Ga naar inhoud

memke39

Lid
  • Items

    15
  • Registratiedatum

  • Laatst bezocht

memke39's prestaties

  1. Hallo Mako, Hierbij stuur ik je ook het log van AdwCleaner. Gr Marijke # AdwCleaner v3.013 - Report created 25/11/2013 at 23:30:27 # Updated 24/11/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : mv - PC_VAN_MV # Running from : C:\Users\mv\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKCU\Software\596ded9b134ef10 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Myfree Codec Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Myfree Codec Key Deleted : HKLM\Software\Uniblue Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16520 -\\ Google Chrome v [ File : C:\Users\mv\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [3227 octets] - [25/11/2013 22:46:23] AdwCleaner[R1].txt - [3330 octets] - [25/11/2013 22:47:00] AdwCleaner[s0].txt - [3278 octets] - [25/11/2013 23:30:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3338 octets] ##########
  2. Hallo Mako, Hieronder vind je het log van malwarebytes. Andere log volgt zo meteen. Gr Marijke Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.11.25.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 mv :: PC_VAN_MV [administrator] Bescherming: Ingeschakeld 25-11-2013 19:04:28 mbam-log-2013-11-25 (19-04-28).txt Scan type: Volledige scan (C:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 454173 Verstreken tijd: 3 uur/uren, 21 minuut/minuten, 5 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 4 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 7 C:\Program Files\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.2\keygen.exe (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Photodex\ProShow Producer\Proshow.Producer.v5.0.3256-patch-RES.exe (Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\mv\Downloads\Corel Paintshop Photo Pro X4 14.1.0.5 NL\Crack\Crack\Crack.exe (RiskWare.Tool.HCK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\zoek_backup\C_Users_mv_Downloads_iLividSetup-r338-n-bi.exe.vir (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd. C:\zoek_backup\C_Users_mv_Downloads_iLividSetup.exe.vir (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  3. Halo Mako, hieronder vind je het log gr Marijke Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by mv on ma 25-11-2013 at 9:34:03,35. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\mv\Desktop\zoek.exe [script inserted] ==== System Restore Info ====================== 25-11-2013 9:37:02 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-945066822-134794459-1734349723-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\MyFree Codec deleted C:\Program Files\Wondershare deleted C:\Users\mv\AppData\Roaming\Babylon deleted C:\Users\mv\AppData\Roaming\Registry Mechanic deleted C:\Users\mv\AppData\Roaming\OpenCandy deleted C:\ProgramData\Babylon deleted C:\Users\mv\AppData\Local\iLivid deleted C:\Users\mv\AppData\Local\PackageAware deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\Users\mv\Downloads\iLividSetup-r338-n-bi.exe deleted C:\Users\mv\Downloads\iLividSetup.exe deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\mv\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-11-23 21:59:21 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-23 21:59:21 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-11-23 21:59:20 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-11-23 21:59:18 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-23 21:59:18 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-11-23 21:59:18 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-11-23 21:59:17 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-11-23 21:59:17 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-11-23 21:59:16 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-11-23 21:59:15 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-23 21:59:15 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll 2013-11-23 21:59:14 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-11-23 21:59:12 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll 2013-11-23 21:59:12 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-23 21:59:09 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2013-11-23 21:59:08 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll 2013-11-23 18:47:26 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2013-11-23 18:44:43 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-11-23 18:44:39 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-11-23 18:44:39 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-11-23 18:44:39 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF 2013-11-23 