Maurice2013

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.10.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 Massada :: MASSADA20 [administrator] Bescherming: Ingeschakeld 8-10-2013 20:08:52 mbam-log-2013-10-08 (20-08-52).txt Scan type: Volledige scan (C:\|D:\|E:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 405039 Verstreken tijd: 1 uur/uren, 30 minuut/minuten, 44 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 12 C:\Config.Msi\1bb42e2.rbf (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\clearhist.exe (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgcommon.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgconfig.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mghelper.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mghelperapp.exe (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mghooking.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mglogger.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgsimcommon.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgtoolbarie.dll (PUP.Optional.SweetPacks) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgtoolbarproxy.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\$PatchCache$\Managed\16FE85B52F587794795A481CF9295697\4.5.0\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) ** Het heeft even geduurd de volle scan, maar ik merk nu al dat de computer weer super snel surft en de pop ups verleden tijd zijn!! SUPER BEDANKT!!!! :D

Zoek.exe Version 4.0.0.5 Updated 07-October-2013 Tool run by Massada on di 08-10-2013 at 8:43:22,80. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Massada\Desktop\zoek\zoek.com [script inserted] ==== Older Logs ====================== C:\zoek-results2013-10-07-115716.log 333 bytes C:\zoek-results2013-10-07-124411.log 26402 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\SearchScopes\{996FA5EE-86E9-4C08-B882-9ACBD739AF7A} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines freehdsp removed from prefs.js ---- ---- Lines freehdsp modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_07-10-2013_1427_.backup prefs_08-10-2013_1000_.backup ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default user.js not found ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Microsoft\\\\Search Enhancement Pack\\\\Default Manager\\\\DMExtension\",\"mtime\":1299321958263,\"rdfTime\":1273496220000},\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1301507203350,\"rdfTime\":1256182198000},\"litmus-ff@f-secure.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PC Veilig\\\\NRS\\\\litmus-ff@f-secure.com\",\"mtime\":1378804357969,\"rdfTime\":1378804355051},\"disabled\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1362335763166,\"rdfTime\":1359466114000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1377107494255,\"rdfTime\":1377107494255}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1301507203350,\"rdfTime\":1256182198000}}}]"); ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines freehdsp removed from prefs.js ---- ---- Lines freehdsp modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_07-10-2013_1427_.backup prefs_08-10-2013_1000_.backup ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines freehdsp removed from prefs.js ---- ---- Lines freehdsp modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_08-10-2013_1000_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi" deleted "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\windows\SysNative\dmwu.exe" deleted "C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar" deleted "C:\Windows\tasks\OptimizerProUpdaterTask{0963E785-A69B-4FE4-A4F3-B0FA7327C87E}.job" deleted "C:\Windows\tasks\OptimizerProUpdaterTask{0963E785-A69B-4FE4-A4F3-B0FA7327C87E}.job" deleted "C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll" deleted "C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll" deleted "C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe" deleted "C:\Users\Massada\AppData\Roaming\webex" deleted "C:\Program Files (x86)\VipBoxSportsApp.com" deleted "C:\Program Files (x86)\SopCast" deleted "C:\Program Files (x86)\iLivid" deleted "C:\Program Files (x86)\Windows iLivid Toolbar" deleted "C:\Program Files (x86)\BCool" deleted "C:\Program Files (x86)\SearchCore for Browsers" not deleted "C:\found.000" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\SweetIM" deleted "C:\ProgramData\Premium" not deleted "C:\ProgramData\Babylon" deleted "C:\Users\Massada\AppData\Local\iLivid" deleted "C:\Users\Massada\AppData\Local\Ilivid Player" deleted "C:\Users\Massada\AppData\Local\PackageAware" deleted "C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted "C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted "C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid" deleted "C:\Users\Massada\AppData\LocalLow\searchqutoolbar" deleted "C:\Users\Massada\AppData\LocalLow\AskToolbar" deleted "C:\Users\Massada\AppData\LocalLow\BabylonToolbar" deleted "C:\windows\SysNative\ljkb" deleted "C:\Windows\Syswow64\jmdp" deleted "C:\Windows\Syswow64\ARFC" deleted "C:\Windows\Syswow64\WNLT" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted "C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" deleted "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted "C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers" not deleted "C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64" not deleted "C:\ProgramData\Premium\OptimizerPro" not deleted ==== Firefox Extensions ====================== ExtDir: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43 E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] fgfdfcbeamjnjdejakdidpniblllnbpg - C:\Windows\SysWOW64\jmdp\pnte.crx[] iglhacgnghppbmdkpbkjbgpogidolkgb - C:\ProgramData\Bcool\iglhacgnghppbmdkpbkjbgpogidolkgb.crx[] jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 13:14] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[] FreeHDSport.TV - Massada - Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok YouTube - Massada - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Massada - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Delta Toolbar - Massada - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde SweetIM for Facebook - Massada - Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Skype Click to Call - Massada - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl GoPhoto.it - Massada - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Gmail - Massada - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Home - dB Audiovisueel" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Home - dB Audiovisueel" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {60C74343-D999-4406-8C2D-8EF3FE2C1032} Wikipedia Url="Zoekresultaten voor "{searchTerms" - Wikipedia}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {890DCFFC-4B3B-4EDD-987A-DB12DF9B5C6D} Bing Url="{searchTerms} - Bing" {B1961045-89EC-4CE6-8B87-D8E2708B8F2B} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B1961045-89EC-4CE6-8B87-D8E2708B8F2B} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iglhacgnghppbmdkpbkjbgpogidolkgb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1UO820J7 will be deleted at reboot C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6K4REDI3 will be deleted at reboot C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OX2E0XQZ will be deleted at reboot C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TRUN184I will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Massada\AppData\Local\Mozilla\Firefox\Profiles\chhhoxwa.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Massada\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\SearchCore for Browsers" not found "C:\ProgramData\Premium" not found "C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1UO820J7" not found "C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6K4REDI3" not found "C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OX2E0XQZ" not found "C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TRUN184I" not found ==== EOF on di 08-10-2013 at 10:38:22,99 ====================== De Adw Cleaner start nu, resultaat volgt zsm - - - Updated - - - # AdwCleaner v3.006 - Report created 08/10/2013 at 10:48:50 # Updated 01/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Massada - MASSADA20 # Running from : C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GBUHV2A\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Windows\System32\ARFC File Deleted : C:\Windows\System32\ImhxxpComm.dll ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1 Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\SOFTWARE\Classes\I Key Deleted : HKLM\SOFTWARE\Classes\ilivid Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_daed1c79 Key Deleted : HKCU\Software\535388d1b069b942 Key Deleted : HKLM\SOFTWARE\535388d1b069b942 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\incredibar.com Key Deleted : HKCU\Software\SearchCore for Browsers Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\IB Updater Key Deleted : HKLM\Software\ilivid Key Deleted : HKLM\Software\incredibar.com Key Deleted : HKLM\Software\SearchCore for Browsers Key Deleted : HKLM\Software\SearchquMediabarTb Key Deleted : HKLM\Software\SP Global Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchCore for Browsers Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar Key Deleted : [x64] HKLM\SOFTWARE\IB Updater Key Deleted : [x64] HKLM\SOFTWARE\SearchCore for Browsers Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\wnlt Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v23.0.1 (nl) [ File : C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ] [ File : C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default\prefs.js ] [ File : C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ] ************************* AdwCleaner[R0].txt - [18739 octets] - [08/10/2013 10:45:39] AdwCleaner[s0].txt - [18550 octets] - [08/10/2013 10:48:50] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [18611 octets] ########## Dit zijn de resultaten van de AdwCleaner.

