ezra

Beste Mijn broertje heeft blijkbaar F12 gedaan, maar de pc toont nog problemen. Het sluit zo van zichzelf af en start terug op.. Ik heb hieronder nog eens het logje via Zoek.exe: Zoek.exe Version 4.0.0.5 Updated 14-November-2013 Tool run by Diren Harun on za 23/11/2013 at 18:32:19,74. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Diren Harun\AppData\Local\Temp\Temp1_zoek.zip\zoek.com [script inserted] ==== System Restore Info ====================== 23/11/2013 18:33:32 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C7818C38-A48C-402A-9800-E31A3CED1766} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"=- [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Wincert not found "C:\Users\Harun Diren\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.0.exe" not found "C:\Users\Harun Diren\Downloads\RSITx64 (1).exe" not found "C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup (1).exe" not found "C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup.exe" not found "C:\Users\Harun Diren\Desktop\ets_1_3_setup.exe" not found "C:\Program Files (x86)\DealPly\DealPly.crx" not found ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "msntoolbar@msn.com"="C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox" [13/11/2013 04:04] ==== Chrome Look ====================== Google Docs - Diren Harun - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Diren Harun - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Diren Harun - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Diren Harun - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Diren Harun - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Diren Harun - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_skype.nl.softonic.com_0.localstorage deleted successfully C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_skype.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://g.uk.msn.com/HPCON/2" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://g.uk.msn.com/HPCON/2" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{33455C9E-EBD7-4564-A38D-75C426404733}" {33455C9E-EBD7-4564-A38D-75C426404733} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {EC31BC8A-BDEE-4A5A-8BC6-8774922B70EB} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Diren Harun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Diren Harun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DIRENH~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 23/11/2013 at 18:42:01,69 ======================

