zakenmanhenk

Top! Het programma wat ik eerst niet kon openen kan ik nu wel weer opstarten, was misschien gewoon een kwestie van opnieuw opstarten. Bedankt voor je hulp!

Gewoon bij Chrome opties, > De browserinstellingen terugzetten naar de oorspronkelijke standaardwaarden. ?

Chrome Verder is er nog 1 programma dat niet op wil starten, maar een reïnstall zou moeten werken hoop ik, anders meld ik het wel. UTubeNoAds1.8 geeft geen enkel teken meer van leven, geen reclames/onderlijnde dingen meer. Wel staat hij nog tussen de extensies

Ik heb nu geen last meer van de effecten van UTubeNoAds1.8 . Dus geen onderstreepte dingen meer, geen reclames. Hij staat er nog wel als extensie tussen en kan deze nog niet uitschakelen of verwijderen, maar het schijnt geen werkend iets meer te zijn Logje: Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Jan on di 18-03-2014 at 16:07:26,09. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jan\Music\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-17-203038.log 51049 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Jan\AppData\Local\funmoods-speeddial.crx" not found C:\Windows\system32\Tasks\{F023E972-7CE7-4CBF-AD26-E96CC8BE8255} deleted C:\Windows\system32\Tasks\{0B486371-B45E-4504-830E-61362B00EDD7} deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor Enterprise" [30-08-2012 20:29] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{1266764D-FC4F-4FA7-B63B-884D53B1680F}"="C:\Users\Jan\AppData\Roaming\NetAssistant" [19-01-2011 17:40] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51 69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 1F0D662B7BE2AB2D3A7E2C6A44A02BC1 - C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller 0AF5E73EBB4B49ECA597F4EDAF2C252B - C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll - ijji Auto Install Plugin for Mozilla 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox F9391E9A3B016E1C9D96DAAEE7EF794F - C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll - AhnLab Online Security 0D083ADC189ABC679629A704AEBDC8A1 - C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll - AhnLab MyKeyDefense 2.5 8D08320F818920DBAB90919AC256A0E6 - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll - BitCometAgent 99F97C9FE748C37528C338A423577FCB - C:\Users\Jan\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\Opera\program\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\Opera\program\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\Opera\program\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\Opera\program\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\Opera\program\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 99F97C9FE748C37528C338A423577FCB - c:\program files\mozilla firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== Google Drive - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf LoL Stream Browser - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp Avira Browser Safety - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk AdBlock - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp deleted successfully C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_edidfaijmhpefkbnobdcepampbncgejp_0.localstorage deleted successfully C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_edidfaijmhpefkbnobdcepampbncgejp_0.localstorage-journal deleted successfully C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\edidfaijmhpefkbnobdcepampbncgejp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" "Backup.Old.Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" "Backup.Old.Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {4268920C-7320-4A99-A148-3CC41F7DAE20} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Jan\AppData\Local\Mozilla\Firefox\Profiles\hx6j7ong.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3333 folders=645 289730036 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 18-03-2014 at 16:28:16,13 ======================