Zoek.exe Version 4.0.0.4 Updated 27-September-2013 Tool run by Massada on ma 07-10-2013 at 14:09:11,25. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Massada\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-10-07-115716.log 333 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A75CA769-6192-6B77-0D48-18C7D8B1717F} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A75CA769-6192-6B77-0D48-18C7D8B1717F} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A75CA769-6192-6B77-0D48-18C7D8B1717F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A75CA769-6192-6B77-0D48-18C7D8B1717F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} removed from prefs.js ---- ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_07-10-2013_1427_.backup ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default user.js not found ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} removed from prefs.js ---- ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Microsoft\\\\Search Enhancement Pack\\\\Default Manager\\\\DMExtension\",\"mtime\":1299321958263,\"rdfTime\":1273496220000},\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1301507203350,\"rdfTime\":1256182198000},\"litmus-ff@f-secure.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\PC Veilig\\\\NRS\\\\litmus-ff@f-secure.com\",\"mtime\":1378804357969,\"rdfTime\":1378804355051},\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1362335763166,\"rdfTime\":1359466114000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1377107494255,\"rdfTime\":1377107494255}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1301507203350,\"rdfTime\":1256182198000}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs_07-10-2013_1427_.backup ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions prefs.js not found user.js not found ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} removed from prefs.js ---- ---- Lines {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ApnUpdater"=- ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default\searchplugins\MyStart Search.xml" deleted "C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default\searchplugins\MyStart.xml" deleted "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted "C:\Program Files\IB Updater" deleted "C:\Program Files (x86)\Incredibar.com" deleted "C:\ProgramData\Bcool" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\ProgramData\InstallMate" deleted "C:\Program Files (x86)\SweetIM" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\Ask.com\Updater" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-09-17 11:43:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\HPMProp.INI ====== C:\Users\Massada\AppData\Local\Temp ==== ====== Java Cache ===== 2013-10-01 14:26:47 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Massada\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4e94319-10321d84-temp 2013-10-01 14:26:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Massada\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4e94319-3bec97c2-temp 2013-10-01 14:26:51 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Massada\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4e94319-7277bd7e-temp 2013-10-01 14:26:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Massada\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4e94319-78d1b775-temp ====== C:\Windows\SysWOW64 ===== 2013-10-07 07:42:07 AF661355EBAB898EB92D5454AEF93CE0 868264 ----a-w- C:\Windows\SysWOW64\npDeployJava1.dll 2013-10-07 07:42:07 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2013-10-07 07:41:47 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2013-10-07 07:41:47 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2013-10-07 07:41:47 6BEE003DB3FEF04151F614303EBB1E7B 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-10-07 06:57:09 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-09-11 19:51:38 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys ====== C:\Windows\Tasks ====== 2013-10-07 12:09:44 7DE443D742BA16B7DC6B9B0C525CCEC1 3142 ----a-w- C:\Windows\Sysnative\Tasks\{B79DFC04-1111-4EDE-A411-D81C8073C25D} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-07 09:08:56 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-10-07 07:42:26 -------- d-----w- C:\Program Files (x86)\Common Files\Java 2013-10-07 07:41:31 -------- d-----w- C:\Program Files (x86)\Java ======= C: ===== ====== C:\Users\Massada\AppData\Roaming ====== 2013-10-07 06:56:04 -------- d-----w- C:\Users\Massada\AppData\Local\Programs 2013-10-02 12:13:02 CD7ADF45DD4E48BCC594C867985E8CF4 8220 ----a-w- C:\Users\Massada\AppData\Locallow\SkwConfig.bin ====== C:\Users\Massada ====== 2013-10-07 08:43:06 -------- d-----w- C:\ProgramData\Oracle 2013-10-07 07:41:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2013-10-06 16:53:34 8BEB1A5BC7EF0E2A2D7EB44B74A2ADE7 24278649 ----a-w- C:\Users\Massada\Downloads\vlc-2.1.0-win32.exe 2013-10-06 16:40:01 A4022823CFBF2C1A97BD01CCF7FE976C 7912440 ----a-w- C:\Users\Massada\Downloads\Shockwave_Installer_Slim(2).exe ====== C: exe-files == 2013-10-07 09:08:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Massada.exe 2013-10-07 07:42:07 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2013-10-07 07:41:47 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2013-10-07 07:41:47 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2013-10-07 07:41:41 DE16D31DDE767A35C4727D4F5C4F5165 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2013-10-07 07:41:41 33329EE40961C9F75753135EEFEE5215 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2013-10-07 07:41:41 20121F1F03EA62AE7DBE20A5C065E62B 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2013-10-07 07:41:40 F744671F237351A00580DEBDA7B13C58 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2013-10-07 07:41:40 8B060210811F4C88280BB1FE097C8D18 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2013-10-07 07:41:40 879FBD4327A0411AD856CD256E05ACC8 