Zoek.exe Version 4.0.0.5 Updated 09-November-2013 Tool run by Harun Diren on za 09/11/2013 at 13:43:21,05. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Harun Diren\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 9/11/2013 13:45:29 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\eFusion deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Pando Networks deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\ProgramData\Babylon deleted successfully C:\ProgramData\Browser Manager deleted successfully C:\ProgramData\BrowserProtect deleted successfully C:\ProgramData\Freemake deleted successfully C:\ProgramData\Origin deleted successfully C:\Users\Harun Diren\AppData\Roaming\Bandoo deleted successfully C:\Users\Harun Diren\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Harun Diren\AppData\Local\CUSTPDF Writer deleted successfully C:\Users\Harun Diren\AppData\Local\PDFC deleted successfully C:\Users\Harun Diren\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{484193FE-4D43-44F2-B6FE-82A2D0DEADA1} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8C77D487-00AE-4EF4-A2C2-95AFB126FFEE} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C7818C38-A48C-402A-9800-E31A3CED1766} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FE7653D4-176D-4856-B40A-8465D1008D6A} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabupdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\defaulttabupdate deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\prefs.js: user_pref("browser.startup.homepage", "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1073&v=r9854-144&t=4"); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("browser.search.defaulturl", ""); user_pref("browser.newtab.url", "about:blank"); user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.defaultenginename", "Ask.com"); user_pref("browser.search.defaultenginename,S", ""); user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("browser.search.selectedEngine", "Ask.com"); user_pref("browser.search.selectedEngine,S", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("browser.search.order.1", "Ask.com"); user_pref("browser.search.order.1,S", ""); user_pref("keyword.URL", "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1073&systemid=406&v=r9854-144&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8290173442644181&o=APN10645&q="); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default ---- Lines Softonic removed from prefs.js ---- user_pref("extensions.Softonic.admin", false); user_pref("extensions.Softonic.aflt", "SD"); user_pref("extensions.Softonic.autoRvrt", "false"); user_pref("extensions.Softonic.cntry", "BE"); user_pref("extensions.Softonic.cv", "cv5"); user_pref("extensions.Softonic.dfltlng", "nl"); user_pref("extensions.Softonic.dfltLng", "nl"); user_pref("extensions.Softonic.dfltSrch", true); user_pref("extensions.Softonic.dfltsrch", true); user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)"); user_pref("extensions.Softonic.dspOld", "SweetIM Search"); user_pref("extensions.Softonic.envrmnt", "production"); user_pref("extensions.Softonic.excTlbr", false); user_pref("extensions.Softonic.hdrMd5", "1F76DB111F1E62460EE0562306E09905"); user_pref("extensions.Softonic.hmpg", true); user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpOld", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}"); user_pref("extensions.Softonic.hrdid", "e0ef131f0000000000006c626d0981fa"); user_pref("extensions.Softonic.id", "e0ef131f0000000000006c626d0981fa"); user_pref("extensions.Softonic.instlDay", "15642"); user_pref("extensions.Softonic.instlday", "15642"); user_pref("extensions.Softonic.instlRef", "INF00008"); user_pref("extensions.Softonic.instlref", "INF00008"); user_pref("extensions.Softonic.isdcmntcmplt", "false"); user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.keywordurl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.419:28:04"); user_pref("extensions.Softonic.mntrvrsn", "1.3.0"); user_pref("extensions.Softonic.monitorreport", true); user_pref("extensions.Softonic.newtab", true); user_pref("extensions.Softonic.newTab", true); user_pref("extensions.Softonic.newtaburl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.prdct", "Softonic"); user_pref("extensions.Softonic.propectorlck", 93782473); user_pref("extensions.Softonic.prtnrid", "softonic"); user_pref("extensions.Softonic.prtnrId", "softonic"); user_pref("extensions.Softonic.radiomystations", "[{\"id\":\"101\",\"name\":\"Radio Mambo 106 FM\",\"url\":\"http://www.mambo.it/player/mambo.asx\",\" user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings"); user_pref("extensions.Softonic.savedVrsnTs", "1"); user_pref("extensions.Softonic.sg", "az"); user_pref("extensions.Softonic.smplGrp", "none"); user_pref("extensions.Softonic.smplgrp", "none"); user_pref("extensions.Softonic.srch", ""); user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.tlbrid", "base"); user_pref("extensions.Softonic.tlbrId", "base"); user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.tlbrsrchurl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.vrsn", "1.6.7.4"); user_pref("extensions.Softonic.vrsni", "1.6.7.4"); user_pref("extensions.Softonic.vrsnts", "1.6.7.419:28:04"); user_pref("extensions.Softonic.vrsnTs", "1.6.7.419:28:04"); user_pref("extensions.Softonic_i.dnsErr", true); user_pref("extensions.Softonic_i.hmpg", true); user_pref("extensions.Softonic_i.newTab", true); user_pref("extensions.Softonic_i.smplGrp", "none"); user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.419:28:04"); ---- Lines Softonic modified from prefs.js ---- user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40softonic.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\ ---- Lines Softonic removed from user.js ---- user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings"); user_pref("extensions.Softonic.autoRvrt", "false"); user_pref("extensions.Softonic_i.hmpg", true); user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpOld", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}"); user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.dfltSrch", true); user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.dspOld", "SweetIM Search"); user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)"); user_pref("extensions.Softonic_i.dnsErr", true); user_pref("extensions.Softonic_i.newTab", true); user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.id", "e0ef131f0000000000006c626d0981fa"); user_pref("extensions.Softonic.instlDay", "15642"); user_pref("extensions.Softonic.vrsn", "1.6.7.4"); user_pref("extensions.Softonic.vrsni", "1.6.7.4"); user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.419:28:04"); user_pref("extensions.Softonic.prtnrId", "softonic"); user_pref("extensions.Softonic.prdct", "Softonic"); user_pref("extensions.Softonic.aflt", "SD"); user_pref("extensions.Softonic_i.smplGrp", "none"); user_pref("extensions.Softonic.tlbrId", "base"); user_pref("extensions.Softonic.instlRef", "INF00008"); user_pref("extensions.Softonic.dfltLng", "nl"); user_pref("extensions.Softonic.excTlbr", false); user_pref("extensions.Softonic.admin", false); ---- Lines ividi removed from prefs.js ---- user_pref("extensions.ividi.admin", false); user_pref("extensions.ividi.aflt", "3"); user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}"); user_pref("extensions.ividi.autoRvrt", "false"); user_pref("extensions.ividi.dfltLng", ""); user_pref("extensions.ividi.dfltSrch", true); user_pref("extensions.ividi.dnsErr", true); user_pref("extensions.ividi.excTlbr", true); user_pref("extensions.ividi.ffxUnstlRst", false); user_pref("extensions.ividi.hmpg", true); user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=e0ef131f0000000000006c626d0981fa&affilt=3"); user_pref("extensions.ividi.hpOld0", "www.google.be"); user_pref("extensions.ividi.id", "e0ef131f0000000000006c626d0981fa"); user_pref("extensions.ividi.instlDay", "16001"); user_pref("extensions.ividi.instlRef", ""); user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q="); user_pref("extensions.ividi.newTab", true); user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3"); user_pref("extensions.ividi.prdct", "ividi"); user_pref("extensions.ividi.prtnrId", "ividi"); user_pref("extensions.ividi.rvrt", "false"); user_pref("extensions.ividi.smplGrp", "none"); user_pref("extensions.ividi.srchPrvdr", "Search "); user_pref("extensions.ividi.tlbrId", "base"); user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q="); user_pref("extensions.ividi.vrsn", "1.8.23.0"); user_pref("extensions.ividi.vrsni", "1.8.23.0"); user_pref("extensions.ividi.vrsnTs", "1.8.23.021:17:38"); ---- Lines ividi removed from user.js ---- user_pref("extensions.ividi.hpOld0", "www.google.be"); user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q="); user_pref("extensions.ividi.id", "e0ef131f0000000000006c626d0981fa"); user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}"); user_pref("extensions.ividi.instlDay", "16001"); user_pref("extensions.ividi.vrsn", "1.8.23.0"); user_pref("extensions.ividi.vrsni", "1.8.23.0"); user_pref("extensions.ividi.vrsnTs", "1.8.23.021:17:38"); user_pref("extensions.ividi.prtnrId", "ividi"); user_pref("extensions.ividi.prdct", "ividi"); user_pref("extensions.ividi.aflt", "3"); user_pref("extensions.ividi.smplGrp", "none"); user_pref("extensions.ividi.tlbrId", "base"); user_pref("extensions.ividi.instlRef", ""); user_pref("extensions.ividi.dfltLng", ""); user_pref("extensions.ividi.excTlbr", true); user_pref("extensions.ividi.ffxUnstlRst", false); user_pref("extensions.ividi.admin", false); user_pref("extensions.ividi.autoRvrt", "false"); user_pref("extensions.ividi.rvrt", "false"); user_pref("extensions.ividi.hmpg", true); user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=e0ef131f0000000000006c626d0981fa&affilt=3"); user_pref("extensions.ividi.dfltSrch", true); user_pref("extensions.ividi.srchPrvdr", "Search "); user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q="); user_pref("extensions.ividi.dnsErr", true); user_pref("extensions.ividi.newTab", true); user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3"); ---- Lines babylon removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); user_pref("extentions.y2layers.installId", "684e8685-774c-49ee-a970-a78648a19fdd"); ---- Lines y2layers removed from user.js ---- user_pref("extentions.y2layers.installId", "684e8685-774c-49ee-a970-a78648a19fdd"); user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); ---- Lines yontoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\ ---- Lines 14323AEE-F6B8-4DC8-BCE3-E62645830585 modified from prefs.js ---- user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\ ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "141e6c24e53e6f1af6907212a5864929"); ---- Lines Downloader.com removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"50e6052d6ad6f@50e6052d6ada8.com\":{\"version\":\"7.