memke39
-
Items
15 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door memke39
-
-
Hallo Mako,
Hieronder vind je het log van malwarebytes.
Andere log volgt zo meteen.
Gr Marijke
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
Databaseversie: v2013.11.25.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
mv :: PC_VAN_MV [administrator]
Bescherming: Ingeschakeld
25-11-2013 19:04:28
mbam-log-2013-11-25 (19-04-28).txt
Scan type: Volledige scan (C:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 454173
Verstreken tijd: 3 uur/uren, 21 minuut/minuten, 5 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 4
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 7
C:\Program Files\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.2\keygen.exe (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\Photodex\ProShow Producer\Proshow.Producer.v5.0.3256-patch-RES.exe (Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\mv\Downloads\Corel Paintshop Photo Pro X4 14.1.0.5 NL\Crack\Crack\Crack.exe (RiskWare.Tool.HCK) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\zoek_backup\C_Users_mv_Downloads_iLividSetup-r338-n-bi.exe.vir (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\zoek_backup\C_Users_mv_Downloads_iLividSetup.exe.vir (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Halo Mako, hieronder vind je het log
gr Marijke
Zoek.exe Version 4.0.0.5 Updated 24-November-2013
Tool run by mv on ma 25-11-2013 at 9:34:03,35.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mv\Desktop\zoek.exe [script inserted]
==== System Restore Info ======================
25-11-2013 9:37:02 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-945066822-134794459-1734349723-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\MyFree Codec deleted
C:\Program Files\Wondershare deleted
C:\Users\mv\AppData\Roaming\Babylon deleted
C:\Users\mv\AppData\Roaming\Registry Mechanic deleted
C:\Users\mv\AppData\Roaming\OpenCandy deleted
C:\ProgramData\Babylon deleted
C:\Users\mv\AppData\Local\iLivid deleted
C:\Users\mv\AppData\Local\PackageAware deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\mv\Downloads\iLividSetup-r338-n-bi.exe deleted
C:\Users\mv\Downloads\iLividSetup.exe deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\mv\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2013-11-23 21:59:21 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-23 21:59:21 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll
2013-11-23 21:59:20 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll
2013-11-23 21:59:18 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-23 21:59:18 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll
2013-11-23 21:59:18 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll
2013-11-23 21:59:17 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll
2013-11-23 21:59:17 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll
2013-11-23 21:59:16 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll
2013-11-23 21:59:15 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-23 21:59:15 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll
2013-11-23 21:59:14 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll
2013-11-23 21:59:12 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll
2013-11-23 21:59:12 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-23 21:59:09 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll
2013-11-23 21:59:08 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll
2013-11-23 18:47:26 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-23 18:44:43 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-11-23 18:44:39 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-23 18:44:39 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-23 18:44:39 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF
2013-11-23 18:44:34 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-11-23 18:44:34 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll
2013-11-23 18:44:34 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-11-23 18:44:34 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll
2013-11-23 18:44:33 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll
2013-11-23 18:44:33 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll
2013-11-23 18:44:33 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-11-23 18:44:33 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll
2013-11-23 18:44:33 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-11-23 18:44:21 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll
2013-11-23 18:44:14 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll
2013-11-23 18:44:08 69A702C66FA35445DCF7DBF9EF32812C 2050048 ----a-w- C:\Windows\System32\win32k.sys
2013-11-23 18:43:53 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll
2013-11-23 18:43:39 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll
2013-11-23 18:43:38 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll
2013-11-23 18:43:37 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll
2013-11-23 15:25:08 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-11-23 15:24:31 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-11-23 15:24:31 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-11-23 15:24:31 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