Het duurde zeker een tijd, maar hier is de log! Het probleem van "Ongeldige installatiekopie" is nu weg, UTubeNoAds1.8 is er nog steeds en sommige programma's kan ik nog niet opstarten. Echt bedankt voor de hulp! Log: Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Jan on ma 17-03-2014 at 20:58:36,85. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jan\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 17-3-2014 21:04:05 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Fighters deleted successfully C:\Program Files\GRETECH deleted successfully C:\Program Files\HitmanPro deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Users\Jan\AppData\Roaming\Ekvyil deleted successfully C:\Users\Jan\AppData\Roaming\Feby deleted successfully C:\Users\Jan\AppData\Local\kpn deleted successfully C:\Users\Jan\AppData\Local\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1ED61C20-ACA1-4145-BEB7-0F8E08B1221B} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{49561995-A11F-E333-1DCC-3F8283838AF8} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF5F9A41-807B-4CB2-AB0F-80EC55F82228} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.aflt", "orgnl"); user_pref("extensions.BabylonToolbar.bbDpng", 12); user_pref("extensions.BabylonToolbar.cntry", "NL"); user_pref("extensions.BabylonToolbar.firstRun", false); user_pref("extensions.BabylonToolbar.hdrMd5", "B79ED5A006876866420989FE52C6C2CD"); user_pref("extensions.BabylonToolbar.lastActv", "20"); user_pref("extensions.BabylonToolbar.lastDP", 12); user_pref("extensions.BabylonToolbar.lastVrsn", "1.1.5"); user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0"); user_pref("extensions.BabylonToolbar.newTab", true); user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_bb"); user_pref("extensions.BabylonToolbar.propectorlck", 59676617); user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); user_pref("extensions.BabylonToolbar.ptch_0717", true); user_pref("extensions.BabylonToolbar.smplGrp", "free"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=119586"); user_pref("extensions.BabylonToolbar_i.hardId", "14ecef7c0000000000004061862da25b"); user_pref("extensions.BabylonToolbar_i.id", "14ecef7c0000000000004061862da25b"); user_pref("extensions.BabylonToolbar_i.instlDay", "15744"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=119586&babsrc=NT_ss&mntrId=14ecef7c0000000000004061862da25b"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:42:07"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.babTrack", "affID=119586"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.id", "14ecef7c0000000000004061862da25b"); user_pref("extensions.BabylonToolbar_i.hardId", "14ecef7c0000000000004061862da25b"); user_pref("extensions.BabylonToolbar_i.instlDay", "15744"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:42:07"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); ---- FireFox user.js and prefs.js backups ---- user_17-03-2014_2114_.backup prefs_17-03-2014_2114_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Tiny download manager"=- ==== Deleting Files \ Folders ====================== C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers not found C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\extensions\ffxtlbr@funmoods.com not found C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\extensions\toolbar@ask.com not found C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\extensions\plugin@yontoo.com.xpi not found C:\Users\Jan\AppData\Local\DM deleted C:\ProgramData\CoUUPExxtensiona deleted C:\ProgramData\UTubeNoAds deleted C:\ProgramData\ekgkagjbglcemcollhkmhodfmdneojpa deleted C:\ProgramData\DDeealExpressS deleted C:\ProgramData\e1b3be76b17c7983 deleted C:\Program Files\ConduitEngine deleted C:\Users\Jan\AppData\Roaming\Tunngle deleted C:\Users\Jan\AppData\Roaming\DealPly deleted C:\ProgramData\MagniPic deleted C:\ProgramData\InstallMate deleted C:\Program Files\Yontoo deleted C:\Program Files\Windows iLivid Toolbar deleted C:\Program Files\ToggleDU deleted C:\Program Files\iLivid deleted C:\Program Files\Free Offers from Freeze.com deleted C:\Program Files\FoxTabVideoConverter deleted C:\Program Files\DealPly deleted C:\Program Files\Conduit deleted C:\Program Files\Common Files\DVDVideoSoft deleted C:\Program