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Us ---- Lines Downloader.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\ ---- Lines defaulttab removed from prefs.js ---- user_pref("extensions.defaulttab.active.affiliate", 3509); user_pref("extensions.defaulttab.browserID", "BA8FAAC25948670D2ABE810ADF45E85E"); user_pref("extensions.defaulttab.firstrun", false); user_pref("extensions.defaulttab.installdate", 1345316258); user_pref("extensions.defaulttab.installedVersion", "2.2.41"); user_pref("extensions.defaulttab.PIR7", 1383311144); user_pref("extensions.defaulttab.sethomepage", false); user_pref("extensions.defaulttab.useNewTabWhiteList", false); ---- Lines defaulttab modified from prefs.js ---- user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7Bdisabled%7D:1.0.1,%7BEB9394A3-4AD6-4918 user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\ ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}"); ---- FireFox user.js and prefs.js backups ---- user_20130911_1352_.backup prefs_20130911_1352_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iLivid"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SweetIM"=- "Sweetpacks Communicator"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ==== Deleting Files \ Folders ====================== C:\ProgramData\BrowserProtect not found C:\ProgramData\Browser Manager not found C:\ProgramData\BitGuard not found "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ sweetim.xml" not found C:\Users\Harun Diren\AppData\Roaming\DefaultTab deleted C:\Program Files (x86)\Unitech LLC deleted C:\Program Files (x86)\DealPly deleted C:\ProgramData\Bcool deleted C:\Program Files (x86)\Yontoo deleted C:\ProgramData\Datamngr deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted C:\PROGRA~2\Uniblue\SpeedUpMyPC deleted C:\PROGRA~2\BCool deleted C:\PROGRA~2\Gophoto.it deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iLivid.lnk deleted C:\Users\Harun Diren\AppData\Roaming\Babylon deleted C:\Users\Harun Diren\AppData\Roaming\DealPly deleted C:\Users\Harun Diren\AppData\Roaming\OpenCandy deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted C:\ProgramData\boost_interprocess deleted C:\ProgramData\SweetIM deleted C:\ProgramData\AVG Secure Search deleted C:\ProgramData\WoW Worldwide Software LTD deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Tarma Installer deleted C:\ProgramData\Trymedia deleted C:\Users\Harun Diren\AppData\Local\ilividmoviestoolbarha deleted C:\Users\Harun Diren\AppData\Local\AVG Secure Search deleted C:\Users\Harun Diren\AppData\Local\PutLockerDownloader deleted C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly deleted C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com deleted C:\Windows\Tasks\SpeedUpMyPC.job deleted C:\windows\SysNative\Tasks\DealPly deleted C:\windows\SysNative\Tasks\DealPlyUpdate deleted C:\Users\Harun Diren\Downloads\iLividSetup-r1073-n-bc (1).exe deleted C:\Users\Harun Diren\Downloads\iLividSetup-r1073-n-bc.exe deleted C:\Users\Harun Diren\Downloads\iLividSetup.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine (1).exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine (2).exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_euro-truck-simulator.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_freemake-video-converter.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_gta-san-andreas-pack-of-cars.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_minecraft.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_msn-messenger-8-5.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_scania-truck-driving-simulator.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_videopad-video-editor.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_windows-live-messenger-2011.exe deleted C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe deleted C:\Users\Harun Diren\AppData\LocalLow\AVG Secure Search deleted C:\Users\Harun Diren\AppData\LocalLow\searchquband deleted C:\Users\Harun Diren\AppData\LocalLow\ilividmoviestoolbarha deleted C:\Users\Harun Diren\AppData\LocalLow\Softonic deleted C:\Users\Harun Diren\AppData\LocalLow\DataMngr deleted C:\Windows\tasks\spmonitor.job deleted C:\windows\SysNative\tasks\spmonitor deleted C:\user.js deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Ask.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\askcom.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\bingp.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ividi.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\search-here.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Search_Results.xml deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ftdownloader3@ftdownloader.com.xpi deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\ilividmoviestoolbarha deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\jetpack deleted C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\Ask.xml deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\Ask.xml deleted C:\Users\Harun Diren\Downloads\DownloadSetup.exe deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ffxtlbra@softonic.com deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\plugin@yontoo.com.xpi deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpi deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\addon@defaulttab.com.xpi deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\softonic.xml" deleted "C:\Windows\Installer\82ad2.msi" deleted "C:\Windows\Installer\82ade.msi" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\softonic.xml" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\defaulttab.config" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\sweetim.xml" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\bootstrap.js" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\chrome.manifest" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\install.rdf" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content\bg.js" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content\zy.xul" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\libeay32.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\msvcp100.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\msvcr100.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtCore4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtGui4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtNetwork4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtWebKit4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtXml4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\ssleay32.dll" deleted "C:\ProgramData\Wincert\win32cert.dll" deleted "C:\ProgramData\Wincert\win32prop.dll" deleted "C:\ProgramData\Wincert\win32cert.dll" deleted "C:\ProgramData\Wincert\win32prop.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\libeay32.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\msvcp100.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\msvcr100.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtCore4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtGui4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtNetwork4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtWebKit4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\QtXml4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\ssleay32.dll" deleted "C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll" deleted "C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll" deleted "C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qgif4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qico4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll" deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll" deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr.dll" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgcommon.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgcommunication.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgsimcommon.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgxml_wrapper.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted "C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qgif4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qico4.dll" deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com" deleted "C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content" deleted "C:\Program Files (x86)\SweetIM" not deleted "C:\Users\Harun Diren\AppData\Local\iLivid" deleted "C:\ProgramData\Wincert" not deleted "C:\Program Files (x86)\Movies Toolbar" not deleted "C:\PROGRA~2\Movies Toolbar" not deleted "C:\PROGRA~2\SweetIM" not deleted "C:\ProgramData\Wincert" not deleted "C:\Users\Harun Diren\AppData\Local\iLivid" deleted "C:\Program Files (x86)\SweetIM\Communicator" not deleted "C:\Program Files (x86)\SweetIM\Messenger" not deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats" deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr" not deleted "C:\Program Files (x86)\Movies Toolbar\Datamngr\x64" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64" not deleted "C:\PROGRA~2\SweetIM\Communicator" not deleted "C:\PROGRA~2\SweetIM\Messenger" not deleted "C:\Users\Harun Diren\AppData\Local\iLivid\imageformats" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\HARUND~1\AppData\Local\Temp ==== 2013-11-01 23:30:14 8CE61EB00634D83839479E8964F90E98 8192 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\qi5zv13d.dll 2013-10-28 17:20:23 D44C68E8E4A61B3FA054E8097091FC37 36864 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\owhvrx2l.dll 2013-10-27 16:09:09 C44E49D4539EDACA99B480DC85391192 46592 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\scoped_dir_10364_24516\CRX_INSTALL\background\ChromeUtilPlugin.dll 2013-10-27 16:09:08 627D11DA34173B445C29508B00005A2A 170848 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\scoped_dir_10364_15451\CRX_INSTALL\plugin\TorchPlugin.dll 2013-10-27 16:07:50 8DF8CE011FDA3A63122BE45952119034 29299168 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.0.exe ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-10-27 14:29:59 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-10-27 14:29:58 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-10-27 14:29:58 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-10-27 14:29:58 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-10-27 14:29:58 