18:44:34 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-11-23 18:44:34 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll 2013-11-23 18:44:34 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-11-23 18:44:34 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll 2013-11-23 18:44:33 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll 2013-11-23 18:44:33 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2013-11-23 18:44:33 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-11-23 18:44:33 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2013-11-23 18:44:33 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-11-23 18:44:21 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll 2013-11-23 18:44:14 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-23 18:44:08 69A702C66FA35445DCF7DBF9EF32812C 2050048 ----a-w- C:\Windows\System32\win32k.sys 2013-11-23 18:43:53 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll 2013-11-23 18:43:39 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll 2013-11-23 18:43:38 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll 2013-11-23 18:43:37 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll 2013-11-23 15:25:08 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe 2013-11-23 15:24:31 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe 2013-11-23 15:24:31 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2013-11-23 15:24:31 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe ====== C:\Windows\system32\drivers ===== 2013-11-23 18:44:38 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2013-11-23 18:44:29 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-23 18:44:29 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-23 18:44:28 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-23 18:44:28 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-23 18:44:21 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-11-23 18:43:40 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-24 19:20:44 -------- d-----w- C:\Program Files\trend micro 2013-11-23 15:25:18 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== ====== C:\Users\mv\AppData\Roaming ====== ====== C:\Users\mv ====== 2013-11-23 15:25:59 -------- d-----w- C:\ProgramData\Oracle 2013-11-23 15:24:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-11-24 19:20:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\mv.exe 2013-11-24 19:20:17 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1NTLFI5\RSIT.exe 2013-11-23 21:59:15 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-11-23 19:38:39 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe 2013-11-23 19:38:07 BB4F6465EEB9ACAA5C60C36983740219 310352 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_4814EB429669E41D.exe 2013-11-23 19:37:51 B9D8842FF3EDAC918039C6F62F322E9A 1073232 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_08875ABF44579E20.exe 2013-11-23 19:36:19 A30351F539D71D6199BD2295CC234E96 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe 2013-11-23 19:01:15 E714A26715478EAC94DEB4514BF68EA2 35300192 ----a-w- C:\Users\mv\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_chrome_installer.exe 2013-11-23 18:55:41 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-11-23 18:55:41 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-11-23 18:55:36 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-11-23 18:52:31 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-11-23 18:52:30 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-11-23 18:52:28 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-11-23 18:52:05 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\mv\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe 2013-11-23 15:31:54 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-11-23 15:31:53 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-11-23 15:31:50 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-11-23 15:19:57 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-11-23 15:19:57 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-11-23 15:19:45 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-11-23 15:19:34 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe === C: other files == 2013-11-23 18:44:42 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys 2013-11-23 18:44:38 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2013-11-23 18:44:29 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-23 18:44:29 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys 2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys 2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-23 18:44:28 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-23 