2013-11-23 18:44:38 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2013-11-23 18:44:29 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-23 18:44:29 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-23 18:44:28 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-23 18:44:28 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-23 18:44:21 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-11-23 18:43:40 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-11-24 19:20:44 -------- d-----w- C:\Program Files\trend micro
2013-11-23 15:25:18 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\mv\AppData\Roaming ======
====== C:\Users\mv ======
2013-11-23 15:25:59 -------- d-----w- C:\ProgramData\Oracle
2013-11-23 15:24:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
2013-11-24 19:20:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\mv.exe
2013-11-24 19:20:17 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1NTLFI5\RSIT.exe
2013-11-23 21:59:15 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-11-23 19:38:39 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe
2013-11-23 19:38:07 BB4F6465EEB9ACAA5C60C36983740219 310352 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_4814EB429669E41D.exe
2013-11-23 19:37:51 B9D8842FF3EDAC918039C6F62F322E9A 1073232 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_08875ABF44579E20.exe
2013-11-23 19:36:19 A30351F539D71D6199BD2295CC234E96 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe
2013-11-23 19:01:15 E714A26715478EAC94DEB4514BF68EA2 35300192 ----a-w- C:\Users\mv\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_chrome_installer.exe
2013-11-23 18:55:41 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-11-23 18:55:41 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-11-23 18:55:36 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-11-23 18:52:31 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-11-23 18:52:30 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-11-23 18:52:28 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\mv\AppData\Local\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-11-23 18:52:05 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\mv\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-11-23 15:31:54 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-11-23 15:31:53 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-11-23 15:31:50 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-11-23 15:19:57 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-11-23 15:19:57 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-11-23 15:19:45 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-11-23 15:19:34 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
=== C: other files ==
2013-11-23 18:44:42 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys
2013-11-23 18:44:38 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2013-11-23 18:44:29 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-23 18:44:29 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys
2013-11-23 18:44:29 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys
2013-11-23 18:44:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-23 18:44:28 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-23 18:44:28 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-23 18:44:21 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-11-23 18:44:08 69A702C66FA35445DCF7DBF9EF32812C 2050048 ----a-w- C:\Windows\System32\win32k.sys
2013-11-23 18:43:40 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_c7f006cc\hidparse.sys
2013-11-23 18:43:36 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys
2013-11-23 18:43:36 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-21-945066822-134794459-1734349723-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY"
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Gadwin PrintScreen 2.6"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0"
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"
"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"SSDMonitor"="C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY"
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Gadwin PrintScreen 2.6"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eMuleAutoStart]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eMuleAutoStart"
"hkey"="HKCU"
"command"="C:\\Users\\mv\\Documents\\eMule0.50a\\eMule0.50a\\emule.exe -AutoStart"
==== Startup Folders ======================
2012-09-20 14:58:38 1141 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
2012-09-10 18:45:02 1798 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15-02-2013 21:37]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15-02-2013 21:37]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core.job --a------ C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [05-09-2012 15:30]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA.job --a------ C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [05-09-2012 15:30]
C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [21-08-2012 13:44]
C:\Windows\tasks\RMSchedule.job --a------ C:\AC:\Program Files\PC Tools\PC Tools Registry Mechanic\RegMech.exe []