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2013-10-07 07:41:40 85369335B06BA3EF80DBB2463BD75FC6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2013-10-07 07:41:40 79E6E98DD340052FB62E85FC5C0F40B9 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2013-10-07 07:41:40 46D4A740A9CD31274B372AB31FDAB767 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2013-10-07 07:41:38 F07B981F68160C8932BD7E2A056E3542 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2013-10-07 07:41:38 8BAE06DA395B81D5BB9D335719B4C71F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2013-10-07 07:41:38 3F17C8C96551E1DFADAD909282D7A53B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2013-10-07 07:41:38 14478E73336D593E396FEE603118DF73 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2013-10-07 07:41:37 A5937B2A94424CF1B13A4AD503AF6B2E 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2013-10-07 07:41:36 ED2542D50B46FACB647E9ACE15376F71 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2013-10-07 07:41:34 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2013-10-07 07:41:34 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2013-10-07 07:41:33 FE62A080B6B3846FB18F04B488BF686F 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2013-10-07 07:41:33 FB81754A3C79379C3882128875C8C948 48552 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2013-10-07 07:41:33 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2013-10-07 07:41:33 20238A6FE9CA82DB6AA17CB08F4906CF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2013-10-06 16:53:34 8BEB1A5BC7EF0E2A2D7EB44B74A2ADE7 24278649 ----a-w- C:\Users\Massada\Downloads\vlc-2.1.0-win32.exe 2013-10-06 16:40:52 D31520986949C755CD2FA616377157D7 88518 ----a-w- C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe 2013-10-06 16:40:01 A4022823CFBF2C1A97BD01CCF7FE976C 7912440 ----a-w- C:\Users\Massada\Downloads\Shockwave_Installer_Slim(2).exe 2013-10-06 08:26:22 7DE0F6C5848D0234F410AA1FEA3FA99B 1713000 ------w- C:\ProgramData\HP\Installer\Temp\hpzmsi01.exe 2013-10-06 07:58:51 F0CC0EAE72B46044AFBB96515A7DF841 34558816 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_chrome_installer.exe 2013-10-05 19:57:53 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe 2013-10-05 19:31:24 7CC7C8B9B40BF39BB53F3973730B3ADE 2678760 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[2].exe 2013-10-05 19:29:22 9ADE91E9DB9506971FC229716B75F4F6 3519176 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[2].exe 2013-10-02 12:12:54 7CC7C8B9B40BF39BB53F3973730B3ADE 2678760 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[1].exe 2013-10-02 12:11:11 9ADE91E9DB9506971FC229716B75F4F6 3519176 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[1].exe === C: other files == 2013-10-07 11:55:14 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Users\Massada\AppData\Local\Temp\scripttest.vbs 2013-10-07 07:41:41 8C636C988365FC3E61F1B5C5ACECCB55 18675 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2013-10-07 06:57:09 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-07 06:43:44 1FA3C14F708D3502269357C41F4EE549 15421 ----a-w- C:\Users\Massada\AppData\Local\Temp\tmp-69q.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SEARCH~1\\SEARCH~1\\x64\\datamngr.dll C:\\PROGRA~2\\SEARCH~1\\SEARCH~1\\x64\\IEBHO.dll " ==== Startup Folders ====================== 2012-02-21 01:21:13 1052 ----a-w- C:\Users\Massada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-03-06 04:26:22 1260 ----a-w- C:\Users\Massada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-08-15 09:20:44 2002 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ :C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-03-2012 04:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-03-2012 04:42] C:\Windows\tasks\HPCeeScheduleForMassada.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05-01-2010 03:53] C:\Windows\tasks\Norton Security Scan for Massada.job --ah----- C:\PROGRA2\NORTON2\Engine\4011.16\Nss.exe [] C:\Windows\tasks\OptimizerProUpdaterTask{0963E785-A69B-4FE4-A4F3-B0FA7327C87E}.job --ah----- C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe [19-09-2012 16:50] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\0 - FreeHDSport.TV - %ProfilePath%\extensions\freehdsport@freehdsport.tv.xpi - Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi ExtDir: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43 E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] fgfdfcbeamjnjdejakdidpniblllnbpg - C:\Windows\SysWOW64\jmdp\pnte.crx[] iglhacgnghppbmdkpbkjbgpogidolkgb - C:\ProgramData\Bcool\iglhacgnghppbmdkpbkjbgpogidolkgb.crx[] jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Massada\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[24-09-2012 22:14] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 13:14] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[] FreeHDSport.TV - Massada - Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok YouTube - Massada - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Massada - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf IB Updater - Massada - Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Delta Toolbar - Massada - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde SweetIM for Facebook - Massada - Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Skype Click to Call - Massada - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Yontoo - Massada - Default\Extensions\niapdbllcanepiiimjjndipklodoedlc GoPhoto.it - Massada - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Gmail - Massada - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3635257343-3818636479-2429243287-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== EOF on ma 07-10-2013 at 14:44:11,06 ====================== - - - Updated - - - Dit is het resultaat wat eruit kwam.

Hij is momenteel bezig. Enig idee hoe lang dit kan duren? Hij draait inmiddels al 15 minuten.