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-10-27 14:29:58 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-10-27 14:29:57 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-10-18 18:42:55 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys 2013-10-11 10:52:44 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-11 10:52:43 B0435098C81D04CAFFF80DDB746CD3A2 109824 ----a-w- C:\Windows\Sysnative\drivers\USBAUDIO.sys 2013-10-11 10:52:43 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-11 10:52:42 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-11 10:52:42 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-11 10:52:42 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-11 10:52:40 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-11 10:52:38 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-11 10:52:38 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-11 10:51:58 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-07 19:33:55 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-10-23 19:41:28 -------- d-----w- C:\PROGRA~2\Movies Toolbar 2013-10-19 14:34:07 -------- d-----w- C:\PROGRA~2\Bandicam 2013-10-19 14:34:05 -------- d-----w- C:\PROGRA~2\BandiMPEG1 ======= C: ===== ====== C:\Users\Harun Diren\AppData\Roaming ====== 2013-10-28 11:42:02 -------- d-----w- C:\Users\Harun Diren\AppData\Locallow\Unitech LLC 2013-10-27 16:09:03 -------- d-----w- C:\Users\Harun Diren\AppData\Local\FreemakeVideoConverter 2013-10-27 16:07:00 -------- d-----w- C:\Users\Harun Diren\AppData\Local\Programs 2013-10-23 19:45:54 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\TFP 2013-10-23 19:45:43 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch 2013-10-23 19:45:20 -------- d-----w- C:\Users\Harun Diren\AppData\Local\Torch 2013-10-23 19:16:42 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Unitech LLC 2013-10-19 14:34:40 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\BANDISOFT 2013-10-16 06:20:04 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utilities ====== C:\Users\Harun Diren ====== 2013-11-08 21:18:24 F9C2DA158684D535F1DF36F776A6F394 474 ----a-w- C:\Users\Harun Diren\turk.htm 2013-11-08 20:47:51 3D97167F6BCE47CEEB15797F7E3DDEE0 465 ----a-w- C:\Users\Harun Diren\turk 2013-11-07 19:40:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64 (1).exe 2013-11-07 19:33:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64.exe 2013-11-03 15:30:34 882C7A6E2B9E7FF1BB1317C4E11C3C89 2812560 ----a-w- C:\Users\Harun Diren\Downloads\EmailNotifierSetup.exe 2013-10-27 16:05:42 11C3693D97FE89BD773E216C3DB36E7E 1271896 ----a-w- C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup (1).exe 2013-10-27 16:05:29 11C3693D97FE89BD773E216C3DB36E7E 1271896 ----a-w- C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup.exe 2013-10-26 17:46:25 3B770B147655176DC2F3292A9FCFED03 125105248 ----a-w- C:\Users\Harun Diren\Desktop\ets_1_3_setup.exe 2013-10-23 19:46:20 -------- d-----w- C:\ProgramData\TorchCrashHandler 2013-10-23 19:42:09 -------- d-----w- C:\ProgramData\Wincert 2013-10-23 19:20:35 7F9BE4D42FA10CE76EB76CB8B5937864 3774621 ----a-w- C:\Users\Harun Diren\Macklemore - Thrift Shop Ft. Wanz Lyrics On Screen.mp3 2013-10-19 14:34:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2013-10-14 16:06:35 9AA050C947284206DA44D921C129BB39 2043978 ----a-w- C:\Users\Harun Diren\Güne?i Beklerken - Jenerik Müzi?i.mp3 2013-10-10 15:48:21 128893831C6049D41450AF19D6F80A43 27648 --sha-w- C:\Users\Harun Diren\Thumbs.db 2013-10-10 15:47:16 59B9F58E6321C79587161A083260ECF6 172057 ----a-w- C:\Users\Harun Diren\gta_5_cover_art.jpg ====== C: exe-files == 2013-11-07 19:40:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64 (1).exe 2013-11-07 19:33:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Harun Diren.exe 2013-11-07 19:33:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64.exe 2013-11-07 16:19:57 B8223EA49AA972168E6A27A35BEE57DF 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1151305535-1815003741-2611877586-1001\$IMOBWZ0.exe 2013-11-04 20:56:41 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe 2013-11-04 20:56:41 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2013-11-04 20:56:41 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2013-11-03 15:30:34 882C7A6E2B9E7FF1BB1317C4E11C3C89 2812560 ----a-w- C:\Users\Harun Diren\Downloads\EmailNotifierSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "Google Update"="C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Orbitum"="C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe" "Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "Google Update"="C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Orbitum"="C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe" "Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL C:\\PROGRA~2\\MOVIES~1\\Datamngr\\mgrldr.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" ==== Startup Folders ====================== 2010-09-27 16:49:03 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 13:16] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/07/2013 10:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/07/2013 10:34] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core.job --a------ C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [07/12/2012 12:50] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA.job --a------ C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [07/12/2012 12:50] C:\Windows\tasks\HPCeeScheduleForHarun Diren.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 11:53] C:\Windows\tasks\HPCeeScheduleForHARUNDIREN-HP$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core" [C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA" [C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForHarun Diren" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForHARUNDIREN-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\{F5B302B3-E5AD-47CE-8047-0134FD90E847}" ["c:\users\harun diren\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Software\ExpressZipDowngrade" [C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [06/10/2013 14:41] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default - McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor - Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com - Movies Toolbar Dist. by Bandoo Media Inc. - %ProfilePath%\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} - DealPly - %ProfilePath%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} - New tab - %ProfilePath%\extensions\{FF07E6D9-20FD-E899-07B5-8F5F433C1398} - GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default 884705AD43780C86782935D5B1F1E4DE - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator E85BC9AF3B4481B875F5A9BD73E8732F - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer 683B6A2376FA62A797A9DC83807CACA8 - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Harun Diren\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update 53F61B66DF9CD57458873E6872B0DC63 - C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater 09B4E13D25623D879D35286E2D29FF13 - C:\Users\Harun Diren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Deleted Firefox Extensions ====================== C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\gophoto@gophoto.it.xpi deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{FF07E6D9-20FD-E899-07B5-8F5F433C1398} deleted C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Harun Diren\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[] bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[02/10/2013 13:05] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] gjokjdicpfckeiihaniimbbmhadclefc - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx[] ijblflkdjdopkpdgllkmlbgcffjbnfda - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] kpdhgpkkloealnjnmepfhanpcleldbef - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividi.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[] ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] Movies Toolbar - Harun Diren - Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob Docs - Harun Diren - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Harun Diren - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Harun Diren - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Harun Diren - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Clash Of Clans - Harun Diren - Default\Extensions\ejdmfekjjhpicdciaponofjignbfmemp SiteAdvisor - Harun Diren - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho DealPly - Harun Diren - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje iVIDI.org plugin - Harun Diren - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol iVidi Chrome Toolbar - Harun Diren - Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef Google Wallet - Harun Diren - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Battlefield Play4Free - Harun Diren - Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh GoPhoto.it - Harun Diren - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Gmail - Harun Diren - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Page_URL"="http://www.v9.com/?utm_source=b&utm_medium=muh&from=muh&uid=HitachiXHDS721010CLA332_JP2940HD1DGLKC1DGLKCX&ts=1356716795" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{FE7653D4-176D-4856-B40A-8465D1008D6A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE7653D4-176D-4856-B40A-8465D1008D6A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {33455C9E-EBD7-4564-A38D-75C426404733} Bing Url="http://www.bing.com/search?q={searchTerms}&r=" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {EC31BC8A-BDEE-4A5A-8BC6-8774922B70EB} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{659F1693-AE20-4E73-AC98-E602BE7C3465} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F20E23E1-8C39-E899-89BE-84FF07C9DCAC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gjokjdicpfckeiihaniimbbmhadclefc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Harun Diren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Harun Diren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Harun Diren\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Harun Diren\AppData\Local\Mozilla\Firefox\Profiles\0q3da8ix.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\HARUND~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\SweetIM" not found "C:\ProgramData\Wincert" not found "C:\Program Files (x86)\Movies Toolbar" not found "C:\PROGRA~2\Movies Toolbar" not found "C:\PROGRA~2\SweetIM" not found "C:\ProgramData\Wincert" not found ==== EOF on za 09/11/2013 at 14:01:12,71 ======================