Files\BearShare Applications deleted C:\Program Files\Ask.com deleted C:\Users\Jan\AppData\LocalLow\{86D0B9F7-0E6D-33B5-873A-9A03D5D7EEB9} deleted C:\Users\Jan\AppData\LocalLow\{B3C29BB5-EAE3-8A4B-4277-99BFE4EC54EB} deleted C:\Users\Jan\AppData\LocalLow\{EED27E11-EF48-1D74-08EB-F5A895EC6651} deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\{792E7854-5A8E-AB62-E13D-C4BF63950B7E} deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\{86D0B9F7-0E6D-33B5-873A-9A03D5D7EEB9} deleted C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml deleted C:\Program Files\filebulldogtb deleted C:\Program Files\Common Files\Plasmoo deleted C:\found.000 deleted C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted C:\Users\Jan\AppData\Roaming\RSBot Accounts.ini deleted C:\Users\Jan\AppData\Roaming\RSBot_Accounts.ini deleted C:\Users\Jan\AppData\Local\CRE deleted C:\Users\Jan\AppData\Local\BearShare deleted C:\Users\Jan\AppData\Local\Bundled software uninstaller deleted C:\Users\Jan\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic deleted C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly deleted C:\Windows\System32\Tasks\DealPly deleted C:\Windows\System32\Tasks\DealPlyUpdate deleted C:\Users\Jan\AppData\LocalLow\bearsharemediabartb deleted C:\Users\Jan\AppData\LocalLow\filebulldogtb deleted C:\Users\Jan\AppData\LocalLow\searchqutoolbar deleted C:\Users\Jan\AppData\LocalLow\AskToolbar deleted C:\Users\Jan\AppData\LocalLow\Conduit deleted C:\Windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted C:\Windows\system32\tasks\Funmoods deleted C:\user.js deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\searchplugins\BearShareWebSearch.xml deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\Invalidprefs.js deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\jetpack deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\extensions\staged deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\CT2088433 deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\CT2304157 deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\CT2536842 deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\CT2832595 deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\bearsharemediabartb deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\filebulldogtb deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Jan\Music\Downloads\FastDownload (1).exe deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\conduit deleted C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\conduitCommon deleted "C:\Program Files\Mozilla Firefox\searchplugins\filebulldogtb.xml" deleted "C:\Users\Jan\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Programdata\Windows\dumd.dat" deleted "C:\Programdata\Windows\xdor.dat" deleted "C:\Programdata\Windows" deleted ==== Files Found In C:\Users\Jan\AppData\Roaming\Nidhogg ====================== 2014-03-01 21:32:13 17 ----a-w- C5B1300BDBA3EE5C64048D7D8B9A0B4A C:\Users\Jan\AppData\Roaming\Nidhogg\prefs.txt 2014-03-16 20:33:44 0 ----a-w- D41D8CD98F00B204E9800998ECF8427E C:\Users\Jan\AppData\Roaming\Nidhogg\playerachievementcache.dat 2014-03-16 20:33:44 7901 ----a-w- 9C4D53527773DDFB730CE3B29B6326EC C:\Users\Jan\AppData\Roaming\Nidhogg\console.log ==== Folders Found In C:\Program Files\Nidhogg ====================== 2014-02-06 16:27:37 d-----w- C:\Program Files\Nidhogg\Nidhogg OST ==== Files Found In C:\Program Files\Nidhogg ====================== 2014-01-13 19:05:48 1133635 ----a-w- 51E3D4D8EBF45EDA09D4A75885F75F3B C:\Program Files\Nidhogg\music_Forest_Synth3.ogg 2014-01-13 19:05:48 1142053 ----a-w- 1160756BDAA5576C16B2148B4041F2B3 C:\Program Files\Nidhogg\music_Forest_Synth2.ogg 2014-01-13 19:05:48 1173934 ----a-w- 97D60A676E454855C37E5BA5442AF1AA C:\Program Files\Nidhogg\music_Clouds_SynthsPart1.ogg 2014-01-13 19:05:48 1188130 ----a-w- FBF25E3EDE038305E5B9308221E32BFB C:\Program Files\Nidhogg\music_Forest_Synth1.ogg 2014-01-13 19:05:48 1205651 ----a-w- 90E00A50790DF8FFE7F4F4FB7C8F1C37 C:\Program Files\Nidhogg\music_Forest_Drums.ogg 2014-01-13 19:05:48 1228925 ----a-w- 67769BCAD9EE5AF3E93FFB7B8F508146 C:\Program