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PC_van_mv-mv" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\Go to RoboForm Install page" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOJOJMJOMKMNJOJJJCNNMOMHMHMCNLMPMJMNJCNGMNJLJOMCNJMGMOJOMKJLMOMJMNMLJKJOJJNJICMJMCNOMPMCNPMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPICMLMFMAJBJLILICJFMPMJNHICMAJBJLILICJJNBJCMCJJIJNKJCMJNNICMJNDJCMBJDJ"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core" [C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA" [C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOJOJMJOMKMNJOJJJCNNMOMHMHMCNLMPMJMNJCNGMNJLJOMCNJMGMOJOMKJLMOMJMNMLJKJOJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPICMHMFMEKMICNJJCKFMPMJNHICMAJBJLILICJJNBJCMCJJIJNKJCMJNNICMJNDJCMBJDJ"]
"C:\Windows\system32\tasks\RMAutoUpdate" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe]
"C:\Windows\system32\tasks\RMSchedule" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\RegMech.exe]
"C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{48131D13-030E-46F8-A08A-A830E96C6A21}" [C:\Windows\system32\msfeedssync.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [31-08-2012 10:49]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\mv\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\mv\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\mv\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on ma 25-11-2013 at 10:06:51,36 ======================
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by mv at 2013-11-24 20:20:44
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 317 GB (66%) free of 477 GB
Total RAM: 3068 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:00, on 24-11-2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\mv\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1NTLFI5\RSIT.exe
C:\Program Files\trend micro\mv.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: SpyderUtility.lnk = C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\mv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 13735 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945066822-134794459-1734349723-1000UA.job
C:\Windows\tasks\RMAutoUpdate.job
C:\Windows\tasks\RMSchedule.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2012-10-24 3748352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-11-23 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2012-10-24 3748352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-11-23 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2299176]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-21 458844]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"HPADVISOR"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-08-26 1644088]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"Google Update"=C:\Users\mv\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-05 116648]
"AdobeBridge"= []
"Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-10-24 109336]
"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2011-09-07 522752]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-03-28 1511792]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-03-28 1106288]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Users\mv\Documents\eMule0.50a\eMule0.50a\emule.exe [2012-09-10 5758976]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SpyderUtility.lnk - C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-11-24 20:20:44 ----D---- C:\rsit
2013-11-24 20:20:44 ----D---- C:\Program Files\trend micro
2013-11-23 22:59:21 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-23 22:59:20 ----A---- C:\Windows\system32\vbscript.dll
2013-11-23 22:59:18 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-23 22:59:18 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-23 22:59:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-23 22:59:17 ----A---- C:\Windows\system32\wininet.dll
2013-11-23 22:59:17 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-23 22:59:16 ----A---- C:\Windows\system32\jscript.dll
2013-11-23 22:59:15 ----A---- C:\Windows\system32\url.dll
2013-11-23 22:59:15 ----A---- C:\Windows\system32\jscript9.dll
2013-11-23 22:59:14 ----A---- C:\Windows\system32\iertutil.dll
2013-11-23 22:59:12 ----A---- C:\Windows\system32\urlmon.dll
2013-11-23 22:59:09 ----A---- C:\Windows\system32\ieframe.dll
2013-11-23 22:59:08 ----A---- C:\Windows\system32\mshtml.dll
2013-11-23 19:47:26 ----A---- C:\Windows\system32\gdi32.dll
2013-11-23 19:44:43 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-23 19:44:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-23 19:44:39 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-23 19:44:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-11-23 19:44:34 ----A---- C:\Windows\system32\FntCache.dll
2013-11-23 19:44:34 ----A---- C:\Windows\system32\DWrite.dll
2013-11-23 19:44:34 ----A---- C:\Windows\system32\d3d10warp.dll
2013-11-23 19:44:34 ----A---- C:\Windows\system32\d3d10level9.dll
2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10core.dll
2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10_1.dll
2013-11-23 19:44:33 ----A---- C:\Windows\system32\d3d10.dll
2013-11-23 19:44:33 ----A---- C:\Windows\system32\d2d1.dll