Hieronder het logje.. Sinds paar dagen krijg ik ook zo'n blauwe scherm, dat er een fout is gebeurd en de pc sluit dan van zichzelf af.. Logfile of random's system information tool 1.09 (written by random/random) Run by Harun Diren at 2013-11-07 20:41:09 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 850 GB (91%) free of 939 GB Total RAM: 5047 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:41:15, on 7/11/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Harun Diren.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Bcool - {BAA14B77-F934-B451-C873-B8F82CB4CD9E} - C:\ProgramData\Bcool\50e6052d6af02.dll (file missing) O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Orbitum] C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [iLivid] "C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19963 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork taskeng.exe {627077D1-D795-4975-BB33-16E2DF7BF776} "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" "C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" "C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 460 C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Program Files\McAfee\MSC\McAPExe.exe" "C:\Windows\system32\mfevtps.exe" "taskhost.exe" taskeng.exe {6CB703FC-8CE3-451D-9D48-887B74DE69A5} "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc "C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe" "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\EscSvc64.exe "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" WLIDSvcM.exe 2156 "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3028 C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e7d0e25-30bc-4c83-a973-c1a68a0fa3db -SystemEventPortName:HostProcess-18ca476d-506a-4575-9896-787664f75c6f -IoCancelEventPortName:HostProcess-c8c3a792-40fd-42c9-924c-34191a7e4a14 -NonStateChangingEventPortName:HostProcess-2caebdfb-0acf-421c-8226-abe706be5a3c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b23a6ea7-50d3-4788-af16-54f8808c55b5 -DeviceGroupId:WpdFsGroup C:\Windows\System32\WerFault.exe -k -q "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" -autorun "C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe" -det C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" "C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe" "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Citrix\Receiver\Receiver.exe" -autoupdate -startplugins "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1151305535-1815003741-2611877586-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1151305535-1815003741-2611877586-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2924.1.1311674664\1716709060" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2924.2.714098708\1267578351" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll" --lang=nl --channel="2924.4.869956972\855965925" /prefetch:-390060480 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\McAfee\MAT\McPvTray.exe" "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --channel="2924.6.617387932\232480602" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2924.7.2249051\97193291" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Users\Harun Diren\Downloads\RSITx64 (1).exe" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 wmiadap.exe /F /T /R ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA.job C:\Windows\tasks\HPCeeScheduleForHarun Diren.job C:\Windows\tasks\HPCeeScheduleForHARUNDIREN-HP$.job C:\Windows\tasks\SpeedUpMyPC.job C:\Windows\tasks\spmonitor.job =========Mozilla firefox========= ProfilePath - C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1073&v=r9854-144&t=4" prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1073&systemid=406&v=r9854-144&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8290173442644181&o=APN10645&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican] "Description"=Citrix ICA Client Plugin "Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin] "Description"= "Path"=C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\searchplugins\ Ask.xml avg-secure-search.xml Search_Results.xml C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ 50e6052d6ad6f@50e6052d6ada8.com battlefieldplay4free@ea.com ffxtlbra@softonic.com {3d86a75b-cb6b-4764-885d-ca6336f04ba2} {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} {FF07E6D9-20FD-E899-07B5-8F5F433C1398} C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ Ask.xml askcom.xml bingp.xml ividi.xml search-here.xml Search_Results.xml softonic.xml sweetim.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-10-02 299336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] DefaultTab Browser Helper - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-10-31 462968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}] ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] DealPly - C:\Program Files (x86)\DealPly\DealPlyIE.dll [2013-01-15 100048] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E}] Bcool - C:\ProgramData\Bcool\50e6052d6af02.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-10-02 299336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-18 568888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1712184] "Google Update"=C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-07 116648] "Orbitum"=C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe [] "Smart Driver Updater"=C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992] "iLivid"=C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe [2013-09-08 6827008] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-14 563736] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696] "HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-04-25 61112] "SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032] "Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 537512] "mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 537512] "CitrixReceiver"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk [] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2012-07-27 380088] "EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Snapfish PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-09-27 52920] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "aux2"=wdmaud.drv "aux3"=wdmaud.drv "vidc.mjpg"=bdmjpeg64.dll "vidc.mpeg"=bdmpegv64.dll "msacm.bdmpeg"=bdmpega64.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-11-07 20:33:55 ----D---- C:\rsit 2013-11-07 20:33:55 ----D---- C:\Program Files\trend micro 2013-10-27 17:08:17 ----D---- C:\ProgramData\Freemake 2013-10-27 17:07:55 ----D---- C:\Program Files (x86)\Freemake 2013-10-27 15:29:59 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-27 15:29:57 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-10-26 18:48:31 ----D---- C:\ProgramData\Trymedia 2013-10-23 21:28:03 ----D---- C:\ProgramData\BrowserProtect 2013-10-23 21:28:02 ----D---- C:\ProgramData\Browser Manager 2013-10-23 21:28:02 ----D---- C:\ProgramData\BitGuard 2013-10-23 20:46:20 ----D---- C:\ProgramData\TorchCrashHandler 2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\VB6STKIT.DLL 2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\VB6FR.DLL 2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\MSCMCFR.DLL 2013-10-23 20:45:54 ----D---- C:\Users\Harun Diren\AppData\Roaming\TFP 2013-10-23 20:45:54 ----A---- C:\Windows\SYSWOW64\CMDLGFR.DLL 2013-10-23 20:42:09 ----D---- C:\ProgramData\Wincert 2013-10-23 20:41:28 ----D---- C:\Program Files (x86)\Movies Toolbar 2013-10-23 20:41:23 ----D---- C:\ProgramData\Datamngr 2013-10-23 20:17:09 ----D---- C:\Program Files (x86)\Unitech LLC 2013-10-23 20:16:42 ----D---- C:\Users\Harun Diren\AppData\Roaming\Unitech LLC 2013-10-19 15:34:40 ----D---- C:\Users\Harun Diren\AppData\Roaming\BANDISOFT 2013-10-19 15:34:07 ----D---- C:\Program Files (x86)\Bandicam 2013-10-19 15:34:05 ----D---- C:\Program Files (x86)\BandiMPEG1 2013-10-19 14:13:16 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-10-18 19:42:55 ----A---- C:\Windows\system32\drivers\HipShieldK.sys 2013-10-12 02:13:17 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-12 02:13:16 ----A---- C:\Windows\system32\ieui.dll 2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-12 02:13:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-12 02:13:15 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-12 02:13:15 ----A---- C:\Windows\system32\iesetup.dll 2013-10-12 02:13:15 ----A---- C:\Windows\system32\iernonce.dll 2013-10-12 02:13:15 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-12 02:13:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-12 02:13:14 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-12 02:13:14 ----A---- C:\Windows\system32\iertutil.dll 2013-10-12 02:13:13 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-12 02:13:13 ----A---- C:\Windows\system32\jscript9.dll 2013-10-12 02:13:13 ----A---- C:\Windows\system32\jscript.dll 2013-10-12 02:13:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-12 02:13:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-12 02:13:12 ----A---- C:\Windows\system32\urlmon.dll 2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-12 02:13:10 ----A---- C:\Windows\system32\wininet.dll 2013-10-12 02:13:10 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-12 02:13:08 ----A---- C:\Windows\system32\ieframe.dll 2013-10-12 02:13:07 ----A---- C:\Windows\system32\mshtml.dll 2013-10-12 02:13:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-11 11:52:49 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-11 11:52:49 ----A---- C:\Windows\system32\comctl32.dll 2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-11 11:52:46 ----A---- C:\Windows\system32\lpk.dll 2013-10-11 11:52:46 ----A---- C:\Windows\system32\fontsub.dll 2013-10-11 11:52:46 ----A---- C:\Windows\system32\dciman32.dll 2013-10-11 11:52:46 ----A---- C:\Windows\system32\atmfd.dll 2013-10-11 11:52:45 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-11 11:52:45 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-11 11:52:45 ----A---- C:\Windows\system32\atmlib.dll 2013-10-11 11:52:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-11 11:52:43 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-11 11:52:43 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-11 11:52:40 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-11 11:52:40 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-11 11:52:40 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-11 11:52:40 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-11 11:52:40 ----A---- C:\Windows\system32\davclnt.dll 2013-10-11 11:52:38 ----A---- C:\Windows\system32\mswsock.dll 2013-10-11 11:52:38 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-11 11:52:38 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-11 11:52:37 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-11 11:52:36 ----A---- C:\Windows\system32\win32k.sys 2013-10-11 11:52:31 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-11 11:52:30 ----A---- C:\Windows\system32\advapi32.dll 2013-10-11 11:52:29 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-11 11:52:29 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-11 11:52:29 ----A---- C:\Windows\system32\tdh.dll 2013-10-11 11:52:28 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-11 11:52:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-11 11:52:28 ----A---- C:\Windows\system32\ntdll.dll 2013-10-11 11:52:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-11 11:52:26 ----A---- C:\Windows\system32\wow64.dll 2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-11 11:52:11 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 11:52:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 11:52:03 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-11 11:51:58 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys ======List of files/folders modified in the last 1 month====== 2013-11-07 20:41:09 ----D---- C:\Windows\Temp 2013-11-07 20:37:09 ----A---- C:\Windows\SYSWOW64\log.txt 2013-11-07 20:37:01 ----D---- C:\Windows\Minidump 2013-11-07 20:33:55 ----RD---- C:\Program Files 2013-11-07 20:33:03 ----D---- C:\Windows\System32 2013-11-07 20:33:03 ----D---- C:\Windows\inf 2013-11-07 20:33:03 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-07 18:03:32 ----D---- C:\Users\Harun Diren\AppData\Roaming\Skype 2013-11-07 17:51:10 ----D---- C:\Windows\system32\config 2013-11-07 17:26:33 ----D---- C:\Program Files (x86)\DealPly 2013-11-07 17:22:29 ----D---- C:\Program Files (x86)\eFusion 2013-11-07 16:48:29 ----D---- C:\Windows\Prefetch 2013-11-07 16:45:24 ----A---- C:\DUMP2dd3.tmp 2013-11-07 16:03:20 ----D---- C:\Windows\system32\FxsTmp 2013-11-06 22:45:41 ----D---- C:\Windows\system32\catroot2 2013-11-06 22:05:29 ----RD---- C:\Program Files (x86) 2013-11-06 22:02:44 ----D---- C:\Windows\system32\NDF 2013-11-06 16:00:43 ----D---- C:\Program Files (x86)\McAfee 2013-11-04 22:07:20 ----D---- C:\Windows\Tasks 2013-11-04 22:07:20 ----D---- C:\Windows\system32\Tasks 2013-11-04 22:06:46 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-04 22:06:11 ----D---- C:\Users\Harun Diren\AppData\Roaming\HpUpdate 2013-11-04 22:06:11 ----D---- C:\Users\Harun Diren\AppData\Roaming\HP Support Assistant 2013-11-03 21:17:29 ----D---- C:\Windows\LiveKernelReports 2013-11-03 19:41:08 ----SHD---- C:\System Volume Information 2013-11-02 00:17:46 ----D---- C:\ProgramData\PDFC 2013-10-28 03:21:44 ----D---- C:\Windows\winsxs 2013-10-28 03:16:26 ----D---- C:\Windows\system32\DriverStore 2013-10-28 03:16:26 ----D---- C:\Windows\system32\drivers 2013-10-27 17:08:17 ----HD---- C:\ProgramData 2013-10-27 15:29:22 ----D---- C:\Windows\system32\catroot 2013-10-26 19:21:02 ----D---- C:\ProgramData\Bcool 2013-10-25 16:08:39 ----SHD---- C:\Windows\Installer 2013-10-25 16:08:39 ----D---- C:\Users\Harun Diren\AppData\Roaming\Mozilla 2013-10-23 20:45:55 ----AD---- C:\Windows\SysWOW64 2013-10-19 16:31:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-18 19:37:24 ----D---- C:\Program Files\Common Files\McAfee 2013-10-17 15:48:56 ----SD---- C:\Users\Harun Diren\AppData\Roaming\Microsoft 2013-10-16 07:20:03 ----D---- C:\ProgramData\NCH Software 2013-10-16 07:20:03 ----D---- C:\Program Files (x86)\NCH Software 2013-10-13 11:52:03 ----D---- C:\ProgramData\Skype 2013-10-13 11:52:02 ----RD---- C:\Program Files (x86)\Skype 2013-10-12 02:58:57 ----D---- C:\Windows\rescache 2013-10-12 02:43:41 ----D---- C:\Windows\Microsoft.NET 2013-10-12 02:43:14 ----RSD---- C:\Windows\assembly 2013-10-12 02:32:46 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-12 02:32:45 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-12 02:31:06 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-12 02:30:59 ----D---- C:\Program Files\Internet Explorer 2013-10-12 02:30:54 ----D---- C:\Windows\AppPatch 2013-10-12 02:14:52 ----D---- C:\ProgramData\Microsoft Help 2013-10-12 02:10:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-12 02:01:36 ----D---- C:\Windows\system32\nl-NL 2013-10-09 13:16:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696] R0 McPvDrv;McPvDrv Driver; C:\Windows\system32\drivers\McPvDrv.sys [2013-09-09 74560] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-09-24 781312] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-09-24 343568] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2012-04-25 93272] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-09-24 70112] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-08 2394216] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-09-24 179664] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-09-24 310224] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-09-24 519192] R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2013-09-20 390552] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-01-28 86120] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880] R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704] S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech Webcam C210(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2013-09-20 95984] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-10-23 3424768] R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-10-29 107520] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648] R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-11 135824] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2013-09-24 178048] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-09-20 1017016] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-09-24 219272] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-09-24 182752] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-05-22 159336] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416] R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-10-07 1213280] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-10-08 2365792] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 116648] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 602944] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-19 118680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-09-26 4521720] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-01 1255736] S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------