Files\Nidhogg\sfxFireBackground.ogg 2014-01-13 19:05:48 1299 ----a-w- 86B9F911904059C2B6D48A85352A0539 C:\Program Files\Nidhogg\credits.txt 2014-01-13 19:05:48 1327603 ----a-w- 9DABCFD32ECFFBC2E61B0E5A1F364A55 C:\Program Files\Nidhogg\music_CastleTitle.ogg 2014-01-13 19:05:48 1333037 ----a-w- 991D6389095B190F8FA24590AE8C3A46 C:\Program Files\Nidhogg\music_Clouds_SynthsPart3.ogg 2014-01-13 19:05:48 1347336 ----a-w- 82AEA83AD7D0BA354405809A40B31797 C:\Program Files\Nidhogg\music_Clouds_Drums.ogg 2014-01-13 19:05:48 1349493 ----a-w- E827ECF08107315770C2428C705BED7F C:\Program Files\Nidhogg\music_Clouds_SynthsPart4.ogg 2014-01-13 19:05:48 1388268 ----a-w- 314CD2454E9845310077E8ED997FF6F1 C:\Program Files\Nidhogg\music_Clouds_SynthsPart2.ogg 2014-01-13 19:05:48 140154 ----a-w- 21CCC0A80EAD443DA6925991EE39B972 C:\Program Files\Nidhogg\sfxChandelier1.ogg 2014-01-13 19:05:48 1422917 ----a-w- 8E958093A498F36E1101D151F6063048 C:\Program Files\Nidhogg\music_Castle_Synth1.ogg 2014-01-13 19:05:48 15085456 ----a-w- 3B468B0423D421084CAEF13B95001319 C:\Program Files\Nidhogg\data.win 2014-01-13 19:05:48 151157 ----a-w- 9258A591519A1F68B4BDB2EA7C2D53DC C:\Program Files\Nidhogg\sfxChandelier3.ogg 2014-01-13 19:05:48 1598553 ----a-w- 3F53DDEFF0526A4E91DE9C3382D20831 C:\Program Files\Nidhogg\music_Castle_Synth2.ogg 2014-01-13 19:05:48 1681796 ----a-w- CF79498408798DCEAE7E3F29394ED9AA C:\Program Files\Nidhogg\music_Castle_Drms2.ogg 2014-01-13 19:05:48 1743125 ----a-w- 741CC0971E3489EC8555D067D9A2610E C:\Program Files\Nidhogg\music_Castle_Drms1.ogg 2014-01-13 19:05:48 1998168 ----a-w- 86E39E9161C3D930D93822F1563C280D C:\Program Files\Nidhogg\D3DX9_43.dll 2014-01-13 19:05:48 207806 ----a-w- 23AE82403ADF68CE07B0F2516BC10ED1 C:\Program Files\Nidhogg\sfxEdgeOfCenter.ogg 2014-01-13 19:05:48 2100 ----a-w- 79B5424566DCEA932499D7F6EBDA6B2E C:\Program Files\Nidhogg\steam_api.ini 2014-01-13 19:05:48 279552 ----a-w- 41B0699189B6361E1C7BE00DFC687DD6 C:\Program Files\Nidhogg\SteamSimpleNet.dll 2014-01-13 19:05:48 2817024 ----a-w- 0E48DD4595CAAD402F901D514C247268 C:\Program Files\Nidhogg\Nidhogg.exe 2014-01-13 19:05:48 451031 ----a-w- 99F723611B09BCC7085B5B7EEFFCB3C6 C:\Program Files\Nidhogg\music_Mines_Synth1.ogg 2014-01-13 19:05:48 472591 ----a-w- B6F4A350EFB3FA3F79417707148B84E0 C:\Program Files\Nidhogg\sfxWind.ogg 2014-01-13 19:05:48 51 ----a-w- 79F5067D3311633E06F75DC8A185752D C:\Program Files\Nidhogg\match.txt 2014-01-13 19:05:48 55845 ----a-w- 5DB140B365B231A0FB53E6C22F6B0529 C:\Program Files\Nidhogg\sfxChandelier2.ogg 2014-01-13 19:05:48 632965 ----a-w- 9B44EEB1A9B25F4D2834B1BF401DB5C8 C:\Program Files\Nidhogg\music_CloudsTitle.ogg 2014-01-13 19:05:48 711363 ----a-w- DBA870E20225C1E06C30D3C9349FDAC4 C:\Program Files\Nidhogg\music_Mines_Synth2.ogg 2014-01-13 19:05:48 720052 ----a-w- 92548C2A9FDF3B7F3A28ABDEC2AD0E0F C:\Program Files\Nidhogg\music_Mines_Synth4Part3.ogg 2014-01-13 19:05:48 730104 ----a-w- AD585DB41AD6C7171C59701268F73BD1 C:\Program Files\Nidhogg\music_Mines_Synth4Part2.ogg 2014-01-13 19:05:48 786827 ----a-w- 9297D71A6583C64CE15A41C5C354D7B3 C:\Program Files\Nidhogg\music_Mines_MechanicalLayer.ogg 2014-01-13 19:05:48 822788 ----a-w- 8F43E58119E049FAE1C09216807007F8 C:\Program Files\Nidhogg\steam_api.dll 2014-01-13 19:05:48 861473 ----a-w- BFDAC1C793F951D2A316D1B8B8E9F168 C:\Program Files\Nidhogg\music_Mines_BasicDrums.ogg 2014-01-13 19:05:48 8646 ----a-w- 84C7DC208B6F0FFEF43E8D1CBC986BD8 C:\Program Files\Nidhogg\sfxChainSqueak1.ogg 2014-01-13 19:05:48 952663 ----a-w- FACD1CBB4A6728BAD1105A0076AE79A0 C:\Program Files\Nidhogg\music_WildsTitle.ogg 2014-01-13 19:05:48 956277 ----a-w- 7AF69D573F09B8BD779A0C4E8820E806 C:\Program Files\Nidhogg\music_MinesTitle.ogg 2014-01-13 19:05:48 997971 ----a-w- 6DC49B8C533B51F580ED89C99D415738 C:\Program Files\Nidhogg\music_Mines_Drums4Part2.ogg 2014-02-06 16:27:21 1192137 ----a-w- BB3BE925CBB18A8A2512F7369A137518 C:\Program Files\Nidhogg\unins000.exe 2014-02-06 16:27:39 12259 ----a-w- 4B4A362835C4750D7097D24C6ADD96AF C:\Program Files\Nidhogg\unins000.dat ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Jan\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-03-16 