2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-11-23 19:44:29 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-11-23 19:44:28 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-11-23 19:44:28 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-11-23 19:44:21 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-11-23 19:44:21 ----A---- C:\Windows\system32\cdd.dll
2013-11-23 19:44:14 ----A---- C:\Windows\system32\crypt32.dll
2013-11-23 19:44:08 ----A---- C:\Windows\system32\win32k.sys
2013-11-23 19:43:53 ----A---- C:\Windows\system32\comctl32.dll
2013-11-23 19:43:40 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-11-23 19:43:39 ----A---- C:\Windows\system32\atmfd.dll
2013-11-23 19:43:38 ----A---- C:\Windows\system32\atmlib.dll
2013-11-23 19:43:37 ----A---- C:\Windows\system32\themeui.dll
2013-11-23 19:43:36 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-11-23 19:43:36 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-11-23 16:25:59 ----D---- C:\ProgramData\Oracle
2013-11-23 16:25:18 ----D---- C:\Program Files\Common Files\Java
2013-11-23 16:25:08 ----A---- C:\Windows\system32\javaws.exe
2013-11-23 16:24:31 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-11-23 16:24:31 ----A---- C:\Windows\system32\javaw.exe
2013-11-23 16:24:31 ----A---- C:\Windows\system32\java.exe
======List of files/folders modified in the last 1 month======
2013-11-24 20:20:50 ----D---- C:\Windows\Temp
2013-11-24 20:20:44 ----RD---- C:\Program Files
2013-11-24 19:32:01 ----D---- C:\Windows\rescache
2013-11-24 19:15:52 ----D---- C:\Windows\System32
2013-11-24 19:15:52 ----D---- C:\Windows\inf
2013-11-24 19:15:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-24 19:14:43 ----D---- C:\Windows\Microsoft.NET
2013-11-24 19:14:38 ----RSD---- C:\Windows\assembly
2013-11-24 19:13:27 ----HD---- C:\ProgramData
2013-11-24 19:13:27 ----A---- C:\ProgramData\HPWALog.txt
2013-11-24 19:10:02 ----AD---- C:\ProgramData\Temp
2013-11-24 19:05:41 ----D---- C:\Windows
2013-11-24 19:05:20 ----D---- C:\Windows\system32\migration
2013-11-24 19:05:20 ----D---- C:\Windows\system32\drivers
2013-11-24 19:05:19 ----D---- C:\Program Files\Internet Explorer
2013-11-24 19:05:15 ----D---- C:\Windows\system32\nl-NL
2013-11-24 19:05:14 ----D---- C:\Windows\system32\wbem
2013-11-24 19:02:45 ----SHD---- C:\Windows\Installer
2013-11-24 19:02:43 ----SHD---- C:\Config.Msi
2013-11-24 19:00:13 ----SHD---- C:\System Volume Information
2013-11-24 18:56:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-11-23 23:01:09 ----D---- C:\Windows\system32\catroot
2013-11-23 23:00:31 ----D---- C:\Windows\winsxs
2013-11-23 22:59:45 ----D---- C:\Windows\system32\catroot2
2013-11-23 22:58:34 ----A---- C:\Windows\win.ini
2013-11-23 22:55:53 ----D---- C:\Program Files\Microsoft Security Client
2013-11-23 22:55:39 ----D---- C:\Windows\Prefetch
2013-11-23 22:29:49 ----D---- C:\Windows\system32\MRT
2013-11-23 22:27:03 ----D---- C:\Windows\Debug
2013-11-23 16:40:55 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-23 16:25:18 ----D---- C:\Program Files\Common Files
2013-11-23 16:24:29 ----D---- C:\Program Files\Java
2013-11-19 11:21:30 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-12 14:55:45 ----D---- C:\Windows\Minidump
2013-11-07 15:50:18 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2013-09-10 97008]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys [2013-08-20 330960]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2013-09-10 148688]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2013-09-10 222416]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-06 44576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-10-03 9905096]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 299312]
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 Spyder4;Datacolor Spyder4; C:\Windows\system32\DRIVERS\dccmtr.sys [2011-06-02 12288]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-02-22 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-02-22 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-02-22 153672]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-18 16896]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-04-10 19968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-26 196624]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-09-10 1435928]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [2012-09-29 186760]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [2009-07-21 221266]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23 257416]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-15 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
-----------------EOF-----------------
-
Hallo,
Mijn laptop is ontzettend traag, kunnen jullie me helpen om het sneller te krijgen.
Alvast hartelijk dank
Marijke
-
Heb geprobeerd om het met recuva terug te halen maar dan vind hij niks, heb nu mijn externe harde schijf aan de pc van mijn broer gekoppeld en nu is alles er wel, koppel ik hem daarna weer aan mijn pc dan vind hij niet alle bestanden en dan kan ik hem ook niet veilig verwijderen dan zegt hij dat hij bezig is. (sluit dan eerst de hele pc af en dan pas verwijder ik de externe HD) weet iemand wat er aan de hand is??
