whoopy1970

Hallo Voorlopig geen plotse geluiden meer. Ik vermoed dat de pc terug 'clean' is. Alvast enorm bedankt voor je aanhoudende hulp. groeten Whoopy

Hallo Het probleem van automatisch opstartende explorer lijkt voorbij. Bijgaand toch de gevraagde log-file. Bedankt Whoopy EPeek.txt

Hallo. Ik heb gedurende het weekend geen internet mogelijkheid, vandaar dat ik nu pas kan reageren. Bijgaand de fix-logfile. Alvast bedankt whoopy Fixlog.txt

Heb java geupdated. Bijgaand de nieuwe logfile. FRST.txt

Hallo excuses voor de uitgevoerde tools. ik dacht er goed aan te doen Bijgaand de gevraagde logfiles. vriendelijke dank Whoopy MBRCheck_05.20.15_22.16.03.txt FRST.txt

ik heb ondertussen adwcleaner jrt.exe en hitmanpro laten lopen. Ik hitmanpro ook aangeschaft omdat mijn proeflicentie verlopen was.

Internet explorer blijft bezig. Volgens mij dat priceless virus ?

Hallo , het probleem doet zich nog voor; Ik was vanavond snel genoeg om taakbeheer te openen. Daar zag ik dat internet exporer actief stond (niet zichtbaar voor mij als gebruiker) en om de 10 seconden ongeveer switchte tussen diverse sites : oa; walmart.com, uncrate.com en nog enkele (alles binnen dezelfde sessie) maar ik was niet snel genoeg om ze te noteren. Bijgaand de logfiles vanuit Farbar. Addition.txt FRST.txt

Hierbij het volgende logscript. Alvast bedankt voor uw hulp Whoopy zoek-results.txt

Hallo Ik heb als scan enkel McAfee-virusscan en Malwarebytes anti-malware uitgevoerd. Bijgaand de logfile van zoek.exe. alvast bedankt voor de hulp Whoopy zoek-results.txt

Alvast bedankt voor uw snelle reaktie. In bijlage de log file. vriendelijke groeten Whoopy log.txt

ik heb vorige week een driver gedownload (dacht ik) en sindsdien start er plots geluid van precies een onzichtbaar filmpje op. Het zal malware of zo zijn maar de reeds gelopen scans geven geen problemen weer. Kan iemand helpen ? Ik heb Hijackthis al op PC staan.

kei bedankt voor je vlotte hulp !

laatste logfile ? Hopelijk is ie nu goed ? Zoek.exe Version 4.0.0.3 Updated 27-June-2013 Tool run by Ellen on do 27/06/2013 at 18:26:34,06. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting Files \ Folders ====================== "C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\installer.json" deleted "C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx" deleted "C:\Users\Ellen\AppData\Roaming\StartNow Toolbar" deleted "C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04/12/2012 11:47] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 15:13] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions incfcgceegpikennjoplhfghaaikdgei - C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx[] YouTube - Nick - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nick - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Nick - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Facemoods - Nick - Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif Premiumplay Codec-C - Nick - Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho DivX Plus Web Player HTML5 \u003Cvideo\u003E - Nick - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Nick - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho deleted successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpnbdefcbnoefmmcpelplabbkfmfhlho_0 deleted successfully ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei deleted successfully ==== EOF on do 27/06/2013 at 18:27:51,38 ======================

En de PC draait nu weer vlotjes nu. gelukkig want was me dat even schrikken. Azo een lelijk virus. Mag het dan als opgelost beschouwd worden ? Voor de toekomst vraag ik me nog af wat ik meer aan beveiliging kan doen. Er zit een betaalde virusscanner op. Maar tegen malware .... Heel erg bedankt Ellen

hoe bedoel je verwijderen ? Waar kan ik die 3 nog verwijderen ? rechtstreeks in registry ? Of moet i naar het profiel Nick gaan en daar iets verwijderen ? Alvast bedankt voor je vlotte hulp vandaag. Ellen

