll" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_gadwin-printscreen.exe" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_peggle-deluxe.exe" deleted
"C:\Users\julian\Downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted
"C:\Users\julian\update-bf2.bat" deleted
"C:\windows\SysNative\dmwu.exe" deleted
"C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted
"C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted
"C:\windows\SysNative\Tasks\Express FilesUpdate" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\END" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\babylon.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\askcom.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\searchplugins\WebSearch.xml" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bProtector_extensions.sqlite" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\bprotector_prefs.js" deleted
"C:\Users\julian\Desktop\Oude Firefox-gegevens\ilividtoolbarguid\search\ilividtoolbarguid-search-history.xml" deleted
"C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe" deleted
"C:\Program Files (x86)\TornTV.com" deleted
"C:\ProgramData\cOOntiNuetaosave" deleted
"C:\Program Files (x86)\SearchAmong Toolbar" deleted
"C:\Program Files (x86)\Delta" deleted
"C:\Program Files (x86)\smartdl" deleted
"C:\Program Files (x86)\Search Results Toolbar" deleted
"C:\Program Files (x86)\Babylon" deleted
"C:\Program Files (x86)\WebSearch" deleted
"C:\Program Files (x86)\WebCake" deleted
"C:\Program Files (x86)\PriceGong" deleted
"C:\Program Files (x86)\PricePeep" deleted
"C:\Program Files (x86)\BittorrentBar_NL" deleted
"C:\Program Files (x86)\ContinueToSave" deleted
"C:\Program Files (x86)\OApps" deleted
"C:\Program Files (x86)\Gophoto.it" deleted
"C:\Program Files (x86)\Wajam" deleted
"C:\Program Files (x86)\SweetIM" deleted
"C:\Program Files (x86)\Conduit" deleted
"C:\Users\julian\AppData\Roaming\ExpressFiles" deleted
"C:\Users\julian\AppData\Roaming\WebCake" deleted
"C:\Users\julian\AppData\Roaming\BabSolution" deleted
"C:\Users\julian\AppData\Roaming\Babylon" deleted
"C:\Users\julian\AppData\Roaming\Delta" deleted
"C:\ProgramData\Ask" deleted
"C:\ProgramData\StarApp" deleted
"C:\ProgramData\BrowserDefender" deleted
"C:\ProgramData\boost_interprocess" deleted
"C:\ProgramData\SweetIM" deleted
"C:\ProgramData\InstallMate" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Trymedia" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cOOntiNuetaosave" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchAmong Toolbar" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" deleted
"C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted
"C:\Users\julian\AppData\Local\Ilivid Player" deleted
"C:\Users\julian\AppData\Local\CRE" deleted
"C:\Users\julian\AppData\Local\Wajam" deleted
"C:\Users\julian\AppData\Local\Conduit" deleted
"C:\Users\julian\AppData\LocalLow\searchresultstb" deleted
"C:\Users\julian\AppData\LocalLow\BittorrentBar_NL" deleted
"C:\Users\julian\AppData\LocalLow\Delta" deleted
"C:\Users\julian\AppData\LocalLow\DataMngr" deleted
"C:\Users\julian\AppData\LocalLow\PriceGong" deleted
"C:\Users\julian\AppData\LocalLow\searchquband" deleted
"C:\Users\julian\AppData\LocalLow\Conduit" deleted
"C:\Windows\Syswow64\jmdp" deleted
"C:\Windows\Syswow64\ARFC" deleted
"C:\Windows\Syswow64\WNLT" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted
"C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pc0ho2@zgkjmczm.org" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\ffxtlbr@delta.com" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\julian\AppData\Local\Temp ====
2013-06-22 13:20:15 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\julian\AppData\Local\Temp\vlc-2.0.7-win32.exe
2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\julian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
2013-06-15 18:05:19 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\julian\AppData\Local\Temp\SkypeSetup.exe
====== C:\Windows\SysWOW64 =====
2013-06-22 06:06:50 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-14 16:57:52 F2ABFA6DFA985C9CF581B2F544AE47E7 234536 ----a-w- C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-14 16:55:50 F2ABFA6DFA985C9CF581B2F544AE47E7 234536 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-14 16:55:50 D90E8EC1E5F0A7C95DEEEED776864231 282296 ----a-w- C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-14 16:55:49 205E1B699FD3F2F9B036EEA2EC30C620 76888 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-13 01:01:34 756D0A65C1FB5528DBD04A44F773E608 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 01:01:34 56DF028F2EE4A2C2972E06907815C822 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-06-13 01:01:34 43697D7CDAEAE3EBBADE2C05107418FF 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-06-13 01:01:33 DBA747919344CD1353F8107134A20D62 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2013-06-13 01:01:33 C2CDBB424CF2461199322D6825F7B426 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 01:01:33 A1400CCB4D99E0B9E76EB45782D5C7FC 