18:44:28 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-23 18:44:21 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-11-23 18:44:08 69A702C66FA35445DCF7DBF9EF32812C 2050048 ----a-w- C:\Windows\System32\win32k.sys 2013-11-23 18:43:40 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_c7f006cc\hidparse.sys 2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys 2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-945066822-134794459-1734349723-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Google Update"="C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Gadwin PrintScreen 2.6"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "SSDMonitor"="C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Google Update"="C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Gadwin PrintScreen 2.6"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eMuleAutoStart] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="eMuleAutoStart" "hkey"="HKCU" "command"="C:\\Users\\mv\\Documents\\eMule0.50a\\eMule0.50a\\emule.exe -AutoStart" ==== Startup Folders ====================== 2012-09-20 14:58:38 1141 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk 2012-09-10 18:45:02 1798 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15-02-2013 21:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15-02-2013 21:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core.job --a------ C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [05-09-2012 15:30] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA.job --a------ C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [05-09-2012 15:30] C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [21-08-2012 13:44] C:\Windows\tasks\RMSchedule.job --a------ C:\AC:\Program Files\PC Tools\PC Tools Registry Mechanic\RegMech.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PC_van_mv-mv" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Go to RoboForm Install page" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOJOJMJOMKMNJOJJJCNNMOMHMHMCNLMPMJMNJCNGMNJLJOMCNJMGMOJOMKJLMOMJMNMLJKJOJJNJICMJMCNOMPMCNPMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPICMLMFMAJBJLILICJFMPMJNHICMAJBJLILICJJNBJCMCJJIJNKJCMJNNICMJNDJCMBJDJ"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core" [C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA" [C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOJOJMJOMKMNJOJJJCNNMOMHMHMCNLMPMJMNJCNGMNJLJOMCNJMGMOJOMKJLMOMJMNMLJKJOJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPICMHMFMEKMICNJJCKFMPMJNHICMAJBJLILICJJNBJCMCJJIJNKJCMJNNICMJNDJCMBJDJ"] "C:\Windows\system32\tasks\RMAutoUpdate" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\system32\tasks\RMSchedule" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\RegMech.exe] "C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{48131D13-030E-46F8-A08A-A830E96C6A21}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [31-08-2012 10:49] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - No path found[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\mv\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\mv\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\mv\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on ma 25-11-2013 at 10:06:51,36 ======================
  4. Logfile of random's system information tool 1.09 (written by random/random) Run by mv at 2013-11-24 20:20:44 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 317 GB (66%) free of 477 GB Total RAM: 3068 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:21:00, on 24-11-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16520) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe C:\Program Files\WinZip\WZQKPICK32.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1NTLFI5\RSIT.exe C:\Program Files\trend micro\mv.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: SpyderUtility.lnk = C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Free YouTube Download - C:\Users\mv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 13735 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA.job C:\Windows\tasks\RMAutoUpdate.job C:\Windows\tasks\RMSchedule.