-
Hallo,
Ik koppel net mijn externe harde schijf aan de pc en nu is de helft van mijn harde schijf leeg zonder dat ik iets heb verwijderd weet iemand hoe ik dit kan terughalen, er zijn mappen leeg (foto's en Bestanden) de hoofd map is er wel maar er zit niks in.
Gr Marijke
-
Hallo Jion,
Ok dan laat ik het zo mijn pc is weer ok geen last meer van irritante pop ups, wil jullie heel hartelijk danken voor de hulp die hebt geboden.
Mocht ik in de toekomst weer problemen hebben dan meld ik me wel weer.
Zet deze topic op slot.
Gr Marijke
-
Hallo Jion,
Ik weet niet of ik iets fout doe maar ik hou 146 fouten over, heb alles gedaan zoals je hebt beschreven en bij de registerscan had ik de eerste keer 480 fouten, dus heb dat meerdere malen gedaan zoals je adviseerde maar na een 20x dit gedaan te hebben hou ik telkens 146 fouten over er staat dan.
De bestandsextensie {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} refereert naar een foutief of niet bestaand programma. Deze bestanden worden vaak achter gelaten na het verwijderen van software van uw systeem
Oplossing: Verwijder de registerwaarden.
Dan klik ik in het kleine schermpje op herstel alle geselecteerde fouten dan ziet ik ze wegvliegen en staat er
De applicatie met referentie: Windows.DVD.Maker\shell\Open kan niet worden gevonden. Deze referenties worden vaak achter gelaten na het verwijderen van software van uw systeem
Oplossing: Verwijder de registerwaarden.
en daaroner fout hersteld.
Klik ik dan opnieuw op scan dan krijg ik precies hetzelfde weer in beeld dus nog steeds 146 fouten.
Moet ik hier nog iets mee doen of kan ik het zo laten?
Gr Marijke
-
Hallo Jion,
Mijn problemen zijn opgelost ik wil je heel hartelijk danken voor het helpen mijn peeceetje loopt weer als een trein
Met vriendelijke groet Marijke
-
En zoals gevraagd ook het anti malware logje
Malwarebytes Anti-Malware 1.75.0.1300
Databaseversie: v2013.11.04.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
maryke :: MARYKE-PC [administrator]
5-11-2013 0:15:10
mbam-log-2013-11-05 (00-15-10).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 221248
Verstreken tijd: 3 minuut/minuten, 3 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 8508129373711480166948421966123931240 -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Windows\Installer\3233a14.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
-
hierbij stuur ik je het gevraagde logbestandje.
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by maryke on ma 04-11-2013 at 16:52:10,64.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\maryke\Desktop\zoek.exe [script inserted]
==== Older Logs ======================
C:\zoek-results2013-11-04-151959.log 24834 bytes
==== Deleting Files \ Folders ======================
C:\Windows\Sysnative\Tasks\WinZip Malware Protector_startup deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector deleted
C:\ProgramData\Nico Mak Computing\WinZip Malware Protector deleted
==== EOF on ma 04-11-2013 at 16:52:52,81 ======================
-
Hallo, hierbij voeg ik mijn logje in.