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-06-13 01:01:33 977176C4A8F4039F17F9BA939AA857A0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-06-13 01:01:33 84C8AFD609A3DE18F40AA64CDEB40194 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-06-13 01:01:33 71D8D1FD4989932674CD1F5743191286 1104384 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-06-13 01:01:33 6A25377A76479A0C0BF3DB6FC42FE09A 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-06-13 01:01:32 B49CEF589D47D9D3F602E118B1F5F3B5 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-06-13 01:01:32 A6F5B25905CD01AE714990E02C7205A5 12329984 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-06-13 01:01:32 6057AA7FDF03309A18FAE4E9FCFE7D8F 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-06-13 01:01:32 57E68AE0BCEB0F70C8AA1C4A6D5C2050 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-06-13 01:01:32 45194B4B2280B7745AC6C483C32385A8 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 01:01:30 B81388E9FE895065FD5CEAF3C11FDC3F 9738752 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-06-12 10:15:22 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2013-06-12 10:15:22 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 10:15:21 5B2E4E90C04FB9AE9F2C5E99FF59B283 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 10:15:20 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\SysWOW64\certenc.dll
2013-06-12 10:15:20 92245C959E5BC378809D2CC5E9F6E9C7 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-06-12 10:15:20 8A8B277067C22F4BF6AA9A31692FC4D3 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 10:15:20 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\SysWOW64\d3d11.dll
2013-06-12 10:15:20 3897DFF247D9ED0006190349DE264E14 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 10:15:20 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\SysWOW64\certutil.exe
====== C:\Windows\SysWOW64\drivers =====
2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS
====== C:\Windows\Sysnative =====
2013-06-13 01:01:34 5239CFF7EA2207665E387AA0BAAA50C4 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-06-13 01:01:34 47DA92AB70D910D018B11FA86A7808E4 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2013-06-13 01:01:33 F7737C8F19ED1525B171ED4BA3F5EEC0 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-06-13 01:01:33 B7AB4EDBAC1DD6680DE7E3E2A82B31F9 237056 ----a-w- C:\Windows\Sysnative\url.dll
2013-06-13 01:01:33 AB32F17AAC815660530F50E688234DAA 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-06-13 01:01:33 9F7E78EE2A213023AC5CF20FFFF66575 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2013-06-13 01:01:33 6542163C675E19A1F1A638734662F0AA 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-06-13 01:01:33 4FBE96D97A1E070A06F76F67255C756D 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-06-13 01:01:33 43BBAF4696BF995143EA57DC304CC05B 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2013-06-13 01:01:33 043A615B2E8C15AEA6BC5709ED140D80 248320 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-06-13 01:01:32 DE3DC975F1A9F82BAB9812A272018810 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-06-13 01:01:32 92C534EAD395871614F5A0A556139033 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-06-13 01:01:32 3360345F0084EE8405E6C60B4D9CD7F7 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll
2013-06-13 01:01:32 0C4C70A05734A684B0183C1B68DAE881 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-06-13 01:01:31 A820869140978CCAF33CF7770EEE19F5 17824768 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-06-13 01:01:31 64A3B1E55FBB7E36AE856FD1A8A4E00C 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-06-12 10:15:22 C06FAAF13E37CE482F612AFF2D2331F3 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll
2013-06-12 10:15:22 67CF11E00D026A5C0C88EA5F84D501E5 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll
2013-06-12 10:15:21 3D7BB6DD7A87B3E36E44CA94444247A8 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2013-06-12 10:15:20 D8129C49798CBBFB2E4351D4B7B8EF9C 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2013-06-12 10:15:20 A96D5ECA5742603E0E345C4F6B801F5E 1464320 ----a-w- C:\Windows\Sysnative\crypt32.dll
2013-06-12 10:15:20 4C92EB7535CAA1681A77D928FBF9771F 1887232 ----a-w- C:\Windows\Sysnative\d3d11.dll
2013-06-12 10:15:20 4586B77B18FA9A8518AF76CA8FD247D9 1192448 ----a-w- C:\Windows\Sysnative\certutil.exe
2013-06-12 10:15:20 2C4C22EA1735F21F355EB1A39832F7DF 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2013-06-12 10:15:20 189B0BAE1B0EDD51CEF1CD3F4CDEE02E 52224 ----a-w- C:\Windows\Sysnative\certenc.dll
====== C:\Windows\Sysnative\drivers =====
2013-06-23 20:15:42 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-06-17 18:03:13 F19E5E37ED8134B9E5F6287F2D3A75D7 177312 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS
2013-06-17 18:03:13 9D9C047446821A064AE1A5C4AED636FA 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF
2013-06-17 18:03:13 3DA43F1C05B62945A33EC3153327EE77 7631 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT
2013-06-12 10:15:22 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-06-04 23:09:44 454451A6A699C07040F406E44C457A50 11833856 ----a-w- C:\Windows\Sysnative\drivers\atikmdag.sys
2013-06-04 21:35:04 61FBDA851233587CE9C9B7020146359E 608768 ----a-w- C:\Windows\Sysnative\drivers\atikmpag.sys
2013-06-04 21:31:40 DBBDAF523A78C79FE98F1C10F77DD6FE 43520 ----a-w- C:\Windows\Sysnative\drivers\ati2erec.dll
====== C:\Windows\Tasks ======
2013-06-14 18:31:42 3B249AF8802523242BD25DFB4F2B81EC 3380 ----a-w- C:\Windows\Sysnative\Tasks\{3EFAA257-95C3-4ABC-A74A-F3514B5A6B08}
2013-06-10 16:25:05 577B2B0FD2EC46B45E501B239D77AFBA 2964 ----a-w- C:\Windows\Sysnative\Tasks\{B0293800-DF23-472A-A108-6EC4906342CE}
2013-06-08 10:17:33 8BD7E11BC3152AC20249E5E992478891 3104 ----a-w- C:\Windows\Sysnative\Tasks\{02D9861F-4892-49B6-959D-D1818889C73F}
2013-06-07 14:17:13 3467D0CE30F41EFF277824952F96D12F 3144 ----a-w- C:\Windows\Sysnative\Tasks\{F13B5C83-4367-4944-B256-D3D004BB4F7E}
2013-06-06 18:02:10 06257C6A2403709D98F141F6E7C04514 2956 ----a-w- C:\Windows\Sysnative\Tasks\{5D4E1B59-06CF-4374-8EFE-7D5FC482D592}
2013-06-06 18:01:13 06257C6A2403709D98F141F6E7C04514 2956 ----a-w- C:\Windows\Sysnative\Tasks\{83A96BC4-1DE2-4C38-9E48-C4243152416B}
2013-06-02 07:50:30 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{A0CAF408-DF20-410F-B641-76B0FED8F827}
2013-06-01 15:07:10 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{1C415C97-203F-4C70-8D38-644F068AEAF4}
2013-06-01 11:07:04 7419738B2F41DCF522A329F241C19597 3044 ----a-w- C:\Windows\Sysnative\Tasks\{029673D1-7AD4-4F1E-A4B9-EF9ACE288557}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2013-06-23 15:42:04 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-06-22 06:24:29 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2013-06-18 15:21:41 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-06-14 16:51:53 -------- d-----w- C:\Program Files (x86)\EA Games
2013-06-13 14:10:01 -------- d-----w- C:\Program Files (x86)\ElcomSoft
2013-06-09 13:21:44 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-06-06 16:52:42 -------- d-----w- C:\Program Files (x86)\BFG
======= C: =====
====== C:\Users\julian\AppData\Roaming ======
2013-06-22 06:26:11 -------- d-----w- C:\users\julian\AppData\Local\eSupport.com
2013-06-15 12:24:35 -------- d-----w- C:\users\julian\AppData\Roaming\.minecraft
2013-06-13 14:09:04 -------- d-----w- C:\users\julian\AppData\Local\Programs
2013-06-09 13:56:25 -------- d-----w- C:\users\julian\AppData\Roaming\LolClient
2013-06-09 13:21:49 -------- d-----w- C:\users\julian\AppData\Local\PMB Files
2013-06-09 13:20:51 -------- d-----w- C:\users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTRAX
2013-06-08 11:38:34 -------- d-----w- C:\users\julian\AppData\Roaming\dvdcss
2013-06-01 11:07:09 -------- d-----w- C:\users\julian\AppData\Roaming\Sony Online Entertainment
2013-05-31 22:18:58 9BF6B8D9E3A59750CC16CAA24E346074 20480000 ----a-w- C:\users\julian\AppData\Locallow\store-pp.jbs
2013-05-28 18:15:33 -------- d-----w- C:\users\julian\AppData\Locallow\Sony Online Entertainment
2013-05-28 18:15:33 -------- d-----w- C:\users\julian\AppData\Local\SCE
====== C:\Users\julian ======
2013-06-23 20:15:24 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\julian\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-22 13:20:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2013-06-22 06:26:22 35AE5FA5E91E644A2405301A667D58B0 41472 ----a-w- C:\Users\julian\Downloads\launcher64.dll
2013-06-22 06:26:07 139E26F4B1497C4F870111FDF275CF7E 627784 ----a-w- C:\Users\julian\Downloads\driveragent-987.exe
2013-06-18 15:23:00 -------- d-----w- C:\ProgramData\ATI
2013-06-18 15:21:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2013-06-18 15:20:29 -------- d-----w- C:\ProgramData\Package Cache
2013-06-18 15:18:57 1A6772E132C09D940F6C2717F061DF22 1684592 ----a-w- C:\Users\julian\Downloads\AMD_Catalyst_13.5_CAP1.05212013.exe
2013-06-18 15:17:31 FCFDF043FEF6F94F1A945D04DAF74D79 187682976 ----a-w- C:\Users\julian\Downloads\AMD_Catalyst_13.6_Beta2.exe
2013-06-18 15:12:28 D1B49918236FDCA8388F15E471608E79 141110624 ----a-w- C:\Users\julian\Downloads\13-4_win7_win8_64_dd_ccc_whql.exe
2013-06-17 18:00:42 F8EC08D5771C22CA55C7AE136EA77EEA 153633520 ----a-w- C:\Users\julian\Downloads\NIS_20.1.0.24_SYMTB_PROMO_4_MRFTT_373_7607_NL1.exe
2013-06-15 12:24:32 B63CCB43F2779CBEA5D8D3CE2E3D90FB 263186 ----a-w- C:\Users\julian\Desktop\Minecraft.exe
2013-06-15 12:24:23 A67016DD1020895185C81774C4950764 2542151 ----a-w- C:\Users\julian\Downloads\Minecraft_Server.exe
2013-06-14 18:31:20 DC97F872AE2D94C95B49F007A9486EF9 3174 ----a-w- C:\Users\julian\bf2reg.reg
2013-06-14 18:31:20 C57374648823A8E9730AAB7C372C30FD 3186 ----a-w- C:\Users\julian\update-bf2.html
2013-06-14 18:31:20 B4EF39939007A555F23829824C021E35 1036288 ----a-w- C:\Users\julian\Battlefield 2\SwiffPlayer.dll
2013-06-14 18:31:20 A7103908C2AA35FB6BBD7D8224E4AADB 98304 ----a-w- C:\Users\julian\Battlefield 2\zlib122.dll
2013-06-14 18:31:20 122DAE458F40E8328D62F63F8602E6A5 97792 ----a-w- C:\Users\julian\Battlefield 2\key-generator.exe