Volgende log file : Zoek.exe Version 4.0.0.3 Updated 27-June-2013 Tool run by Ellen on do 27/06/2013 at 13:59:56,96. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting Files \ Folders ====================== "C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\zcrx" not found ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04/12/2012 11:47] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 15:13] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions incfcgceegpikennjoplhfghaaikdgei - C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx[27/08/2012 21:14] SiteAdvisor - Ellen - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho StartNow - Ellen - Default\Extensions\incfcgceegpikennjoplhfghaaikdgei DivX Plus Web Player HTML5 \u003Cvideo\u003E - Ellen - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm YouTube - Nick - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nick - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Nick - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Facemoods - Nick - Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif Premiumplay Codec-C - Nick - Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho DivX Plus Web Player HTML5 \u003Cvideo\u003E - Nick - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Nick - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== EOF on do 27/06/2013 at 14:02:43,02 ======================

Na reboot kwam er inderdaad meer uit Zoek.exe Version 4.0.0.3 Updated 27-June-2013 Tool run by Ellen on do 27/06/2013 at 11:44:27,56. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\6kgt2miw.default\prefs.js: Added to C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\6kgt2miw.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583\prefs.js: Added to C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\6kgt2miw.default user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- ProfilePath: C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583 user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\McAfee\\\\SiteAdvisor\",\"mtime\":1372310808954,\"rdfTime\":1347361592000},\"crossriderapp435@crossrider.com\":{\"descriptor\":\"C:\\\\ProgramData\\\\CodecCheck\\\\firefox\",\"mtime\":1321885748271,\"rdfTime\":1321547706000},\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\",\"mtime\":1326722908613,\"rdfTime\":1315397198000},\"{D19CA586-DD6C-4a0a-96F8-14644F340D60}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Common Files\\\\McAfee\\\\SystemCore\",\"mtime\":1372310804679},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\15.2.0.5\",\"mtime\":1372310836769,\"rdfTime\":1369168262601}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1369339222341,\"rdfTime\":1369339222340}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs_20132706_1151_.backup ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\CrossriderWebApps" deleted "C:\Program Files (x86)\StartNow Toolbar" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ellen\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-06-27 06:20:04 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\Sysnative\bootdelete.exe ====== C:\Windows\Sysnative\drivers ===== 2013-06-27 05:42:30 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-06-11 20:18:25 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2013-06-27 08:29:27 1A0C0583892BB2F907F4CD61557253B1 3116 ----a-w- C:\Windows\Sysnative\Tasks\{F2D8CA20-BDA9-4F6B-ADD9-946F1792B701} 2013-05-29 17:24:30 E9B61EFE20BC46B262B88F27988DED68 2854 ----a-w- C:\Windows\Sysnative\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv 2013-05-29 17:24:30 CB7780D806908E5C9CFC05A7E52473B3 350 ----a-w- C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-06-27 06:11:04 -------- d-----w- C:\Program Files\HitmanPro 2013-06-24 18:52:55 -------- d-----w- C:\Program Files\Common Files\Adobe 2013-06-24 18:51:50 -------- d-----w- C:\Program Files\Adobe ======= C:\Program Files (x86) ===== 2013-06-27 07:41:30 -------- d-----w- C:\Program Files (x86)\Trend Micro ======= C: ===== 2013-06-27 07:52:43 8B7B9DFB995077D0D82528DF264EA03E 18820 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\Ellen\AppData\Roaming ====== 2013-06-27 05:42:04 -------- d-----w- C:\users\Ellen\AppData\Local\Programs 2013-05-29 18:51:34 -------- d-----w- C:\users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-05-29 18:51:08 -------- d-----w- C:\users\Ellen\AppData\Roaming\Dropbox ====== C:\Users\Ellen ====== 2013-06-27 07:51:54 4EF33D516F31BEB1C9847D1FDA69375C 648201 ----a-w- C:\Users\Ellen\Desktop\adwcleaner.exe 2013-06-27 07:00:35 C57324BDFE3063EDF7DFD1942242917E 21840856 ----a-w- C:\Users\Ellen\Downloads\Firefox Setup 22.0.exe 2013-06-27 06:11:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-06-27 06:08:52 B2E0F30FC400FA9E70C6DFF98420085D 9833328 ----a-w- C:\Users\Ellen\Downloads\HitmanPro_x64.exe 2013-06-27 06:08:44 -------- d-----w- C:\ProgramData\HitmanPro 2013-06-27 06:07:58 0011AC7B83C557D3273A1E093BD46F8E 9171472 ----a-w- C:\Users\Ellen\Downloads\HitmanPro.exe 2013-06-27 05:41:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-24 19:13:08 A5AFDF81FB7E6C9D898529A6CBC4B285 826229968 ----a-w- C:\Users\Ellen\Downloads\Lightroom_4_LS11_win_4_4.exe 2013-05-29 18:53:19 -------- d-----r- C:\Users\Ellen\Dropbox ====== C: exe-files == 2013-06-27 07:51:54 4EF33D516F31BEB1C9847D1FDA69375C 648201 ----a-w- C:\Users\Ellen\Desktop\adwcleaner.exe 2013-06-27 07:00:35 C57324BDFE3063EDF7DFD1942242917E 21840856 ----a-w- C:\Users\Ellen\Downloads\Firefox Setup 22.0.exe 2013-06-27 06:20:04 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2013-06-27 06:11:05 1712747C844CC12EED8BC92FB0E56E4C 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-06-27 06:11:04 B2E0F30FC400FA9E70C6DFF98420085D 9833328 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2013-06-27 06:08:52 B2E0F30FC400FA9E70C6DFF98420085D 9833328 ----a-w- C:\Users\Ellen\Downloads\HitmanPro_x64.exe 2013-06-27 06:07:58 0011AC7B83C557D3273A1E093BD46F8E 9171472 ----a-w- C:\Users\Ellen\Downloads\HitmanPro.exe 2013-06-27 05:55:58 D53D5A464755B876306507FA0580737B 399440 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_E22AE377E2374FD1.exe 2013-06-27 05:55:54 10B01048B1DA075CD1EE27E30B4CF342 308816 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_16A328A5A291F177.exe 2013-06-27 05:55:37 9227CD96860A2B54E7CF4C91B255C420 1070672 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_80ACC8E3971CD605.exe 2013-06-27 05:54:25 FF288AD39AFA4B198C744E47A2994DCB 530912 ----a-w- C:\Program Files (x86)\Google\Update\Install\{047A2996-16E5-4F09-AE46-765542D39830}\GoogleToolbarInstaller_updater_signed.exe 2013-06-27 05:54:25 FF288AD39AFA4B198C744E47A2994DCB 530912 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4209.2358\GoogleToolbarInstaller_updater_signed.exe 2013-06-27 05:41:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-26 16:10:40 ED9B02A4431ED15765652CF362F99501 915120 ----a-w- C:\Windows\Temp\avg_a05748\ProgFiles\AVG Secure Search\lip.exe 2013-06-26 16:10:40 EB57E661367E410BDD1F00D5BE69CCB5 1791152 ----a-w- C:\Windows\Temp\avg_a05748\ProgFiles\AVG Secure Search\Uninstall.exe 2013-06-26 16:10:40 D186EEC1E724DAD957CEC048A2B3F76E 