Beste De laatste tijd werkt onze vaste computer (Windows 7) erg traag; lijkt op een computer van 8 jaar oud nu, terwijl het nog niet zou oud is.. We krijgen ook continu foutmeldingen als de pc opgestart is, en we op het bureaublad zitten.. Ik denk dat er een hoop virussen en vanalles op zit :/ We hebben een anti-virusprogramma McAfee Total Protection..

Jaaa, is eindelijk gelukt! %systemroot%\system32\rstrui.exe gedaan in veilige modus opdrachtpr. ! Thx!!!

Net de eerste optie nog eens geprobeerd, systeemherstel (zonder veilige modus).. de laptop is nu al een kwartier aan het proberen afsluiten.. Hoort dat bij het systeemherstel? Of zit het gewoon 'vast'?

Beide opties geprobeerd.. In het gewone bureaublad kan ik niet kiezen voor startmenu, alles loopt vast.. Bij de andere optie gestart in veilige modus, en dan het commando %systemroot%\system32\restore\rstrui.exe ingevoederd, maar dan krijg ik de melding: wordt niet herkend als een interne of externe opdracht, programma of hatchbestand.. :/

Beste Gisteren deed ik een recovery op mijn laptop. Mijn anti-virus is AVG.. Sinds vandaag merk ik dat mijn laptop niet werkt, ik kan wel opstarten (inloggen), maar vanaf ik op mijn bureaublad kom, kan ik niets doen. Ik kan geen enkel programma openen, en in plaats van mijn muisaanwijzer zie ik continue dat 'blauw draaiend cirkeltje', dus een teken dat de laptop niet gereed is. Ik kan ook niet afsluiten, en doe ik dit dus via de afsluitknop op het toetsenbord. In veilige modus werkt de laptop prima. Maar hier kan ik dan niets doen, natuurlijk.. Zou dit iets te maken hebben met de recovery van gisteren? Groeten

Oei, ik dacht dat dat misschien bij de meeste laptops het geval was.. Merci!

Hallo Sinds een halfjaar een nieuwe laptop gekocht van Sony Vaio.. De laatste tijd merk ik op dat, als ik mijn laptop afsluit, de laptop een zacht piepend geluid geeft.. Vanaf dat de scherm dus zwart wordt, en uitvalt, hoor ik ook dat geluid.. Het klinkt niet echt luid of piepend, ik weet niet direct hoe ik ze moet beschrijven.. Het geluid komt langs de rechterbovenkant van de laptop.. Ongeveer in de buurt van de afsluitknop en dergelijke, denk ik.. Zou ik mij zorgen moeten maken? Want heb niet echt veel geluk met laptops, en hou deze keer ook mijn hart vast. Alvast bedankt!xD

Heel erg bedankt!!! het werkt echt supersnel!! Superblij! Welke programma's, die ik hier moest downloaden, mag ik nu op de pc laten staan? Is het dan de bedoeling dat ik dan af en toe zo'n scan doe met die programma's? Het ging over deze programma's: HijackThis - Malwarebytes-antimalware - AdwCleaner - zoekexe