2013-06-14 18:31:20 1132A012CB6188A309824EF9153CB268 270336 ----a-w- C:\Users\julian\Battlefield 2\TextureAtlasBuilder.dll
2013-06-14 18:31:12 E383AEF908C4CDABCBC96C6720A10F68 3584 ----a-w- C:\Users\julian\Battlefield 2\SD0412.dll
2013-06-14 18:31:12 C26EBA8592F0C005CAB4C04C3E065EFE 4608 ----a-w- C:\Users\julian\Battlefield 2\SD040e.dll
2013-06-14 18:31:12 B646200A2AC124DF4F07B4F415DE7121 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0414.dll
2013-06-14 18:31:12 AAF43741C3E1504F8D1498D366F9F4FA 2555392 ----a-w- C:\Users\julian\Battlefield 2\RendDX9.dll
2013-06-14 18:31:12 A6172E91D5C0D36C95D5B6ABBDEC47F5 4096 ----a-w- C:\Users\julian\Battlefield 2\SD041d.dll
2013-06-14 18:31:12 A31F77FE2D953B88C766C67222042CD3 5120 ----a-w- C:\Users\julian\Battlefield 2\SD040c.dll
2013-06-14 18:31:12 9A437A56A6E9137D6E95A2B2A9FFDDA4 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0410.dll
2013-06-14 18:31:12 8472382414C51DC1B354050ED42D3C76 77824 ----a-w- C:\Users\julian\Battlefield 2\PCRegExp.dll
2013-06-14 18:31:12 7AB0DF1C88444DA4B3FA7E61DAC98E6C 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0809.dll
2013-06-14 18:31:12 7038E50AC41CAFE317798F2765C984B6 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0416.dll
2013-06-14 18:31:12 6EB704E488FCB2BC0EA59D17D16D7352 4608 ----a-w- C:\Users\julian\Battlefield 2\SD041e.dll
2013-06-14 18:31:12 6A2E0F32C2366A79F7AF546F89DCF9DD 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0c0a.dll
2013-06-14 18:31:12 670224330A0AB969855032A39E500E95 5120 ----a-w- C:\Users\julian\Battlefield 2\SD0407.dll
2013-06-14 18:31:12 586B1C086848B93B5E258F4C8A132CF4 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0415.dll
2013-06-14 18:31:12 39AA404E2B16ED616CBE1CC5FF5509C6 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0816.dll
2013-06-14 18:31:12 2E0DD34F0B2EAF3D6E3CFAAABC5DC667 3072 ----a-w- C:\Users\julian\Battlefield 2\SD0804.dll
2013-06-14 18:31:12 2D533E1654920B95942E3018DA17AB41 2115072 ----a-w- C:\Users\julian\Battlefield 2\RendDX9x2.dll
2013-06-14 18:31:12 2CCCAF4B2D70CF7D85248BF0A30A9A2E 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0405.dll
2013-06-14 18:31:12 225761FEE6F67D2BD61F26A10C8EAD73 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0413.dll
2013-06-14 18:31:12 1ED52CE1821F4685C4808DBA0A823070 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0409.dll
2013-06-14 18:31:12 184FF00B0B815FC05736835496DD1A4B 4608 ----a-w- C:\Users\julian\Battlefield 2\SD0406.dll
2013-06-14 18:31:12 155B4566C3F529181EBA89B7F9CEDDB2 3584 ----a-w- C:\Users\julian\Battlefield 2\SD0411.dll
2013-06-14 18:31:12 0DB52597CE44BB1277827170155BD28C 3072 ----a-w- C:\Users\julian\Battlefield 2\SD0404.dll
2013-06-14 18:31:12 0789F4DBF08AD534479CED9F1D0B0A54 4608 ----a-w- C:\Users\julian\Battlefield 2\SD040b.dll
2013-06-14 18:31:11 D04F7AACA2319A3BCDB2C5D5DD6F6026 487424 ----a-w- C:\Users\julian\Battlefield 2\msvcp70.dll
2013-06-14 18:31:11 CA3A59D92F479A17E5CA6A0E13896846 54784 ----a-w- C:\Users\julian\Battlefield 2\msvci70.dll
2013-06-14 18:31:11 B90BEC0DF65B91840916C6F03905E80A 226304 ----a-w- C:\Users\julian\Battlefield 2\NovintHFX.dll
2013-06-14 18:31:11 9972A6ED4F2388DBFA8E0A96F6F3FDF1 344064 ----a-w- C:\Users\julian\Battlefield 2\msvcr70.dll
2013-06-14 18:31:11 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\Users\julian\Battlefield 2\msvcr71.dll
2013-06-14 18:31:11 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Users\julian\Battlefield 2\msvcp71.dll
2013-06-14 18:30:12 F35A584E947A5B401FEB0FE01DB4A0D7 1060864 ----a-w- C:\Users\julian\Battlefield 2\MFC71.dll
2013-06-14 18:30:12 E58A20C9E7B342D5CA1F5BA75F1D1108 358963 ----a-w- C:\Users\julian\Battlefield 2\binkw32.dll
2013-06-14 18:30:12 DF5D05D4322A2442C4F58D244555C77A 894464 ----a-w- C:\Users\julian\Battlefield 2\dbghelp.dll
2013-06-14 18:30:12 D7CE65481FBCBE30B6BEE9A5F06EED76 49152 ----a-r- C:\Users\julian\Battlefield 2\FireWallDLL.dll
2013-06-14 18:30:12 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Users\julian\Battlefield 2\d3dx9_24.dll
2013-06-14 18:30:12 B5EC891A8B9C562336AA375E148F681D 3584 ----a-w- C:\Users\julian\Battlefield 2\CoreDLL.dll
2013-06-14 18:30:12 AE3844CDED71D93206F594C14AB156B6 307200 ----a-w- C:\Users\julian\Battlefield 2\BF2Audio.dll
2013-06-14 18:30:12 A9A3E14F8547E6A7904FBD0DF0C924D9 1581056 ----a-w- C:\Users\julian\Battlefield 2\dice_py.dll
2013-06-14 18:30:12 A3E30D7D91AE7002E61F251CA038E620 40960 ----a-w- C:\Users\julian\Battlefield 2\Memory_w32ded.dll
2013-06-14 18:30:12 9FFB15934631863E82F1EF75128E519E 1052672 ----a-w- C:\Users\julian\Battlefield 2\BFMFC.DLL
2013-06-14 18:30:12 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Users\julian\Battlefield 2\BF2OpenAL.dll
2013-06-14 18:30:12 972D2128C77939F09E97943DAA2341A0 1255853 ----a-w- C:\Users\julian\Battlefield 2\DIAG.EXE
2013-06-14 18:30:12 95967D5480D4D12C4705F4B61380046D 1507328 ----a-w- C:\Users\julian\Battlefield 2\AIDLL.dll
2013-06-14 18:30:12 90E3FEBE17E21ABA348B32964446988D 196608 ----a-w- C:\Users\julian\Battlefield 2\BF2VoipServer.exe