639664 ----a-w- C:\Windows\Temp\avg_a05748\ProgFiles\AVG Secure Search\PostInstall.exe 2013-06-26 16:10:40 94071BD09B381F82E1ADBC72252167C5 147120 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\DriverInstaller_64.exe 2013-06-26 16:10:40 835C890A32822657B40DC9E4221FEC0E 572080 ----a-w- C:\Windows\Temp\avg_a05748\ConfigFiles\MachineIdCreator.exe 2013-06-26 16:10:40 61A9B11B263FA811474E5D8D96ECF96E 2236080 ----a-w- C:\Windows\Temp\avg_a05748\ProgFiles\AVG Secure Search\vprot.exe 2013-06-26 16:10:40 60260049219F2B353AA894892B8B3B32 2239664 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\ScriptHelper.exe 2013-06-26 16:10:40 40D1F5434F4C245B4D162A9001832C70 2170544 ----a-w- C:\Windows\Temp\avg_a05748\avg-secure-search-installer.exe 2013-06-26 16:10:40 3974107E7FDC345AC3D7FFBB7D8D5F6B 638128 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\DriverInstaller.exe 2013-06-26 16:10:40 254E8F9BA44E9F55416B0E51DBFF3C5F 1598128 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\ToolbarUpdater.exe 2013-06-26 16:09:55 3CF49C8FC8C9E2B14ACE4CA1D4CBE1AE 4520984 ----a-w- C:\Windows\Temp\{779D0F94-4DBC-46AC-8CE6-29C91B01A51D}.exe 2013-06-24 19:20:21 8953C14F326367F70C96A3DD3CD04EE0 412317608 ------w- C:\Users\Ellen\Desktop\Adobe\Photoshop Lightroom 4.4\Adobe Photoshop Lightroom 4\setup64.exe 2013-06-24 19:19:43 4024EBA2B17D379659379ED6002921A5 404679560 ----a-w- C:\Users\Ellen\Desktop\Adobe\Photoshop Lightroom 4.4\Adobe Photoshop Lightroom 4\setup32.exe 2013-06-24 19:19:43 3FB0C9C698391E5D578A62BD59EFACE2 147344 ----a-w- C:\Users\Ellen\Desktop\Adobe\Photoshop Lightroom 4.4\Install Lightroom 4.exe 2013-06-24 19:13:08 A5AFDF81FB7E6C9D898529A6CBC4B285 826229968 ----a-w- C:\Users\Ellen\Downloads\Lightroom_4_LS11_win_4_4.exe 2013-06-20 18:54:20 80633916458CC8041D0F483B7633E9F6 1582944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.116\27.0.1453.116_27.0.1453.110_chrome_updater.exe === C: other files == 2013-06-27 06:50:34 FC26F8841215642DA0CC98F66BC403CE 580368 ----a-w- C:\Users\Ellen\Desktop\Old Firefox Data\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi 2013-06-27 06:24:34 463B1DBF98A885254648F88EC3612161 13399154 ----a-w- C:\Users\Ellen\Downloads\mbar-1.06.0.1004.zip 2013-06-27 05:42:30 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-26 16:10:44 C6C470CD49FE9DBA0F082540D7AF7642 37664 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\avgtpx86.sys 2013-06-26 16:10:43 34E9A86B0EF71BA72B58D72215EBFABC 45856 ----a-w- C:\Windows\Temp\avg_a05748\CommonFiles\AVG Secure Search\avgtpx64.sys 2013-06-26 16:10:34 C094CB3E07BA42DD42D2E257511F3B7A 257165 ----a-w- C:\Windows\Temp\avg_a05748\ProgData\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx 2013-06-26 16:10:29 264F8E1A89771B80D9F2985A68BAA8C3 178115 ----a-w- C:\Windows\Temp\avg_a05748\ProgFiles\AVG Secure Search\data.zip ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 96C406EC877EB23BB753E59B776C6BC7 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.10 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04/12/2012 11:47] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 15:13] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions incfcgceegpikennjoplhfghaaikdgei - C:\Users\Ellen\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx[27/08/2012 21:14] SiteAdvisor - Ellen - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho StartNow - Ellen - Default\Extensions\incfcgceegpikennjoplhfghaaikdgei DivX Plus Web Player HTML5 \u003Cvideo\u003E - Ellen - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm YouTube - Nick - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nick - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Nick - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Facemoods - Nick - Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif Premiumplay Codec-C - Nick - Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho DivX Plus Web Player HTML5 \u003Cvideo\u003E - Nick - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Nick - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Google" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-889363557-2036165539-3501339599-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A876E312-7D08-401a-B7A6-FAFC5DC2F292} deleted successfully HKEY_USERS\S-1-5-21-889363557-2036165539-3501339599-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A876E312-7D08-401a-B7A6-FAFC5DC2F292} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A876E312-7D08-401a-B7A6-FAFC5DC2F292} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A876E312-7D08-401a-B7A6-FAFC5DC2F292} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Ellen\Desktop\Airport Simulator 2011.lnk - C:\Program Files (x86)\Airport Simulator 2011\airport.exe C:\Users\Ellen\Desktop\BDSizer - Snelkoppeling.lnk - C:\Users\Ellen\Downloads\BDSizer.exe C:\Users\Ellen\Desktop\DivX Movies.lnk - C:\Users\Ellen\Videos\DivX Movies C:\Users\Ellen\Desktop\Dropbox.lnk - C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Ellen\Desktop\HiJackThis.lnk - C:\Users\Ellen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Ellen\Desktop\IrfanView Thumbnails.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe /thumbs C:\Users\Ellen\Desktop\IrfanView.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe C:\Users\Ellen\Desktop\Music tools\Ashampoo Music Studio 3.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Music Studio 3\bin\MusicStudio3.exe C:\Users\Ellen\Desktop\Music tools\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe C:\Users\Ellen\Desktop\Music tools\MixPad.lnk - C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe C:\Users\Ellen\Desktop\Music tools\Music Converter.lnk - C:\Program Files (x86)\MusicConverter\AudioConverter.exe C:\Users\Ellen\Desktop\Music tools\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\Switch\switch.exe C:\Users\Ellen\Desktop\Music tools\WavePad Sound Editor.lnk - C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe C:\Users\Ellen\Desktop\Music tools\Xilisoft DVD Ripper Platinum 4.lnk - C:\Program Files (x86)\Xilisoft\DVD Ripper Platinum 4\dvdrip.exe C:\Users\Ellen\Desktop\Music tools\Zulu DJ Software.lnk - C:\Program Files (x86)\NCH Software\Zulu\zulu.exe C:\Users\Gast\Desktop\Free DVD MP3 Ripper.lnk - C:\Program Files (x86)\Free DVD MP3 Ripper\dvd_mp3_ripper.exe C:\Users\Gast\Desktop\Xilisoft DVD Ripper Platinum 4.lnk - C:\Program Files (x86)\Xilisoft\DVD Ripper Platinum 4\dvdrip.exe C:\Users\Nick\Desktop\Free DVD MP3 Ripper.lnk - C:\Program Files (x86)\Free DVD MP3 Ripper\dvd_mp3_ripper.exe C:\Users\Nick\Desktop\Xilisoft DVD Ripper Platinum 4.lnk - C:\Program Files (x86)\Xilisoft\DVD Ripper Platinum 4\dvdrip.exe C:\Users\UpdatusUser\Desktop\Free DVD MP3 Ripper.lnk - C:\Program Files (x86)\Free DVD MP3 Ripper\dvd_mp3_ripper.exe C:\Users\UpdatusUser\Desktop\Xilisoft DVD Ripper Platinum 4.lnk - C:\Program Files (x86)\Xilisoft\DVD Ripper Platinum 4\dvdrip.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Cities XL 2012.lnk - C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\CitiesXL_2012.exe LOCALIZATION/LANGUAGE=en C:\Users\Public\Desktop\clear.fi Tutorial.