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2012-10-24 3748352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-11-23 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2012-10-24 3748352] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-11-23 194640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2299176] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080] "WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-21 458844] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296] "CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] "KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920] "HPADVISOR"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-08-26 1644088] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] "Google Update"=C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-05 116648] "AdobeBridge"= [] "Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] "RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-10-24 109336] "Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2011-09-07 522752] "KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-03-28 1511792] ""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-03-28 1106288] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Users\mv\Documents\eMule0.50a\eMule0.50a\emule.exe [2012-09-10 5758976] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup SpyderUtility.lnk - C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoInstrumentation"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "msacm.siren"=sirenacm.dll "VIDC.ACDV"=ACDV.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-11-24 20:20:44 ----D---- C:\rsit 2013-11-24 20:20:44 ----D---- C:\Program Files\trend micro 2013-11-23 22:59:21 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-23 22:59:20 ----A---- C:\Windows\system32\vbscript.dll 2013-11-23 22:59:18 ----A---- C:\Windows\system32\jsproxy.dll 2013-11-23 22:59:18 ----A---- C:\Windows\system32\ieUnatt.exe 2013-11-23 22:59:18 ----A---- C:\Windows\system32\ieui.dll 2013-11-23 22:59:17 ----A---- C:\Windows\system32\wininet.dll 2013-11-23 22:59:17 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-23 22:59:16 ----A---- C:\Windows\system32\jscript.dll 2013-11-23 22:59:15 ----A---- C:\Windows\system32\url.dll 2013-11-23 22:59:15 ----A---- C:\Windows\system32\jscript9.dll 2013-11-23 22:59:14 ----A---- C:\Windows\system32\iertutil.dll 2013-11-23 22:59:12 ----A---- C:\Windows\system32\urlmon.dll 2013-11-23 22:59:09 ----A---- C:\Windows\system32\ieframe.dll 2013-11-23 22:59:08 ----A---- C:\Windows\system32\mshtml.dll 2013-11-23 19:47:26 ----A---- C:\Windows\system32\gdi32.dll 2013-11-23 19:44:43 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-11-23 19:44:39 ----A---- C:\Windows\system32\IKEEXT.DLL 2013-11-23 19:44:39 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2013-11-23 19:44:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-11-23 19:44:34 ----A---- C:\Windows\system32\FntCache.dll 2013-11-23 19:44:34 ----A---- C:\Windows\system32\DWrite.dll 2013-11-23 19:44:34 ----A---- C:\Windows\system32\d3d10warp.dll 2013-11-23 19:44:34 ----A---- C:\Windows\system32\d3d10level9.dll 2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10core.dll 2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10_1core.dll 2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10_1.dll 2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10.dll 2013-11-23 19:44:33 ----A---- C:\Windows\system32\d2d1.dll 2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-11-23 19:44:28 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-11-23 19:44:28 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-11-23 19:44:21 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-11-23 19:44:21 ----A---- C:\Windows\system32\cdd.dll 2013-11-23 19:44:14 ----A---- C:\Windows\system32\crypt32.dll 2013-11-23 19:44:08 ----A---- C:\Windows\system32\win32k.sys 2013-11-23 19:43:53 ----A---- C:\Windows\system32\comctl32.dll 2013-11-23 19:43:40 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-11-23 19:43:39 ----A---- C:\Windows\system32\atmfd.dll 2013-11-23 19:43:38 ----A---- C:\Windows\system32\atmlib.dll 2013-11-23 19:43:37 ----A---- C:\Windows\system32\themeui.dll 2013-11-23 19:43:36 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-11-23 19:43:36 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-11-23 16:25:59 ----D---- C:\ProgramData\Oracle 2013-11-23 16:25:18 ----D---- C:\Program Files\Common Files\Java 2013-11-23 16:25:08 ----A---- C:\Windows\system32\javaws.exe 2013-11-23 16:24:31 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2013-11-23 16:24:31 ----A---- C:\Windows\system32\javaw.exe 2013-11-23 16:24:31 ----A---- C:\Windows\system32\java.exe ======List of files/folders modified in the last 1 month====== 2013-11-24 20:20:50 ----D---- C:\Windows\Temp 2013-11-24 20:20:44 ----RD---- C:\Program Files 2013-11-24 19:32:01 ----D---- C:\Windows\rescache 2013-11-24 19:15:52 ----D---- C:\Windows\System32 2013-11-24 19:15:52 ----D---- C:\Windows\inf 2013-11-24 19:15:52 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-24 19:14:43 ----D---- C:\Windows\Microsoft.NET 2013-11-24 19:14:38 ----RSD---- C:\Windows\assembly 2013-11-24 19:13:27 ----HD---- C:\ProgramData 2013-11-24 19:13:27 ----A---- C:\ProgramData\HPWALog.txt 2013-11-24 19:10:02 ----AD---- C:\ProgramData\Temp 2013-11-24 19:05:41 ----D---- C:\Windows 2013-11-24 19:05:20 ----D---- C:\Windows\system32\migration 2013-11-24 19:05:20 ----D---- C:\Windows\system32\drivers 2013-11-24 19:05:19 ----D---- C:\Program Files\Internet Explorer 2013-11-24 19:05:15 ----D---- C:\Windows\system32\nl-NL 2013-11-24 19:05:14 ----D---- C:\Windows\system32\wbem 2013-11-24 19:02:45 ----SHD---- C:\Windows\Installer 2013-11-24 19:02:43 ----SHD---- C:\Config.Msi 2013-11-24 19:00:13 ----SHD---- C:\System Volume Information 2013-11-24 18:56:26 ----D---- C:\Program Files\Microsoft Silverlight 2013-11-23 23:01:09 ----D---- C:\Windows\system32\catroot 2013-11-23 23:00:31 ----D---- C:\Windows\winsxs 2013-11-23 22:59:45 ----D---- C:\Windows\system32\catroot2 2013-11-23 22:58:34 ----A---- C:\Windows\win.ini 2013-11-23 22:55:53 ----D---- C:\Program Files\Microsoft Security Client 2013-11-23 22:55:39 ----D---- C:\Windows\Prefetch 2013-11-23 22:29:49 ----D---- C:\Windows\system32\MRT 2013-11-23 22:27:03 ----D---- C:\Windows\Debug 2013-11-23 16:40:55 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-11-23 16:25:18 ----D---- C:\Program Files\Common Files 2013-11-23 16:24:29 ----D---- C:\Program Files\Java 2013-11-19 11:21:30 ----N---- C:\Windows\system32\MpSigStub.exe 2013-11-12 14:55:45 ----D---- C:\Windows\Minidump 2013-11-07 15:50:18 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648] R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2013-09-10 97008] R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240] R1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys [2013-08-20 330960] R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2013-09-10 148688] R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2013-09-10 222416] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-06 44576] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-10-03 9905096] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 299312] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] S3 Spyder4;Datacolor Spyder4; C:\Windows\system32\DRIVERS\dccmtr.sys [2011-06-02 12288] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-02-22 136904] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-02-22 17864] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-02-22 153672] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-18 16896] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-10 19968] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-26 196624] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728] R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-09-10 1435928] R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [2012-09-29 186760] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [2009-07-21 221266] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-15 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23 257416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-15 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392] -----------------EOF-----------------
  5. Hallo, Mijn laptop is ontzettend traag, kunnen jullie me helpen om het sneller te krijgen. Alvast hartelijk dank Marijke
  6. Heb geprobeerd om het met recuva terug te halen maar dan vind hij niks, heb nu mijn externe harde schijf aan de pc van mijn broer gekoppeld en nu is alles er wel, koppel ik hem daarna weer aan mijn pc dan vind hij niet alle bestanden en dan kan ik hem ook niet veilig verwijderen dan zegt hij dat hij bezig is. (sluit dan eerst de hele pc af en dan pas verwijder ik de externe HD) weet iemand wat er aan de hand is??
  7. Hallo, Ik koppel net mijn externe harde schijf aan de pc en nu is de helft van mijn harde schijf leeg zonder dat ik iets heb verwijderd weet iemand hoe ik dit kan terughalen, er zijn mappen leeg (foto's en Bestanden) de hoofd map is er wel maar er zit niks in. Gr Marijke
  8. Hallo Jion, Ok dan laat ik het zo mijn pc is weer ok geen last meer van irritante pop ups, wil jullie heel hartelijk danken voor de hulp die hebt geboden. Mocht ik in de toekomst weer problemen hebben dan meld ik me wel weer. Zet deze topic op slot. Gr Marijke