2013-06-14 18:30:12 8DD2A9D25EEE18BF295EF796CBD1562C 9216 ----a-w- C:\Users\julian\Battlefield 2\ihdl.dll
2013-06-14 18:30:12 7E42D1506087B227AC048864F5743C67 2977792 ----a-w- C:\Users\julian\Battlefield 2\AIDLL_w32ded.dll
2013-06-14 18:30:12 7D72BA67C8AB5A616473709476DB4661 40960 ----a-w- C:\Users\julian\Battlefield 2\Memory.dll
2013-06-14 18:30:12 694D388DF50BE1E370713C59003126A4 196608 ----a-w- C:\Users\julian\Battlefield 2\BF2VoiceSetup.exe
2013-06-14 18:30:12 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Users\julian\Battlefield 2\d3dx9_25.dll
2013-06-14 18:30:12 4C8BE829901194FE5EA4CC6EC39FBB19 618496 ----a-w- C:\Users\julian\Battlefield 2\BF2VoipServer_w32ded.exe
2013-06-14 18:30:12 4C843DCEE79388341F72C3A7ADB1ACE6 6556160 ----a-w- C:\Users\julian\Battlefield 2\BF2.exe
2013-06-14 18:30:12 2A00CF875D2B046FA8B655F747097B48 4980736 ----a-w- C:\Users\julian\Battlefield 2\bf2_w32ded.exe
2013-06-14 18:30:12 09AEF167EB1531E965053D0DCF6CC573 974848 ----a-w- C:\Users\julian\Battlefield 2\mfc70.dll
2013-06-14 18:30:12 -------- d-----w- C:\Users\julian\Battlefield 2
2013-06-10 17:22:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1
2013-06-09 13:21:49 -------- d-----w- C:\ProgramData\PMB Files
2013-06-09 13:21:20 -------- d-----w- C:\Users\julian\.swt
2013-06-09 13:20:51 -------- d-----w- C:\Users\julian\Qtrax
2013-06-06 16:53:53 -------- d-----w- C:\ProgramData\Big Fish Games
2013-06-02 18:05:09 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-05-31 20:29:52 -------- d-sh--w- C:\ProgramData\Realtek0
2013-05-28 18:15:09 -------- d-----w- C:\Users\Public\Sony Online Entertainment
====== C: exe-files ==
2013-06-23 20:15:24 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\julian\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-23 16:07:16 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_updateCAB9T4TH.exe
2013-06-22 16:07:14 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_updateCASTJ157.exe
2013-06-22 13:20:15 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\julian\AppData\Local\Temp\vlc-2.0.7-win32.exe
2013-06-22 06:26:07 139E26F4B1497C4F870111FDF275CF7E 627784 ----a-w- C:\Users\julian\Downloads\driveragent-987.exe
2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\julian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
2013-06-21 16:07:14 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_updateCAKVK61B.exe
2013-06-20 18:00:47 80633916458CC8041D0F483B7633E9F6 1582944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.116\27.0.1453.116_27.0.1453.110_chrome_updater.exe
2013-06-20 16:07:13 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_updateCA99GL3Q.exe
2013-06-19 16:07:01 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_updateCARN1WV2.exe
=== C: other files ==
2013-06-23 20:15:42 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-06-22 06:32:05 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\julian\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\res2.windows.microsoft.com
2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\Temp\DriverAgent\DrvAgent64.sys
2013-06-22 06:26:11 1ED08A6264C5C92099D6D1DAE5E8F530 21712 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS
==== Firefox Extensions ======================
ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489
- WebCake - %ProfilePath%\extensions\plugin@getwebcake.com
- PricePeep - %ProfilePath%\extensions\pricepeep@getpricepeep.com.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Expat Shield Helper Please allow this installation - %AppDir%\extensions\afurladvisor@anchorfree.com
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
8F0B95B3AC17DAE9E138E7BBE2429B6C - C:\Users\julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleting Files \ Folders ======================
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\pricepeep@getpricepeep.com.xpi" deleted
"C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\extensions\plugin@getwebcake.com" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx[]
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\julian\AppData\Roaming\BabSolution\CR\Delta.crx[]
fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\WebCake\WebCakeLayers.crx[]
jbpkiefagocgkmemidfngdkamloieekf - No path found[]
jcdgjdiieiljkfkdcloehkohchhpekkn - No path found[]
jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\julian\AppData\Local\Wajam\Chrome\wajam.crx[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[31-05-2013 03:49]
mkndcbhcgphcfkkddanakjiepeknbgle - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx[]
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\julian\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]
nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx[31-05-2013 03:49]
ogccgbmabaphcakpiclgcnmcnimhokcj - No path found[]
pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\julian\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]
cOOntiNuetaosave - julian - Default\Extensions\bfgggnbjollgggilpnbgmknchfmefafk
PriceGong - julian - Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Battlefield Heroes - julian - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh
Delta Toolbar - julian - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
WebCake - julian - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Wajam - julian - Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
PricePeep - julian - Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Norton Identity Protection - julian - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
BittorrentBar_NL - julian - Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn
Norton Identity Protection - julian - Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
GoPhoto.it - julian - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
==== Chrome Fix ======================
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfgggnbjollgggilpnbgmknchfmefafk deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfgggnbjollgggilpnbgmknchfmefafk_0.localstorage deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfgggnbjollgggilpnbgmknchfmefafk_0.localstorage-journal deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=CE9300FF472E1D57"
"Use Search Asst"="yes"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="https://isearch.avg.com/search?cid={AF53778E-845E-46A3-8290-0A5AD3C5987B}&mid=440a2429c79c47d0a3b31929462ab050-571c1ccf3ab1d3391e42b1126e5a835d476d1854〈=nl&ds=st011&pr=sa&d=2012-07-19"
==== Reset Google Chrome ======================
C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\julian\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\julian\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H03FDAM will be deleted at reboot
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PVA574A will be deleted at reboot
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6ZACT6 will be deleted at reboot
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MI4DRWWM will be deleted at reboot
C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\julian\AppData\Local\Mozilla\Firefox\Profiles\z2sg51zl.default-1355409544489\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\julian\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\julian\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H03FDAM" not found
"C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PVA574A" not found
"C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6ZACT6" not found
"C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MI4DRWWM" not found
==== EOF on di 25-06-2013 at 21:14:41,64 ======================
-
hoe zet ik mijn antivirus uit ik heb norton en ik ben naar die site geweest en heb het geprobeerd maar dat gene wat zij doen staat er geneens als ik rechtermuisklik doe
-
effe bewrkt
-
dit is alvast het logje van malware bytes ik ga nu me comp opnieuw opstarten en geef daarna het logje van hijakck:Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2013.06.23.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
julian :: JULIAN14 [administrator]
Bescherming: Ingeschakeld
23-6-2013 22:16:48
mbam-log-2013-06-23 (22-16-48).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 218064
Verstreken tijd: 2 minuut/minuten,
Geheugenprocessen gedetecteerd: 2
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (PUP.Adware.RelevantKnowledge) -> 6392 -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe (PUP.Adware.RelevantKnowledge) -> 1208 -> Zal worden verwijderd tijdens het herstarten.
Geheugenmodulen gedetecteerd: 1
C:\Program Files (x86)\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten.
Registersleutels gedetecteerd: 13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (PUP.Adware.RelevantKnowledge) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Typelib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\bho_project.bho_object (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 26
C:\Program Files (x86)\RelevantKnowledge (PUP.Spyware.MarketScore) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\RelevantKnowledge\components (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\defaults (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\defaults\preferences (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\locale (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\dom (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\.idea (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\.idea\scopes (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 99
C:\Program Files (x86)\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe (PUP.Adware.RelevantKnowledge) -> Zal worden verwijderd tijdens het herstarten.