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe "c:\Users\Public\Videos\clear.fi_tutorial.wmv" /fullscreen C:\Users\Public\Desktop\clear.fi.lnk - C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe C:\Users\Public\Desktop\Corel VideoStudio Pro X4.lnk - C:\Program Files (x86)\Corel\Corel VideoStudio Pro X4\vstudio.exe C:\Users\Public\Desktop\Digital Photo Professional.lnk - C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe C:\Users\Public\Desktop\DivX Plus Converter.lnk - C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe SW_SHOWNORMAL C:\Users\Public\Desktop\DivX Plus Player.lnk - C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe C:\Users\Public\Desktop\FileZilla Client.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe C:\Users\Public\Desktop\Fuji Fotoservice 2.7.lnk - C:\Program Files (x86)\Fuji Fotoservice\Fuji Fotoservice\Loader.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe C:\Users\Public\Desktop\HTML-Kit.lnk - C:\Program Files (x86)\Chami\HTML-Kit\Bin\HTMLKit.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\Koop online.lnk - C:\Program Files (x86)\Accessory Store\StartUrl.exe Acer Online winkel - Welkom C:\Users\Public\Desktop\Lightroom 4.1 64-bits.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe C:\Users\Public\Desktop\Luminance HDR.lnk - C:\Program Files\Luminance HDR\luminance-hdr.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon C:\Users\Public\Desktop\Microsoft Mouse.lnk - C:\Windows\Installer\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}\Mouse.ico mouse cpl C:\Users\Public\Desktop\Mobiel Internet Software.lnk - C:\Program Files (x86)\KPN\Mobiel Internet Software\Wilog.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nokia Suite.lnk - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Users\Public\Desktop\Norton Security Scan.lnk - C:\Program Files (x86)\Norton Security Scan\Engine\3.6.1.11\Nss.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\Picture Style Editor.lnk - C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe C:\Users\Public\Desktop\WildTangent Games App - acer.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src desktopoem /dp acerlt C:\Users\Public\Desktop\ZoomBrowser EX.lnk - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Ellen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-bits.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Verwijder HitmanPro 3.7.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe /uninstall C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security Suite.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mobiel Internet Software.lnk - C:\Program Files (x86)\KPN\Mobiel Internet Software\Wilog.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk - C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Ellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk - C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk - C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Nick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Koop online.lnk - C:\Program Files (x86)\Accessory Store\StartUrl.exe ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628065641.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - !{5911488E-9D1E-40ec-8CBB-06B231CC153F} - (no file) O3 - Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BecHelperService - Unknown owner - C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\Ellen\AppData\Local\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Nick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ellen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 27/06/2013 at 12:09:49,06 ======================