Logfile of random's system information tool 1.09 (written by random/random) Run by Massada at 2013-10-07 11:08:56 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 349 GB (76%) free of 459 GB Total RAM: 3835 MB (43% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:09:07, on 7-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16686) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Users\Massada\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Massada.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Home - dB Audiovisueel R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bcool - {A75CA769-6192-6B77-0D48-18C7D8B1717F} - C:\ProgramData\Bcool\50c73cfaddbce.ocx O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Massada\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16446 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe winlogon.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs atieclxx C:\Windows\System32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 4389280 \??\C:\Windows\system32\conhost.exe "-1323400382-952700243-13901200641815212651901090115-164128793019624678971661891703 C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe taskeng.exe {A084F8E6-8836-44D7-85FF-6D017CFD0ECF} "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\PC Veilig\Anti-Virus\FSGK32.EXE" /service /stopevent=172 /ipcexch=188 "C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" oid 1.3.6.1.4.1.2213.11.1.27 HosterGroupType 0 "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0 "taskhost.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\Explorer.EXE "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray WLIDSvcM.exe 2644 "C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe" C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini" "C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\PC Veilig\Anti-Virus\fssm32.exe" 3 592 596 600 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe" "C:\Users\Massada\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "C:\Program Files (x86)\PC Veilig\Anti-Virus\fsav32.exe" "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\PC Veilig\Spam Control\fsscoepl_x64.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=SYSTRAY "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe" "C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe" "C:\Program Files\Realtek\RtVOsd\RtVOsd.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>865938455</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4720.ddee100.1397185039 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4720 "\\.\pipe\gecko-crash-server-pipe.4720" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --proxy-stub-channel=Flash408.588FA550.8284 --host-broker-channel=Flash408.588FA550.14638 --host-pid=408 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --channel=4932.0039F544.1189814940 --proxy-stub-channel=Flash408.588FA550.8284 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" --host-npapi-version=27 --type=renderer "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6628 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_175_ActiveX.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6628 CREDAT:1643887 /prefetch:2 taskeng.exe {C204736F-6059-411A-A4D6-06A0DC58D6DB} C:\Windows\system32\sppsvc.exe "C:\Users\Massada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ488CJ5\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForMassada.job C:\Windows\tasks\Norton Security Scan for Massada.job C:\Windows\tasks\OptimizerProUpdaterTask{0963E785-A69B-4FE4-A4F3-B0FA7327C87E}.job =========Mozilla firefox========= ProfilePath - C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default prefs.js - "browser.startup.homepage" - "www.voetbalzone.nl" "{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\IB Updater\Firefox "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\IB Updater\Firefox [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.168 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin] "Description"=McAfee Mss Plugin "Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.168 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Users\Massada\AppData\Roaming\Mozilla\Firefox\Profiles\chhhoxwa.default\searchplugins\ MyStart Search.xml MyStart.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] IB Updater - C:\Program Files\IB Updater\Extension64.dll [2013-01-29 215896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}] SearchCore for Browsers - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\BROWSE~1.DLL [2011-09-27 118168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-20 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] IB Updater - C:\Program Files\IB Updater\Extension32.dll [2013-01-29 170840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-07 462248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A75CA769-6192-6B77-0D48-18C7D8B1717F}] Bcool Class - C:\ProgramData\Bcool\50c73cfaddbce.ocx [2012-12-11 128000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}] Browsing