  9. Hallo Jion, Ik weet niet of ik iets fout doe maar ik hou 146 fouten over, heb alles gedaan zoals je hebt beschreven en bij de registerscan had ik de eerste keer 480 fouten, dus heb dat meerdere malen gedaan zoals je adviseerde maar na een 20x dit gedaan te hebben hou ik telkens 146 fouten over er staat dan. De bestandsextensie {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} refereert naar een foutief of niet bestaand programma. Deze bestanden worden vaak achter gelaten na het verwijderen van software van uw systeem Oplossing: Verwijder de registerwaarden. Dan klik ik in het kleine schermpje op herstel alle geselecteerde fouten dan ziet ik ze wegvliegen en staat er De applicatie met referentie: Windows.DVD.Maker\shell\Open kan niet worden gevonden. Deze referenties worden vaak achter gelaten na het verwijderen van software van uw systeem Oplossing: Verwijder de registerwaarden. en daaroner fout hersteld. Klik ik dan opnieuw op scan dan krijg ik precies hetzelfde weer in beeld dus nog steeds 146 fouten. Moet ik hier nog iets mee doen of kan ik het zo laten? Gr Marijke
  10. Hallo Jion, Mijn problemen zijn opgelost ik wil je heel hartelijk danken voor het helpen mijn peeceetje loopt weer als een trein Met vriendelijke groet Marijke
  11. En zoals gevraagd ook het anti malware logje Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.11.04.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 maryke :: MARYKE-PC [administrator] 5-11-2013 0:15:10 mbam-log-2013-11-05 (00-15-10).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 221248 Verstreken tijd: 3 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 8508129373711480166948421966123931240 -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Windows\Installer\3233a14.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  12. Hallo Hierbij het logbestand van adwcleaner [ATTACH]28786[/ATTACH] AdwCleaner[S0].txt
  13. hierbij stuur ik je het gevraagde logbestandje. Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by maryke on ma 04-11-2013 at 16:52:10,64. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maryke\Desktop\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-04-151959.log 24834 bytes ==== Deleting Files \ Folders ====================== C:\Windows\Sysnative\Tasks\WinZip Malware Protector_startup deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector deleted C:\ProgramData\Nico Mak Computing\WinZip Malware Protector deleted ==== EOF on ma 04-11-2013 at 16:52:52,81 ======================
  14. Hallo, hierbij voeg ik mijn logje in. Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by maryke on ma 04-11-2013 at 15:53:50,13. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maryke\Desktop\zoek.exe [script inserted] ==== System Restore Info ====================== 4-11-2013 15:54:53 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util qualitink deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util qualitink deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\SweetIM deleted C:\Program Files (x86)\Torntv 2 deleted C:\Program Files (x86)\TornTV.com deleted C:\PROGRA~2\BonanzaDeals deleted C:\PROGRA~2\BonanzaDealsLive deleted C:\PROGRA~2\RegClean Pro deleted C:\PROGRA~2\hosts deleted C:\PROGRA~2\WebConnect deleted C:\PROGRA~2\WinZip Malware Protector deleted C:\Users\maryke\AppData\Roaming\Registry Mechanic deleted C:\ProgramData\APN deleted C:\ProgramData\BonanzaDealsLive deleted C:\Users\maryke\AppData\Local\BonanzaDealsLive deleted C:\Users\maryke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\SysNative\wsusnative64.exe deleted C:\Users\maryke\AppData\LocalLow\SweetIM deleted C:\Windows\tasks\Torntv 2-codedownloader.job deleted C:\windows\SysNative\tasks\Torntv 2-codedownloader deleted "C:\Program Files (x86)\qualitink\updatequalitink.exe" deleted "C:\PROGRA~2\qualitink\updatequalitink.exe" deleted "C:\Program Files (x86)\qualitink\bin\utilqualitink.exe" deleted "C:\PROGRA~2\qualitink\bin\utilqualitink.exe" deleted "C:\Program Files (x86)\qualitink" not deleted "C:\PROGRA~2\qualitink" not deleted "C:\Program Files (x86)\qualitink\bin" not deleted "C:\PROGRA~2\qualitink\bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\maryke\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-11-04 10:59:46 !HASH: COULD NOT OPEN FILE !!!!! 104867914 ----a-w- C:\Windows\SysWOW64\???µ 2013-11-01 05:25:05 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\SysWOW64\RaCoInst.dat 2013-11-01 05:24:42 B75546BCB1205B2DB68A3DAD400BE323 127488 ----a-w- C:\Windows\SysWOW64\RAEXTUI.dll 2013-11-01 05:24:42 325470B2C9C3E4B6144BAA026B6BE842 1115136 ----a-w- C:\Windows\SysWOW64\RAIHV.dll 2013-11-01 05:24:42 2B6AD8152E878FD7133B4E5061F6C275 451 ----a-w- C:\Windows\SysWOW64\DiagFunc.ini 2013-11-01 05:24:41 7E9CF7E47C835759F3F38C42A53D7EC8 792416 ----a-w- C:\Windows\SysWOW64\DiagFunc.dll 2013-11-01 05:24:41 2D20E70AAF29452AB081301E16993B30 1608768 ----a-w- C:\Windows\SysWOW64\RaCertMgr.