Bijgaand de log vanuit zoek.exe Zoek.exe Version 4.0.0.2 Updated 26-June-2013 Tool run by Ellen on do 27/06/2013 at 10:26:57,08. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== 27/06/2013 10:27:59 Zoek.exe System Restore Point Created Succesfully. ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\extensions.sqlite" deleted "C:\windows\SysNative\Tasks\DealPly" deleted "C:\windows\SysNative\Tasks\DealPlyUpdate" deleted "C:\prefs.js" deleted "C:\Windows\Syswow64\sho6BBC.tmp" deleted "C:\ProgramData\CodecCheck" deleted "C:\Users\Ellen\AppData\Local\Software" deleted "C:\Users\Ellen\AppData\LocalLow\DataMngr" deleted ==== EOF on do 27/06/2013 at 10:31:48,93 ======================

Hallo Bedankt voor de hulp tot nu toe alvast. Hieronder de adcleaner log. HijackThis maakt een lege log-file ? # AdwCleaner v2.303 - Verslag gemaakt op 27/06/2013 om 09:52:43 # Geactualiseerd op 08/06/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Ellen - ELLEN-LAPTOP # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Ellen\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Verwijderd : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml File Verwijderd : C:\user.js File Verwijderd : C:\Users\Ellen\AppData\Local\Temp\Searchqu.ini File Verwijderd : C:\Users\Ellen\AppData\Local\Temp\searchqutoolbar-manifest.xml File Verwijderd : C:\Users\Ellen\AppData\Local\Temp\SetupDataMngr_Searchqu.exe File Verwijderd : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk Map Verwijderd : C:\Program Files (x86)\AVG Secure Search Map Verwijderd : C:\Program Files (x86)\DealPly Map Verwijderd : C:\Program Files (x86)\Searchqu Toolbar Map Verwijderd : C:\ProgramData\Ask Map Verwijderd : C:\ProgramData\AVG Secure Search Map Verwijderd : C:\ProgramData\Babylon Map Verwijderd : C:\ProgramData\boost_interprocess Map Verwijderd : C:\ProgramData\InstallMate Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Map Verwijderd : C:\ProgramData\Premium Map Verwijderd : C:\Users\Ellen\AppData\Local\AVG Secure Search Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho Map Verwijderd : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Map Verwijderd : C:\Users\Ellen\AppData\Local\Temp\BabylonToolbar Map Verwijderd : C:\Users\Ellen\AppData\LocalLow\AVG Secure Search Map Verwijderd : C:\Users\Ellen\AppData\LocalLow\boost_interprocess Map Verwijderd : C:\Users\Ellen\AppData\Roaming\Babylon Map Verwijderd : C:\Users\Ellen\AppData\Roaming\BrowserCompanion Map Verwijderd : C:\Users\Ellen\AppData\Roaming\DealPly Map Verwijderd : C:\Users\Nick\AppData\Local\AVG Secure Search Map Verwijderd : C:\Users\Nick\AppData\LocalLow\AVG Secure Search Map Verwijderd : C:\Users\Nick\AppData\LocalLow\facemoods.com Verwijderd bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search ***** [Register] ***** Data Verwijderd : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll Data Verwijderd : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijderd : HKCU\Software\AVG Secure Search Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\DealPly Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKCU\Software\InstallCore Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKCU\Software\StartNow Toolbar Sleutel Verwijderd : HKCU\Software\Zugo Sleutel Verwijderd : HKLM\Software\AVG Secure Search Sleutel Verwijderd : HKLM\Software\AVG Security Toolbar Sleutel Verwijderd : HKLM\Software\Babylon Sleutel Verwijderd : HKLM\Software\BrowserCompanion Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Sleutel Verwijderd : HKLM\SOFTWARE\Classes\S Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.BandObject Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ZGClnt.Mngr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\DealPly Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijderd : HKLM\Software\StartNow Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossrider Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Sleutel Verwijderd : HKLM\SOFTWARE\DataMngr Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16537 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=bf&s={searchTerms}&f=4 --> hxxp://www.google.com -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\hxmq9odt.default-1372315826583\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v27.0.1453.116 File : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijderd [l.1] : icon_url ={"backup":{"_signature":"sulEaWfosnMsFUYhBvZ3RCXubo5pWLO486TPUFYtmIU=","_version":4,"browser":{"show[...] File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijderd [l.1] : icon_url ={"browser":{"window_placement":{"bottom":718,"left":10,"maximized":false,"right":1060,"top":10,"work[...] ************************* AdwCleaner[s1].txt - [18731 octets] - [27/06/2013 09:52:43] ########## EOF - C:\AdwCleaner[s1].txt - [18792 octets] ########## -------------------------------------------------------------------------

Hallo hierbij mijn log, kan iemand me verder helpen ? Alvast bedankt Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 6:48:36, on 27/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) FIREFOX: 21.0 (en-US) Boot mode: Normal Running processes: C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Ellen\AppData\Roaming\BrowserCompanion\tcbhn.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Windows\syswow64\svchost.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Nick\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628065641.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: CrossRider - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-889363557-2036165539-3501339599-1004\..\Run: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe (User 'Nick') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: tcbhn.lnk = Ellen\AppData\Roaming\BrowserCompanion\tcbhn.exe O4 - Global Startup: Update-agent.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BecHelperService - Unknown owner - C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 21394 bytes