Protection Class - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2013-09-10 555968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Sopcast Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-07 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {D4027C7F-154A-4066-A1AD-4243D8127440} - Sopcast Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288] {F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336] {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2013-09-10 555968] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-16 2095400] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2010-03-13 6234144] "HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-12-20 310280] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-12-20 844296] "msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background [] "OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-12-20 1476104] "KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-12-20 844296] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-30 102400] "Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-06-02 61112] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408] "ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144] "F-Secure Manager"=C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE [2009-11-18 201128] "F-Secure TNB"=C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe [2012-11-01 1655464] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-12-20 310280] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Users\Massada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Massada\AppData\Roaming\Dropbox\bin\Dropbox.exe OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-07-20 52920] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=0 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 "NoDriveTypeAutoRun"=28 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-10-07 11:08:56 ----D---- C:\rsit 2013-10-07 11:08:56 ----D---- C:\Program Files\trend micro 2013-10-07 10:43:06 ----D---- C:\ProgramData\Oracle 2013-10-07 09:42:07 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll 2013-10-07 09:42:07 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-10-07 09:41:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-10-07 09:41:47 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-10-07 09:41:47 ----A---- C:\Windows\SYSWOW64\java.exe 2013-10-07 09:41:31 ----D---- C:\Program Files (x86)\Java 2013-10-07 08:57:30 ----D---- C:\Users\Massada\AppData\Roaming\Malwarebytes 2013-10-07 08:57:13 ----D---- C:\ProgramData\Malwarebytes 2013-10-07 08:57:09 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-07 08:57:09 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-10-06 19:56:21 ----D---- C:\ProgramData\Symantec 2013-10-06 19:56:11 ----D---- C:\Windows\system32\drivers\NSSx64 2013-10-06 19:56:11 ----D---- C:\Program Files (x86)\Norton Security Scan 2013-10-06 19:56:06 ----D---- C:\Program Files (x86)\NortonInstaller 2013-10-05 21:32:57 ----D---- C:\Windows\SYSWOW64\jmdp 2013-10-05 21:32:57 ----D---- C:\Windows\system32\ljkb 2013-09-17 13:43:50 ----A---- C:\Windows\HPMProp.INI 2013-09-17 13:42:47 ----A---- C:\Windows\system32\hppdcompio.dll 2013-09-17 13:42:46 ----A---- C:\Windows\SYSWOW64\hppccompio.dll 2013-09-17 13:42:45 ----A---- C:\Windows\system32\hpmtp130.dll 2013-09-17 13:42:44 ----A---- C:\Windows\system32\hpmpw081.dll 2013-09-17 13:42:44 ----A---- C:\Windows\system32\hpmpm081.dll 2013-09-17 13:42:44 ----A---- C:\Windows\system32\hpmml130.dll 2013-09-17 13:42:44 ----A---- C:\Windows\system32\hpmlm121.dll 2013-09-17 13:42:44 ----A---- C:\Windows\system32\hpmja130.dll 2013-09-17 13:42:40 ----A---- C:\Windows\system32\hpcpn130.dll 2013-09-17 13:42:39 ----A---- C:\Windows\system32\hpcjpm.dll 2013-09-17 13:42:38 ----A---- C:\Windows\SYSWOW64\hpcdmc32.dll 2013-09-17 13:42:35 ----A---- C:\Windows\SYSWOW64\hpcc3130.dll 2013-09-17 13:42:33 ----A---- C:\Windows\system32\FxCompChannel_x64.dll 2013-09-12 00:33:22 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-09-12 00:33:22 ----A---- C:\Windows\system32\ieui.dll 2013-09-12 00:33:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-09-12 00:33:20 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-09-12 00:33:20 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-09-12 00:33:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-09-12 00:33:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-09-12 00:33:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-12 00:33:20 ----A---- C:\Windows\system32\iesysprep.dll 2013-09-12 00:33:20 ----A---- C:\Windows\system32\iesetup.dll 2013-09-12 00:33:20 ----A---- C:\Windows\system32\iertutil.dll 2013-09-12 00:33:20 ----A---- C:\Windows\system32\iernonce.dll 2013-09-12 00:33:20 ----A---- C:\Windows\system32\ie4uinit.exe 2013-09-12 00:33:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-09-12 00:33:18 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-09-12 00:33:18 ----A---- C:\Windows\system32\msfeeds.dll 2013-09-12 00:33:18 ----A---- C:\Windows\system32\jscript.dll 