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by maryke on ma 04-11-2013 at 15:53:50,13.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\maryke\Desktop\zoek.exe [script inserted]
==== System Restore Info ======================
4-11-2013 15:54:53 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util qualitink deleted successfully
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\SweetIM deleted
C:\Program Files (x86)\Torntv 2 deleted
C:\Program Files (x86)\TornTV.com deleted
C:\PROGRA~2\BonanzaDeals deleted
C:\PROGRA~2\BonanzaDealsLive deleted
C:\PROGRA~2\RegClean Pro deleted
C:\PROGRA~2\hosts deleted
C:\PROGRA~2\WebConnect deleted
C:\PROGRA~2\WinZip Malware Protector deleted
C:\Users\maryke\AppData\Roaming\Registry Mechanic deleted
C:\ProgramData\APN deleted
C:\ProgramData\BonanzaDealsLive deleted
C:\Users\maryke\AppData\Local\BonanzaDealsLive deleted
C:\Users\maryke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted
C:\Windows\SysNative\wsusnative64.exe deleted
C:\Users\maryke\AppData\LocalLow\SweetIM deleted
C:\Windows\tasks\Torntv 2-codedownloader.job deleted
C:\windows\SysNative\tasks\Torntv 2-codedownloader deleted
"C:\Program Files (x86)\qualitink\updatequalitink.exe" deleted
"C:\PROGRA~2\qualitink\updatequalitink.exe" deleted
"C:\Program Files (x86)\qualitink\bin\utilqualitink.exe" deleted
"C:\PROGRA~2\qualitink\bin\utilqualitink.exe" deleted
"C:\Program Files (x86)\qualitink" not deleted
"C:\PROGRA~2\qualitink" not deleted
"C:\Program Files (x86)\qualitink\bin" not deleted
"C:\PROGRA~2\qualitink\bin" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\maryke\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-11-04 10:59:46 !HASH: COULD NOT OPEN FILE !!!!! 104867914 ----a-w- C:\Windows\SysWOW64\???µ
2013-11-01 05:25:05 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\SysWOW64\RaCoInst.dat
2013-11-01 05:24:42 B75546BCB1205B2DB68A3DAD400BE323 127488 ----a-w- C:\Windows\SysWOW64\RAEXTUI.dll
2013-11-01 05:24:42 325470B2C9C3E4B6144BAA026B6BE842 1115136 ----a-w- C:\Windows\SysWOW64\RAIHV.dll
2013-11-01 05:24:42 2B6AD8152E878FD7133B4E5061F6C275 451 ----a-w- C:\Windows\SysWOW64\DiagFunc.ini
2013-11-01 05:24:41 7E9CF7E47C835759F3F38C42A53D7EC8 792416 ----a-w- C:\Windows\SysWOW64\DiagFunc.dll
2013-11-01 05:24:41 2D20E70AAF29452AB081301E16993B30 1608768 ----a-w- C:\Windows\SysWOW64\RaCertMgr.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-11-01 05:25:05 9EF10F91F7FE1537521FAB2225D0172C 327008 ----a-w- C:\Windows\Sysnative\RaCoInstx.dll
2013-11-01 05:25:05 221494C29E9F4B6D02514CA29F2A3A4E 14119 ----a-w- C:\Windows\Sysnative\RaCoInst.dat
2013-11-01 05:24:42 EAB23AC006BF96114D82A634CAD5015E 2403392 ----a-w- C:\Windows\Sysnative\RaCertMgr.dll
2013-11-01 05:24:42 B75546BCB1205B2DB68A3DAD400BE323 127488 ----a-w- C:\Windows\Sysnative\RAEXTUI.dll
2013-11-01 05:24:42 325470B2C9C3E4B6144BAA026B6BE842 1115136 ----a-w- C:\Windows\Sysnative\RAIHV.dll
2013-11-01 05:24:42 2B6AD8152E878FD7133B4E5061F6C275 451 ----a-w- C:\Windows\Sysnative\DiagFunc.ini
2013-11-01 05:24:41 7E9CF7E47C835759F3F38C42A53D7EC8 792416 ----a-w- C:\Windows\Sysnative\DiagFunc.dll
====== C:\Windows\Sysnative\drivers =====
2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\Windows\Sysnative\drivers\netr28ux.sys
2013-10-10 05:57:16 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-10 05:57:16 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-10 05:57:15 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-10 05:57:15 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-10 05:57:15 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-10 05:57:13 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-10 05:57:11 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-10 05:57:11 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-10-10 05:56:59 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
2013-10-29 21:34:52 1397E40B97F7549879F15DF28888AB88 3116 ----a-w- C:\Windows\Sysnative\Tasks\WinZip Malware Protector_startup
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-11-04 13:52:44 -------- d-----w- C:\Program Files\trend micro
2013-10-22 19:56:52 -------- d-----w- C:\Program Files\Common Files\Protexis
2013-10-22 19:56:19 -------- d-----w- C:\Program Files\Corel
======= C:\PROGRA~2 =====
2013-11-01 05:24:49 -------- d-----w- C:\PROGRA~2\Cisco
2013-11-01 05:24:41 -------- d-----w- C:\PROGRA~2\Sitecom