C:\ProgramData\InstallMate\{9486C007-2091-408F-A264-68B34F65E2F1}\Custom.dll (Trojan.MSIL.Injector) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\julian\AppData\Local\Temp\pricepeep_1.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\julian\AppData\Local\Temp\toolbar109650029.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\julian\Downloads\VIO_Player_Setup (1).exe (PUP.Bundle.Installer.OI) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\julian\Downloads\VIO_Player_Setup.exe (PUP.Bundle.Installer.OI) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\chrome.manifest (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\install.rdf (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\nscf.dat (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlcm.crx (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlcm.txt (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlls64.dll (PUP.Spyware.MarketScore) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlph.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\rlxf.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\components\rlxg.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\bootstrap.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\harness-options.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\install.rdf (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\locales.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\rlnx.dll (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\defaults\preferences\prefs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\locale\en-GB.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\locale\eo.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\locale\fr-FR.json (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\chrome.manifest (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\page-mod.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\tabs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\addon-kit\lib\windows.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\content-proxy.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-content-symbiont.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-message-manager.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\data\test-trusted-document.html (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\api-utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\byte-streams.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\channel.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\collection.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\cortex.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\cuddlefish.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\environment.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\errors.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\file.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\globals!.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\hidden-frame.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\light-traits.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\list.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\match-pattern.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\memory.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\message-manager.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\namespace.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\observer-service.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\plain-text-console.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\process.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\runtime.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\sandbox.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\self!.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\system.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\text-streams.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\timer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traceback.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\unload.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\url.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\window-utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\xpcom.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\xul-app.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\loader.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\symbiont.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\content\worker.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\dom\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\events\assembler.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\events.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\observer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\tab.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\tabs\utils.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\traits\core.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\data.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\function.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\object.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\registry.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\utils\thumbnail.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\dom.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\loader.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\observer.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\api-utils\lib\windows\tabs.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\data\content.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\dompilot.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\dputil.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\RelevantKnowledge\firefox\resources\dpjs\lib\main.js (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (PUP.Spyware.MarketScore) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