2013-09-12 00:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-09-12 00:33:17 ----A---- C:\Windows\system32\jscript9.dll 2013-09-12 00:33:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-09-12 00:33:16 ----A---- C:\Windows\system32\urlmon.dll 2013-09-12 00:33:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-09-12 00:33:15 ----A---- C:\Windows\system32\jsproxy.dll 2013-09-12 00:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-09-12 00:33:14 ----A---- C:\Windows\system32\wininet.dll 2013-09-12 00:33:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-09-12 00:33:12 ----A---- C:\Windows\system32\ieframe.dll 2013-09-12 00:33:10 ----A---- C:\Windows\system32\mshtml.dll 2013-09-12 00:33:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-09-11 21:51:38 ----A---- C:\Windows\system32\drivers\ataport.sys 2013-09-11 21:51:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-09-11 21:51:06 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-09-11 21:51:04 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-09-11 21:51:03 ----A---- C:\Windows\system32\ntdll.dll 2013-09-11 21:51:02 ----A---- C:\Windows\system32\KernelBase.dll 2013-09-11 21:51:01 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-09-11 21:51:01 ----A---- C:\Windows\system32\wow64.dll 2013-09-11 21:51:00 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2013-09-11 21:51:00 ----A---- C:\Windows\system32\kernel32.dll 2013-09-11 21:50:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2013-09-11 21:50:59 ----A---- C:\Windows\system32\winsrv.dll 2013-09-11 21:50:59 ----A---- C:\Windows\system32\smss.exe 2013-09-11 21:50:58 ----A---- C:\Windows\system32\wow64win.dll 2013-09-11 21:50:58 ----A---- C:\Windows\system32\wow64cpu.dll 2013-09-11 21:50:58 ----A---- C:\Windows\system32\csrsrv.dll 2013-09-11 21:50:58 ----A---- C:\Windows\system32\conhost.exe 2013-09-11 21:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-11 21:50:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-11 21:50:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-09-11 21:50:57 ----A---- C:\Windows\system32\ntvdm64.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-11 21:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-11 21:50:56 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-11 21:50:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-11 21:50:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-11 21:50:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-11 21:50:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-11 21:50:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-11 21:50:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-11 21:50:53 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-11 21:50:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-11 21:50:51 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-11 21:50:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-11 21:50:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-11 21:50:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-11 21:50:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-11 21:50:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-11 21:50:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-11 21:50:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-11 21:50:47 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-09-11 21:50:47 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-09-11 21:50:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2013-09-11 21:50:47 ----A---- C:\Windows\system32\apisetschema.dll 2013-09-11 21:50:46 ----A---- C:\Windows\SYSWOW64\user.exe 2013-09-11 21:50:39 ----A---- C:\Windows\system32\win32k.sys 2013-09-11 21:50:13 ----A---- C:\Windows\system32\shell32.dll 2013-09-11 21:50:02 ----A---- C:\Windows\SYSWOW64\shell32.dll 2013-09-11 21:50:01 ----A---- C:\Windows\SYSWOW64\shdocvw.dll 2013-09-11 21:50:01 ----A---- C:\Windows\system32\shdocvw.dll ======List of files/folders modified in the last 1 month====== 2013-10-07 11:09:00 ----D---- C:\Windows\Temp 2013-10-07 11:08:56 ----RD---- C:\Program Files 2013-10-07 10:43:06 ----HD---- C:\ProgramData 2013-10-07 09:43:35 ----D---- C:\Windows\system32\config 2013-10-07 09:42:28 ----SHD---- C:\Windows\Installer 2013-10-07 09:42:26 ----HD---- C:\Config.Msi 2013-10-07 09:42:26 ----D---- C:\Program Files (x86)\Common Files 2013-10-07 09:42:07 ----D---- C:\Windows\SysWOW64 2013-10-07 09:41:32 ----A---- C:\Windows\SYSWOW64\deployJava1.dll 2013-10-07 09:41:31 ----D---- C:\Program Files (x86) 2013-10-07 09:41:27 ----SHD---- C:\System Volume Information 2013-10-07 09:32:15 ----D---- C:\Users\Massada\AppData\Roaming\Skype 2013-10-07 09:30:20 ----D---- C:\Users\Massada\AppData\Roaming\Dropbox 2013-10-07 09:16:54 ----D---- C:\Windows\Prefetch 2013-10-07 09:15:40 ----D---- C:\Program Files\IB Updater 2013-10-07 09:13:52 ----D---- C:\Windows\SYSWOW64\WNLT 2013-10-07 09:13:52 ----D---- C:\ProgramData\InstallMate 2013-10-07 09:13:52 ----D---- C:\Program Files (x86)\SweetIM 2013-10-07 08:57:09 ----D---- C:\Windows\system32\drivers 