2013-10-22 19:55:56 -------- d-----w- C:\PROGRA~2\COMMON~1\Protexis
2013-10-22 19:54:46 -------- d-----w- C:\PROGRA~2\Corel
2013-10-22 19:48:56 -------- d-----w- C:\PROGRA~2\qualitink
======= C: =====
====== C:\Users\maryke\AppData\Roaming ======
2013-11-01 05:23:54 -------- d-----w- C:\Users\maryke\AppData\Roaming\InstallShield
2013-10-29 21:34:41 -------- d-----w- C:\Users\maryke\AppData\Roaming\Nico Mak Computing
2013-10-22 19:57:56 -------- d-----w- C:\Users\maryke\AppData\Roaming\Ulead Systems
2013-10-22 19:57:56 -------- d-----w- C:\Users\maryke\AppData\Local\Corel PaintShop Pro
2013-10-22 19:49:22 E8F99CDD55A6114AB934C8B49BF0C9FC 7436 ----a-w- C:\Users\maryke\AppData\Locallow\SkwConfig.bin
====== C:\Users\maryke ======
2013-11-04 13:50:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\maryke\Desktop\RSITx64.exe
2013-11-01 05:28:34 -------- d-----w- C:\ProgramData\Ralink
2013-11-01 05:25:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sitecom Wireless
2013-11-01 05:25:05 -------- d-----w- C:\ProgramData\Sitecom Driver
2013-10-29 21:34:38 -------- d-----w- C:\ProgramData\Nico Mak Computing
2013-10-29 21:34:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2013-10-22 19:55:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6
====== C: exe-files ==
2013-11-04 13:52:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maryke.exe
2013-11-04 13:50:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\maryke\Desktop\RSITx64.exe
2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\RaMediaServer\RaMediaServer.exe
2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\RaMediaServer\64\RaMediaServer.exe
2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaMediaServer.exe
2013-11-01 05:25:24 ACCFA0846D9C7BD6A9F506982B812A5C 625728 ----a-w- C:\Program Files (x86)\Sitecom\Common\64\RaMediaServer.exe
2013-11-01 05:25:23 F4C083E290BCBC8DA05C6E2C7F8053B9 372736 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Service\RaRegistry.exe
2013-11-01 05:25:23 F4C083E290BCBC8DA05C6E2C7F8053B9 372736 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
2013-11-01 05:25:23 C3B515559046A89BB0E0F2CEEF73CABC 447488 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Service\RaRegistry64.exe
2013-11-01 05:25:23 C3B515559046A89BB0E0F2CEEF73CABC 447488 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
2013-11-01 05:25:21 D8B54F8CA3DF644F6F96E416ABD3EB1C 12441088 ----a-w- C:\Program Files (x86)\Sitecom\Common\RaUI.exe
2013-11-01 05:25:19 D8B54F8CA3DF644F6F96E416ABD3EB1C 12441088 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\Utility\RaUI.exe
2013-11-01 05:25:05 81CC2BF1F5AC4A7BAF0AD1EEC89C752F 907552 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\RaInst64.exe
2013-11-01 05:24:41 F6E913A95E6357B7A14A90A1FBE3F3BC 53088 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\RaIOx64.exe
2013-11-01 05:24:41 F6E913A95E6357B7A14A90A1FBE3F3BC 53088 ----a-w- C:\Program Files (x86)\Sitecom\WiFi USB adapter N600\VistaSupplicant\X64\RaIOx64.exe
2013-11-01 05:24:41 A205551E7BA8580D2C0FF896A4D79FA9 460248 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe
2013-10-30 06:20:16 AE88282D08916C00A324F6A269924EA9 1291696 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe
=== C: other files ==
2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
2013-11-01 05:25:05 B72079F1ACA97F72DB1B1C5D1EFBC874 1733216 ----a-w- C:\ProgramData\Sitecom Driver\WiFi USB adapter N600\Driver\netr28ux.sys
2013-10-29 21:35:05 5B87FE21740695FA95A5FFE44F1B1E49 307752 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1557update.zip
2013-10-29 21:35:05 42C4843AFDC801EE2C0698768E948399 1486 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1556update.zip
2013-10-29 21:35:05 0C2FF8D52F6C4FBC7A2B33C608FEA528 207853 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1555update.zip
2013-10-29 21:35:04 E7C8D807749E9A371F27891A2308CD77 1483 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1553update.zip
2013-10-29 21:35:04 72F9783C4A5A23DF665DCF68B631FEA3 1483 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1554update.zip
2013-10-29 21:35:03 3D0ED91A23E7E51C72B263B2EB97B3C9 1383775 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1552mupdate.zip
2013-10-29 21:34:54 BBE9229D5C64DB6A669C0B0618725E40 12472047 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1545completedatabase.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
"Google Update"="C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe /c"
[HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"
"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
"Google Update"="C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe /c"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv]
==== Startup Folders ======================
2013-11-01 05:25:23 1999 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk
2013-09-24 08:56:46 1366 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-10-2013 21:02]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000Core.job --a------ C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe [26-08-2012 10:13]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000UA.job --a------ C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe [26-08-2012 10:13]
C:\Windows\tasks\RMAutoUpdate.job --a------ C:JC:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe []
C:\Windows\tasks\RMSchedule.job --a------ C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\RegMech.exe [21-08-2012 13:43]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Go to RoboForm Install page" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "RoboForm Tutorials"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000Core" [C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000UA" [C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe]
"C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\RegMech.exe]
"C:\Windows\SysNative\tasks\Run RoboForm TaskBar Icon" [C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]
"C:\Windows\SysNative\tasks\WinZip Malware Protector_startup" [C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe]
==== Firefox Extensions ======================
ExtDir: C:\Users\maryke\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi
==== Firefox Plugins ======================
==== Deleted Firefox Extensions ======================
C:\Users\maryke\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]
ljkcijnbckdflhifmbnfnkjacokloacf - No path found[]
hosts - maryke - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa
Torntv 3 - maryke - Profile 2\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
==== Chrome Fix ======================
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljkcijnbckdflhifmbnfnkjacokloacf_0.localstorage deleted successfully
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=8508129373711480166948421966123931240"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=8508129373711480166948421966123931240"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{EEE6C360-6118-11DC-9C72-001320C79847}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1323948606-1254354113-2269261338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\maryke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\maryke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\maryke\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\maryke\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\qualitink" not found
"C:\PROGRA~2\qualitink" not found
==== EOF on ma 04-11-2013 at 16:19:59,74 ======================
-
Hallo,
Zou iemand mij kunnen helpen als ik IE opdoe dan verschijnt er steeds irritante reclame links aan de zijkant, onderaan en rechtsonder.
Links komt er een breed scherm van boven naar beneden met Related Searches, onder in een reclame van Trust en rechtsonder steeds een melding dat mijn harde schijf bijna vol is en ik iets kan downloaden om mijn pc sneller te maken en op te ruimen.
ik stop hierbij gelijk de rsit files.
[ATTACH]28779[/ATTACH]
[ATTACH]28780[/ATTACH]
Bij voorbaat dank
Marijke
Laptop is ontzettend traag
in Archief Windows Algemeen
Geplaatst:
Hallo Mako,
Hierbij stuur ik je ook het log van AdwCleaner.
Gr Marijke
# AdwCleaner v3.013 - Report created 25/11/2013 at 23:30:27
# Updated 24/11/2013 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : mv - PC_VAN_MV
# Running from : C:\Users\mv\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\596ded9b134ef10
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16520
-\\ Google Chrome v
[ File : C:\Users\mv\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
*************************
AdwCleaner[R0].txt - [3227 octets] - [25/11/2013 22:46:23]
AdwCleaner[R1].txt - [3330 octets] - [25/11/2013 22:47:00]
AdwCleaner[s0].txt - [3278 octets] - [25/11/2013 23:30:27]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3338 octets] ##########