- - - Updated - - -
oke hier is het logje van hijack en wat is eigenlijk spyware en malware
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:26:26, on 23-6-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
D:\dead island\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - !{0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)
O3 - Toolbar: (no name) - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - (no file)
O3 - Toolbar: (no name) - !{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O3 - Toolbar: (no name) - !{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file)
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [steam] "D:\dead island\Steam.exe" -silent
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14365 bytes
-
de link deed het toch
hier is het:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:12, on 23-6-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
D:\dead island\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: SearchAmong Toolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll
O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll
O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
O2 - BHO: cOOntiNuetaosave - {57084250-D60C-B4BB-033C-6DDF31EA3537} - C:\ProgramData\cOOntiNuetaosave\51a918db99cb1.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: (no name) - !{0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)
O3 - Toolbar: (no name) - !{82E1477C-B154-48D3-9891-33D83C26BCD3} - (no file)
O3 - Toolbar: (no name) - !{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O3 - Toolbar: (no name) - !{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file)
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [steam] "D:\dead island\Steam.exe" -silent
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\julian\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &SearchAmong - res://C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll/MENUSEARCH.HTM
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: WajamUpdater - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17435 bytes
-
de link doet het niet
-
mijn computer is heel sloom geworden zou ik mischien alles weer kunnen wissen of naar fabrieks instellingen terug zetten zouden jullie me daarmee willen helpen en hoe zit het dan met windows 7 hoe instaleer ik dat opnieuw en met mijn ssd en videokaart hoe moet ik dat dan doen ik hoop dat jullie mij willen helpen en mijn computer is samengesteld bij alternate dit is mijn computer http://speccy.piriform.com/results/1Cdhc8Z1m5zmiGoKK2U6upf
-
het is allemaal opgelost ik heb systeem herstel gedaan toch bedankt voor uw hulp/tijd
-
iemand stuurde een bestandje en ik opende dat en ik kon het met bepaalde programmas openen dus opende ik het met kladblok en toen was echt alles op mn bureablad naar een kladblok bestand veranderd behalve skype en ik kon op het internet door erop te klikken en dan naar meest bezocht te gaan en toen kwam ik wel er wel in maar ik kan niet meer in mijn games echt help me zo snel mogelijk en als ik het open staan er allemaal teketjes in
mvg julian
-
willen jullie mij nog helpen met het vinden van een perfecte toetsenbord voor mij en ik dacht aan deze Razer BlackWidow Ultimate 2013 wilt u u mening er over geven en of zeggen of u een betere vindt of weet
groetjes julian
-
oke danku
-
srry van de weinige info ben al lang niet meer op deze site geweest maar wat voor toetsenbord raad u me aan die goed is en er vet uitziet met lichtjes enzo want ik kan niet goed kiezen tussen die allemaal
-
hallo allemaal,
ik zou graag een gaming toetsenbord willen kopen die er vet uitziet en goed werkt ik wil hiervoor niet meer dan 120
euro aan uitgeven. Voor de rest wil ik nog 16 gb ram en dan 2 keer 8 nu heb ik 4 keer 4 gb en dan heb ik 2 keer 4 en 2 keer 8 maar ik zou ook graag weten of ik wel meer dan 16 gb ram kan hebben ik heb nu corsair vengeance lp
ddr3 1600 hier aan wil ik niet meer dan 130 euro aan besteden ik hoop dat jullie mij kunnen helpen
mvg, Julian
-
oke dank u voor uw help
-
Bent u het topic weer uit het oog verloren?????
-
ik wil liever een 22 inch scherm want ik denk dat het raar staat als de een groter is dan de ander maar wat voor scherm ik nu heb is deze LG M197WD Multi Function Monitor - Reviews, prijzen en specificaties van alle modellen van LG
-
ja ik game er best wel veel op dus meer voor gamen
-
Ik weet niet of je dit bedoeld sapphire hd 7870 het is soort van deze SAPPHIRE HD 7850 OC (11200-06-20G)
maar dan een 7870
trage pc en browser
in Archief Windows 7
Geplaatst:
log.txt
ik weet nie of ik het goed gedaan heb maar ik denk van wel nog thx dat u me wilt helpen
AdwCleaner[S0].txt
mbam scanlog.txt