2013-10-06 20:22:51 ----D---- C:\Program Files\Google 2013-10-06 20:22:51 ----D---- C:\Program Files (x86)\Google 2013-10-06 19:56:25 ----D---- C:\Windows\system32\Tasks 2013-10-06 19:56:24 ----D---- C:\Windows\Tasks 2013-10-06 19:56:11 ----D---- C:\ProgramData\Norton 2013-10-06 19:56:07 ----D---- C:\Users\Massada\AppData\Roaming\Adobe 2013-10-06 18:47:19 ----D---- C:\Windows\winsxs 2013-10-06 18:46:46 ----D---- C:\ProgramData\Adobe 2013-10-06 18:46:44 ----D---- C:\Program Files (x86)\Adobe 2013-10-06 18:40:48 ----D---- C:\Windows\SYSWOW64\Adobe 2013-10-06 10:42:39 ----D---- C:\Windows\system32\catroot 2013-10-06 10:31:31 ----D---- C:\Program Files (x86)\HP 2013-10-06 10:31:21 ----D---- C:\Windows 2013-10-06 10:31:17 ----D---- C:\Windows\system32\DriverStore 2013-10-06 10:31:17 ----D---- C:\Windows\inf 2013-10-06 10:31:11 ----D---- C:\Windows\system32\catroot2 2013-10-06 10:29:10 ----D---- C:\Windows\twain_32 2013-10-06 10:28:11 ----RSD---- C:\Windows\Fonts 2013-10-06 10:28:11 ----D---- C:\ProgramData\HP 2013-10-05 21:36:09 ----D---- C:\Users\Massada\AppData\Roaming\HpUpdate 2013-10-05 21:32:57 ----D---- C:\Windows\System32 2013-10-05 21:30:52 ----D---- C:\Windows\SYSWOW64\ARFC 2013-10-05 21:28:36 ----D---- C:\Windows\system32\wfp 2013-10-05 21:28:31 ----D---- C:\Windows\system32\wbem 2013-10-05 21:26:54 ----D---- C:\Windows\system32\CodeIntegrity 2013-10-05 21:26:54 ----D---- C:\Windows\AppCompat 2013-10-05 21:26:23 ----D---- C:\ProgramData\McAfee Security Scan 2013-10-05 21:26:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-05 21:26:23 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-10-05 21:26:16 ----D---- C:\Windows\registration 2013-10-05 21:23:55 ----RHD---- C:\MSOCache 2013-09-22 12:35:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-09-20 00:37:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-09-17 13:44:04 ----D---- C:\ProgramData\Hewlett-Packard 2013-09-16 09:15:41 ----D---- C:\Users\Massada\AppData\Roaming\Belastingdienst 2013-09-15 14:21:32 ----A---- C:\Windows\system32\dmwu.exe 2013-09-15 14:16:02 ----A---- C:\Windows\system32\ImHttpComm.dll 2013-09-15 13:13:56 ----D---- C:\Windows\rescache 2013-09-12 09:02:02 ----D---- C:\Windows\Microsoft.NET 2013-09-12 09:00:43 ----RSD---- C:\Windows\assembly 2013-09-12 08:43:19 ----D---- C:\Program Files (x86)\Internet Explorer 2013-09-12 08:43:17 ----D---- C:\Program Files\Internet Explorer 2013-09-12 08:43:11 ----D---- C:\Windows\AppPatch 2013-09-12 08:43:09 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-09-12 08:43:08 ----D---- C:\Windows\system32\nl-NL 2013-09-12 00:33:05 ----D---- C:\Windows\system32\MRT 2013-09-12 00:30:13 ----A---- C:\Windows\system32\MRT.exe 2013-09-12 00:30:00 ----D---- C:\ProgramData\Microsoft Help 2013-09-09 10:52:48 ----A---- C:\Windows\system32\msvcr100.dll 2013-09-09 10:52:48 ----A---- C:\Windows\system32\msvcp100.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-03-10 16440] R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-11-01 56016] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 59784] R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-11-18 94024] R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 16768] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-30 6792704] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-30 221696] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 3063360] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-07-12 202176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-13 2291616] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-16 319536] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2012-11-01 50384] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368] S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [] S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 netr28x;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-30 203264] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe [2009-11-18 221608] R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE [2009-11-18 188840] R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe [2009-11-18 846248] R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2013-06-06 60352] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-07-05 988216] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176] S2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2011-04-15 8192] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-21 117656] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-06 1255736] -----------------EOF----------------- - - - Updated - - - Hoi Mako, Ik heb zojuist de info in het bovenstaande bericht geplaatst. Hoe nu verder?

Hallo allemaal, Ik heb sinds kort een aantal problemen als ik op het internet wil surfen. Sinds 2.5 jaar heb ik een HP G62 laptop en sinds een maand heb ik allemaal rare pop ups die verschijnen en ik weet niet hoe ik dit kan bestrijden. Ik doe regelmatig een scan via PC VEILIG van Kpn. In de bijlage heb ik de pop ups bijgevoegd, zouden jullie mij kunnen helpen hoe ik dit kan bestrijden?