Hallo! Hieronder het logje van 'zoek.exe' Zoek.exe Version 4.0.0.4 Updated 31-07-2013 Tool run by Gebruiker on ma 05/08/2013 at 1:02:03,95. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 5/08/2013 1:06:19 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3050199241-2994657147-2218080020-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) - Nederlands Agatha Christie - Death on the Nile Aloha TriPeaks Apple Application Support Apple Mobile Device Support Apple Software Update AVS Video Converter 8 AVS Video Editor 6 Bejeweled 3 Bonjour Build-a-lot: On Vacation Chronicles of Albian Chuzzle Deluxe Cradle Of Egypt Collector's Edition CyberLink Power2Go 8 CyberLink PowerDVD D3DX10 FATE FDUx86 Gadwin PrintScreen Google Chrome Google Earth Plug-in Google Update Helper Heroes of Hellas 3: Athens Intel AppUp(SM) center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client iTunes Java Auto Updater Java 7 Update 5 Java 7 Update 5 (64-bit) Junk Mail filter update KUx86 Luxor HD Mahjongg Artifacts Malwarebytes Anti-Malware versie 1.75.0.1300 ManyCam 3.1.43 McAfee Parental Controls McAfee Total Protection Microsoft Application Error Reporting Microsoft Office Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Outlook Hotmail Connector 64-bits Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 More Games - WildTangent Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Mystery of Mortlake Mansion Mystery P.I. - The London Caper Photo Common Photo Editor 1.1 Photo Gallery Photo Makeup Editor 1.85 Plants vs. Zombies - Game of the Year PlayMemories Home Pokki Polar Bowler Qualcomm Atheros Bluetooth Suite (64) Realtek High Definition Audio Driver Realtek PCIE Card Reader Restore Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shared C Run-time for x64 SkypeT 6.3 SSLx64 SSLx86 Synaptics Pointing Device Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update Installer for WildTangent Games App VAIO - Xperia Link VAIO Care VAIO Control Center VAIO CPU Fan Diagnostic VAIO Data Restore Tool VAIO Easy Connect VAIO Gate VAIO Gate Default VAIO Gesture Control VAIO Image Optimizer VAIO Improvement VAIO Manual VAIO Media Server Settings VAIO Movie Creator Template Data VAIO Transfer Support VAIO Update VCCx64 VCCx86 VGClientX64 VHD Virtual Villagers 4 - The Tree of Life VIx64 VIx86 VMLx86 VPMx64 VSSTx64 VSSTx86 VU5x64 VU5x86 VUx64 VUx86 VWSTx86 Web Cake 3.00 WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources XperiaLinkx86 ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== "C:\extensions.sqlite" deleted "C:\Users\Gebruiker\Downloads\SoftonicDownloader_for_photo-editor.exe" deleted "C:\Users\Gebruiker\Downloads\SoftonicDownloader_for_photo-makeup-editor.exe" deleted "C:\windows\SysNative\Tasks\EPUpdater" deleted "C:\Program Files (x86)\Delta" deleted "C:\Users\Gebruiker\AppData\Roaming\Web Cake" deleted "C:\Users\Gebruiker\AppData\Roaming\Delta" deleted "C:\ProgramData\Babylon" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-07-18 23:13:30 0E8E6463F81C80AFBED533E0F1F8895D 2391280 ----a-w- C:\Windows\explorer.exe ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2013-08-02 22:45:21 3E291A4F68522F562F63D0AF77AD627C 875072 ----a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-08-03 23:10:35 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-07-18 23:13:35 78A5BBA3819FFFC62FFEC3E2220D102D 327936 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2013-07-18 23:13:35 4834158B8D06A153FADAB6B85320FBBE 213248 ----a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS 2013-07-18 23:13:35 1ADCF0A490C2845637B334626669CD6F 337152 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2013-07-18 23:13:34 98636FB2973B8876A7F0BECD076CF109 194816 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2013-07-18 23:13:34 68BA2C4F1AA81E7165F7A02A9C063F65 125184 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2013-07-18 23:13:33 0D05E0147C1329C53AAF97882DEDD96A 2233600 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-07-18 23:13:24 6695200F455E251F0BCC9CE4D0978D59 37632 ----a-w- C:\Windows\Sysnative\drivers\BthAvrcpTg.sys 2013-07-18 23:08:50 A10E176F3B2BF83EDE7B5C4658C93B66 997632 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== ======= C: ===== 2013-08-03 21:00:46 AEC17D93A91A550875860ECB87DC1AFD 9341 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\Gebruiker\AppData\Roaming ====== 2013-08-03 23:10:13 -------- d-----w- C:\users\Gebruiker\AppData\Local\Programs 2013-08-02 21:12:40 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\users\Gebruiker\AppData\Local\resmon.resmoncfg ====== C:\Users\Gebruiker ====== 2013-08-03 23:29:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2013-08-03 23:02:53 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-03 20:59:03 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner (1).exe 2013-08-03 20:58:10 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner.exe 2013-08-02 22:43:49 3E291A4F68522F562F63D0AF77AD627C 875072 ----a-w- C:\Users\Gebruiker\Downloads\FLVPlayerSetup.exe 2013-08-02 22:07:33 99FF410D3B6E8C7194EA8E001BBAE131 28659040 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2013_nl-NL.exe 2013-08-02 21:07:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2013_nl-NL(1).exe ====== C: exe-files == 2013-08-04 23:03:23 F7A082F9BD2B154EC564C23A5B0CABDF 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$ICSN0DU.exe 2013-08-04 23:03:22 EF5689A7B7525A9DA8C211624069BE95 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$IZ6MI5Z.exe 2013-08-04 23:03:22 4532A68B2FC6EF32807928C1EB708800 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$IJVDPSS.exe 2013-08-04 23:03:22 0A1A886B84CF4F1DC07F3D7696285492 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$IZJQNUB.exe 2013-08-04 23:02:58 D19C6908D1CF987B525E9FF1BB8FD705 1275938 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$RZJQNUB.exe 2013-08-04 23:02:39 D19C6908D1CF987B525E9FF1BB8FD705 1275938 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$RCSN0DU.exe 2013-08-04 23:00:51 D19C6908D1CF987B525E9FF1BB8FD705 1275938 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$RJVDPSS.exe 2013-08-04 23:00:48 D19C6908D1CF987B525E9FF1BB8FD705 1275938 ----a-w- C:\$Recycle.Bin\S-1-5-21-3050199241-2994657147-2218080020-1001\$RZ6MI5Z.exe 2013-08-04 02:23:12 E98C231C9FAFD715FEAA174C8632DD96 833616 ----a-w- C:\Windows\Temp\0084611375582992mcinst.exe 2013-08-03 23:27:59 9B08AED7CC7F96ED6CF7D933D143FC27 21708328 ----a-w- C:\Program Files (x86)\Google\Update\Install\{83D8C494-05C1-4B35-B436-C3D9F217AAEF}\GoogleEarth-Win-Plugin-7.1.1.1888.exe 2013-08-03 23:27:58 9B08AED7CC7F96ED6CF7D933D143FC27 21708328 ----a-w- C:\Program Files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\7.1.1.1888\GoogleEarth-Win-Plugin-7.1.1.1888.exe 2013-08-03 23:06:08 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\is266438442\472408_Setup.EXE 2013-08-03 23:02:53 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-03 20:59:03 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner (1).exe 2013-08-03 20:58:10 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner.exe 2013-08-02 22:45:21 3E291A4F68522F562F63D0AF77AD627C 875072 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe 2013-08-02 22:43:49 3E291A4F68522F562F63D0AF77AD627C 875072 ----a-w- C:\Users\Gebruiker\Downloads\FLVPlayerSetup.exe 2013-08-02 22:07:33 99FF410D3B6E8C7194EA8E001BBAE131 28659040 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2013_nl-NL.exe 2013-08-02 21:07:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2013_nl-NL(1).exe 2013-08-02 18:27:02 31196287A199231A4636D217C963206D 208384 ----a-w- C:\Windows\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe 2013-08-02 18:27:02 06FD4C483AA63120680A7A7EB9A14200 1207296 ----a-w- C:\Windows\Temp\._msigeplugin61\GoogleEarth.exe 2013-07-31 21:26:44 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe 2013-07-31 11:33:37 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\7D173BD7-BAB0-7891-B181-A44458DE4B72\Latest\GUninstaller.exe === C: other files == 2013-08-03 23:10:35 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\Drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3050199241-2994657147-2218080020-1001\Software\Microsoft\Windows\CurrentVersion\Run] "ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband" [HKEY_USERS\S-1-5-21-3050199241-2994657147-2218080020-1001\Software\Microsoft\Windows\CurrentVersion\Runonce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO " "BtPreLoad"="C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Startup Folders ====================== 2012-09-26 09:27:52 1887 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/06/2013 23:18] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/05/2013 18:16] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- [undetermined Task] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Gebruiker\AppData\Roaming\BabSolution\CR\Delta.crx[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[22/05/2013 10:24] Google Docs - Gebruiker - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Gebruiker - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Gmail - Gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {24C5AFEA-C44A-461D-8E15-B03F087AED27} eBay Url="http://rover.ebay.com/rover/1/1553-42507-16445-59/4?mpre=http://shop.benl.ebay.be/?oemInLn=ieSrch-Q312&_nkw={searchTerms}" {423A2B3D-A7A1-4FFC-98C9-1803D27FCD2E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 05/08/2013 at 1:17:49,40 ======================