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-11-01 05:25:05 9EF10F91F7FE1537521FAB2225D0172C 327008 ----a-w- C:\Windows\Sysnative\RaCoInstx.dll 2013-11-01 05:25:05 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\Sysnative\RaCoInst.dat 2013-11-01 05:24:42 EAB23AC006BF96114D82A634CAD5015E 2403392 ----a-w- C:\Windows\Sysnative\RaCertMgr.dll 2013-11-01 05:24:42 B75546BCB1205B2DB68A3DAD400BE323 127488 ----a-w- C:\Windows\Sysnative\RAEXTUI.dll 2013-11-01 05:24:42 325470B2C9C3E4B6144BAA026B6BE842 1115136 ----a-w- C:\Windows\Sysnative\RAIHV.dll 2013-11-01 05:24:42 2B6AD8152E878FD7133B4E5061F6C275 451 ----a-w- C:\Windows\Sysnative\DiagFunc.ini 2013-11-01 05:24:41 7E9CF7E47C835759F3F38C42A53D7EC8 792416 ----a-w- C:\Windows\Sysnative\DiagFunc.dll ====== C:\Windows\Sysnative\drivers ===== 2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\Windows\Sysnative\drivers\netr28ux.sys 2013-10-10 05:57:16 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-10 05:57:16 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-10 05:57:15 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-10 05:57:15 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-10 05:57:15 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-10 05:57:13 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-10 05:57:11 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-10 05:57:11 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-10 05:56:59 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2013-10-29 21:34:52 1397E40B97F7549879F15DF28888AB88 3116 ----a-w- C:\Windows\Sysnative\Tasks\WinZip Malware Protector_startup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-04 13:52:44 -------- d-----w- C:\Program Files\trend micro 2013-10-22 19:56:52 -------- d-----w- C:\Program Files\Common Files\Protexis 2013-10-22 19:56:19 -------- d-----w- C:\Program Files\Corel ======= C:\PROGRA~2 ===== 2013-11-01 05:24:49 -------- d-----w- C:\PROGRA~2\Cisco 2013-11-01 05:24:41 -------- d-----w- C:\PROGRA~2\Sitecom 2013-10-22 19:55:56 -------- d-----w- C:\PROGRA~2\COMMON~1\Protexis 2013-10-22 19:54:46 -------- d-----w- C:\PROGRA~2\Corel 2013-10-22 19:48:56 -------- d-----w- C:\PROGRA~2\qualitink ======= C: ===== ====== C:\Users\maryke\AppData\Roaming ====== 2013-11-01 05:23:54 -------- d-----w- C:\Users\maryke\AppData\Roaming\InstallShield 2013-10-29 21:34:41 -------- d-----w- C:\Users\maryke\AppData\Roaming\Nico Mak Computing 2013-10-22 19:57:56 -------- d-----w- C:\Users\maryke\AppData\Roaming\Ulead Systems 2013-10-22 19:57:56 -------- d-----w- C:\Users\maryke\AppData\Local\Corel PaintShop Pro 2013-10-22 19:49:22 E8F99CDD55A6114AB934C8B49BF0C9FC 7436 ----a-w- C:\Users\maryke\AppData\Locallow\SkwConfig.bin ====== C:\Users\maryke ====== 2013-11-04 13:50:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\maryke\Desktop\RSITx64.exe 2013-11-01 05:28:34 -------- d-----w- C:\ProgramData\Ralink 2013-11-01 05:25:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sitecom Wireless 2013-11-01 05:25:05 -------- d-----w- C:\ProgramData\Sitecom Driver 2013-10-29 21:34:38 -------- d-----w- C:\ProgramData\Nico Mak Computing 2013-10-29 21:34:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2013-10-22 19:55:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6 ====== C: exe-files == 2013-11-04 13:52:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maryke.exe 2013-11-04 13:50:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\maryke\Desktop\RSITx64.exe 2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\RaMediaServer\RaMediaServer.exe 2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\RaMediaServer\64\RaMediaServer.exe 2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaMediaServer.exe 2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\Common\64\RaMediaServer.exe 2013-11-01 05:25:23 F4C083E290BCBC8DA05C6E2C7F8053B9 372736 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Service\RaRegistry.exe 2013-11-01 05:25:23 F4C083E290BCBC8DA05C6E2C7F8053B9 372736 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe 2013-11-01 05:25:23 C3B515559046A89BB0E0F2CEEF73CABC 447488 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Service\RaRegistry64.exe 2013-11-01 05:25:23 C3B515559046A89BB0E0F2CEEF73CABC 447488 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe 2013-11-01 05:25:21 D8B54F8CA3DF644F6F96E416ABD3EB1C 12441088 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaUI.exe 2013-11-01 05:25:19 D8B54F8CA3DF644F6F96E416ABD3EB1C 12441088 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Utility\RaUI.exe 2013-11-01 05:25:05 81CC2BF1F5AC4A7BAF0AD1EEC89C752F 907552 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\RaInst64.exe 2013-11-01 05:24:41 F6E913A95E6357B7A14A90A1FBE3F3BC 53088 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\RaIOx64.exe 2013-11-01 05:24:41 