Amai, bedankt! Dat programma heeft hier een hoop infecties ontdekt, ongelooflijk.. Hieronder logje van Malwarebytes: Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.08.03.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16635 Gebruiker :: VAIO [administrator] 4/08/2013 1:20:49 mbam-log-2013-08-04 (01-20-49).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 223670 Verstreken tijd: 13 minuut/minuten, 18 seconde(n) Geheugenprocessen gedetecteerd: 2 C:\Users\Gebruiker\AppData\Roaming\Web Cake\WebCakeDesktop.exe (PUP.WebCake.A) -> 5696 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.exe (PUP.Optional.WebCake.A) -> 7892 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 1 C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 31 HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Layers.1 (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Layers (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltaHlpr (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\WebCakeUpdater (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Api (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\d (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WebCake Desktop (PUP.WebCake.A) -> Data: "C:\Users\Gebruiker\AppData\Roaming\Web Cake\WebCakeDesktop.exe" -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Slecht: (Delta Search) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 12 C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake (PUP.Optional.WebCake.A) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Gebruiker\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\bh (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 53 C:\Users\Gebruiker\AppData\Roaming\Web Cake\WebCakeDesktop.exe (PUP.WebCake.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\Web Cake\WebCakeIEClient.dll (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Desktop\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\7D173BD7-BAB0-7891-B181-A44458DE4B72\Latest\ccp.exe (PUP.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\7D173BD7-BAB0-7891-B181-A44458DE4B72\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\7D173BD7-BAB0-7891-B181-A44458DE4B72\Latest\Setup.exe (PUP.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\is266438442\DeltaTB.exe (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\is266438442\Setup-D502DD2B71B5.exe (PUP.Optional.Yontoo) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\SoftonicDownloader_voor_free-video-dub(1).exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\SoftonicDownloader_voor_free-video-dub.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\SoftonicDownloader_voor_microsoft-word.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\SFHVNIUR\pack[1].7z (PUP.Optional.BrowserDefender.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\SFHVNIUR\WebCakesetup[1].exe (PUP.Optional.Yontoo) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\c92f2.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\c92f6.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\c92fa.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\c92fe.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.InstallState (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake\OptChrome.exe (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake\optimizer.exe (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake\sqlite3.exe (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.exe (PUP.Optional.WebCake.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\Web Cake\WebCakeLayers.crx (PUP.Optional.WebCake.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\GUninstaller.exe (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Heel erg bedankt voor de snelle hulp! Bij de opdrachtprompt werd deze geweigerd: Tik in: sc delete Mfevtp. De rest is gelukt . Met Hijackthis heb ik alle items verwijderd, behalve de eerste heb ik niet teruggevonden, namelijk: R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hieronder inhoud logfile van AdwCleaner en Hijacthis (apart) AdwCleaner: # AdwCleaner v2.306 - Verslag gemaakt op 03/08/2013 om 23:00:46 # Geactualiseerd op 19/07/2013 door Xplode # Besturingssysteem : Windows 8 (64 bits) # Gebruiker : Gebruiker - VAIO # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Gebruiker\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\Users\Gebruiker\Desktop\Search The Web.url File Verwijderd : C:\Users\Gebruiker\Desktop\sweetpcfix.url Map Verwijderd : C:\Program Files (x86)\SweetIM Map Verwijderd : C:\Program Files (x86)\Yontoo Map Verwijderd : C:\ProgramData\APN Map Verwijderd : C:\ProgramData\SweetIM Map Verwijderd : C:\ProgramData\Tarma Installer Map Verwijderd : C:\Users\GEBRUI~1\AppData\Local\Temp\APN Map Verwijderd : C:\Users\Gebruiker\AppData\Local\PackageAware Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\DefaultTab Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\OpenCandy Map Verwijderd : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Map Verwijderd : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\DefaultTab Sleutel Verwijderd : HKCU\Software\Default Tab Sleutel Verwijderd : HKCU\Software\DefaultTab Sleutel Verwijderd : HKCU\Software\InstallCore Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijderd : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Sleutel Verwijderd : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Sleutel Verwijderd : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sim-packages Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\Default Tab Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\Software\PIP Sleutel Verwijderd : HKLM\Software\systweak Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v22.0 (nl) File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ij59eyro.default-1371276665540\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v28.0.1500.95 File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [9226 octets] - [03/08/2013 23:00:46] ########## EOF - C:\AdwCleaner[s1].txt - [9286 octets] ########## Logfile Hijacthis: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 23:14:08, on 3/08/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) FIREFOX: 22.0 (nl) Boot mode: Normal Running processes: C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Users\Gebruiker\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Application Statistics Service (MfeASUM) - McAfee, Inc. - C:\Program Files\McAfee\AppStats\MfeASUM.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 14655 bytes

Beste Sinds 6 maanden heb ik een nieuwe laptop.. Deze werkt echter de laatste tijd enorm traag! Vooral als ik internet open. Ik heb een anti-virusprogramma van McAfee.. Ik heb op het internet gelezen dat een onderdeel daarvan, namelijk mcshield.exe de laptop ook kan vertragen.. Ik heb net een logje gemaakt via Hijackthis.. Kunt u me helpen, aub? Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 23:54:30, on 2/08/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) FIREFOX: 22.0 (nl) Boot mode: Normal Running processes: C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Gebruiker\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gebruiker\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Ask Toolbar BHO - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Gebruiker\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing) O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Gebruiker\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Application Statistics Service (MfeASUM) - McAfee, Inc. - C:\Program Files\McAfee\AppStats\MfeASUM.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 16751 bytes lieve groeten Esra

Kent er iemand een gratis kruiswoordraadsel programma? Ik moet namelijk voor mijn werk heel wat oefeningen opstellen, maar via HotPotatoes lukt dat niet meer. Bestaan er gratis programma's of internetpagina's waarin je redelijk uitgebreide oefeningen kunt opstellen?

Het is een Windows 7.. Maar ik zou begod niet weten hoe ik dat systeemherstel moet doen.. :'(

Beste Mijn broertje heeft wat zitten prutsen op de computer en nu kunnen we helaas de programma's op het bureaublad niet meer openen met het gewenste programma. Dus alle bestanden worden bv geopend met internet explorer en media player. Enekl deze opties kun je kiezen. Ook alle programma's in het startmenu worden ook niet geopend met het juiste programma. Ik heb zelf wat geprobeerd om dit te herstellen, maar het lukt met niet..

Thanks!

Mag ik CCleaner ook gewoon behouden op mijn laptop, naast mijn anti-virusprogramma?

Moet ik de programma's HiJackThis en Malwarebytes verwijderen, nu die virussen weg zijn? Of mogen ze gewoon blijven staan? (Ik heb McAfee staan, misschien dat de programma's elkaar kunnen tegenwerken, dacht ik..) Nogmaals dank voor alle hulp!

Ooh, super!! Dankuwel!! Ik sukkel nog steeds met die 'administrator-toestanden'.. Ik meld me altijd aan als Gebruiker, wat de enige optie is op mijn laptop (zo ingesteld). Bij mijn gebruikersaccount staat er tussen haakjes altijd administrator bij.. vandaar kan ik bij het openen van bestanden niet kiezen voor 'uitvoeren als administrator'.. Ik weet eigenlijk niet zeker of ik als administrator werk..

Beste Ik heb die items proberen wissen via Fix checked, deze worden verwijderd, maar als ik dan HiJackThis heropstart om te zien of deze items er nog tussenstaan, merk ik dat ze niet verwijderd zijn.. Is er een andere oplossing om die te verwijderen? Ondertussen krijg ik niet meer die melding van 'Federal Computer Crime Unit'.. Zou deze virus weg zijn, ondertussen? Hartelijke groeten

Hallo Hier nogmaals een log van HiJackThis Sommige van die linken die ik moest verwijderen, staan er niet meer tussen. Ik hoop dat het deze keer is gelukt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:28:28, on 13/07/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\Greenshot\Greenshot.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Superfiles Start R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Superfiles Start R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Superfiles Start R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: The blinkx Toolbar - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files (x86)\blinkx Remote Toolbar\the_blinkx_bho.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624191018.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Greenshot] C:\Program Files (x86)\Greenshot\Greenshot.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15457 bytes

Beste als ik Hijackthis wil openen als administrator, en dus op de rechtermuisknop klik, zie ik die optie niet.. Ben ik dan niet aangemeld als administrator, ofzo?