F6E913A95E6357B7A14A90A1FBE3F3BC 53088 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\VistaSupplicant\X64\RaIOx64.exe 2013-11-01 05:24:41 A205551E7BA8580D2C0FF896A4D79FA9 460248 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe 2013-10-30 06:20:16 AE88282D08916C00A324F6A269924EA9 1291696 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe === C: other files == 2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\Windows\System32\drivers\netr28ux.sys 2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\netr28ux.sys 2013-10-29 21:35:05 5B87FE21740695FA95A5FFE44F1B1E49 307752 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1557update.zip 2013-10-29 21:35:05 42C4843AFDC801EE2C0698768E948399 1486 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1556update.zip 2013-10-29 21:35:05 0C2FF8D52F6C4FBC7A2B33C608FEA528 207853 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1555update.zip 2013-10-29 21:35:04 E7C8D807749E9A371F27891A2308CD77 1483 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1553update.zip 2013-10-29 21:35:04 72F9783C4A5A23DF665DCF68B631FEA3 1483 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1554update.zip 2013-10-29 21:35:03 3D0ED91A23E7E51C72B263B2EB97B3C9 1383775 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1552mupdate.zip 2013-10-29 21:34:54 BBE9229D5C64DB6A669C0B0618725E40 12472047 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1545completedatabase.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "Google Update"="C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "Google Update"="C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv] ==== Startup Folders ====================== 2013-11-01 05:25:23 1999 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk 2013-09-24 08:56:46 1366 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-10-2013 21:02] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000Core.job --a------ C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe [26-08-2012 10:13] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000UA.job --a------ C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe [26-08-2012 10:13] C:\Windows\tasks\RMAutoUpdate.job --a------ C:JC:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [] C:\Windows\tasks\RMSchedule.job --a------ C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\RegMech.exe [21-08-2012 13:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Go to RoboForm Install page" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "RoboForm Tutorials"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000Core" [C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000UA" [C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\RegMech.exe] "C:\Windows\SysNative\tasks\Run RoboForm TaskBar Icon" [C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\SysNative\tasks\WinZip Malware Protector_startup" [C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe] ==== Firefox Extensions ====================== ExtDir: C:\Users\maryke\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\maryke\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[] ljkcijnbckdflhifmbnfnkjacokloacf - No path found[] hosts - maryke - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa Torntv 3 - maryke - Profile 2\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj ==== Chrome Fix ====================== C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljkcijnbckdflhifmbnfnkjacokloacf_0.localstorage deleted successfully C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=8508129373711480166948421966123931240" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=8508129373711480166948421966123931240" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{EEE6C360-6118-11DC-9C72-001320C79847}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\maryke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\maryke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\maryke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\qualitink" not found "C:\PROGRA~2\qualitink" not found ==== EOF on ma 04-11-2013 at 16:19:59,74 ======================
  15. Hallo, Zou iemand mij kunnen helpen als ik IE opdoe dan verschijnt er steeds irritante reclame links aan de zijkant, onderaan en rechtsonder. Links komt er een breed scherm van boven naar beneden met Related Searches, onder in een reclame van Trust en rechtsonder steeds een melding dat mijn harde schijf bijna vol is en ik iets kan downloaden om mijn pc sneller te maken en op te ruimen. ik stop hierbij gelijk de rsit files. [ATTACH]28779[/ATTACH] [ATTACH]28780[/ATTACH] Bij voorbaat dank Marijke log.txt info.txt
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.