14:52:33 8B521873651E62EF5868DC7B339959DB 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-03-16 14:52:33 7EDA015D4E74177A1B187326EDB14670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-03-16 14:52:33 3B3EBF6E3C12DFDC6B29CBAC2F5519CC 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-16 14:52:32 1CEE521E90703BB8A01211C77747E727 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-03-16 14:52:30 69C9F0607AF94C7162BBD25E222D4E0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-03-16 14:52:30 6744457C09B9B8176CC3ECC2D0EE6580 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-16 14:52:29 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-03-16 14:52:29 2CF6CF90BF7FE0E616C363343FFA686B 553472 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-03-16 14:52:28 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\System32\wininet.dll 2014-03-16 14:52:27 E84073A2F2D3A9448CA02F48B0360490 440832 ----a-w- C:\Windows\System32\ieui.dll 2014-03-16 14:52:26 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-16 14:52:25 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\System32\jscript9.dll 2014-03-16 14:52:25 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\System32\iertutil.dll 2014-03-16 14:52:24 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\Windows\System32\mshtml.dll 2014-03-16 14:52:23 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\System32\urlmon.dll 2014-03-16 14:52:22 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\System32\msfeeds.dll 2014-03-16 14:52:22 5C207FABA707CE496E1E0A304925D1E5 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-03-16 14:52:20 E23497E11866154A97BA9877656113FE 1964032 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-03-16 14:52:19 B61F47EB8CACBE09C8117E4FF7D9656D 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-03-16 14:52:19 35523AF349702302EBC08D0D83661A78 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-03-16 14:52:18 B0CBC5A7D9278DCD5B230E1E50CCA5F6 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-03-16 14:52:18 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\System32\ieframe.dll 2014-03-16 14:51:29 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-03-16 14:51:25 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\System32\wer.dll 2014-03-16 14:49:25 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\System32\qedit.dll 2014-03-16 14:49:23 7CC38741B8F68F1E0D5D79DA6123666A 185344 ----a-w- C:\Windows\System32\wwansvc.dll 2014-03-16 14:49:21 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-03-16 19:56:25 B802DE1C507FD89D28C1D5B2F05B337F 3140 ----a-w- C:\Windows\system32\Tasks\{F023E972-7CE7-4CBF-AD26-E96CC8BE8255} 2014-03-16 15:24:41 286C5CA39D52D916C963962DE2BE5CB9 3310 ----a-w- C:\Windows\system32\Tasks\{0B486371-B45E-4504-830E-61362B00EDD7} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-17 12:52:06 -------- d-----w- C:\Program Files\trend micro 2014-03-15 22:49:27 -------- d-----w- C:\Program Files\Rockstar Games 2014-02-21 16:29:49 -------- d-----w- C:\Program Files\Shining Rock Software LLC ======= C: ===== ====== C:\Users\Jan\AppData\Roaming ====== 2014-02-21 16:29:52 -------- d-----w- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shining Rock Software LLC ====== C:\Users\Jan ====== 2014-03-15 22:49:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2014-03-14 14:51:57 -------- d-----w- C:\ProgramData\Avira 2014-03-14 12:45:56 -------- d-----w- C:\ProgramData\HitmanPro 2014-02-19 13:02:59 -------- d-----w- C:\ProgramData\Tunngle ====== C: exe-files == 2014-03-17 20:01:07 ED94A9592FCF68D297FF77D5A9992098 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1641444121-2350807400-106936331-1000\$I1PTRY8.exe 2014-03-17 19:57:38 2ED2319F3DE13495AAA49B70A1467055 1285120 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1641444121-2350807400-106936331-1000\$R1PTRY8.exe 2014-03-17 12:51:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Jan\Music\Downloads\RSIT.exe 2014-03-16 15:29:30 E7697A085336F974A4A6102A51223960 14405632 ----a-w- C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe 2014-03-16 15:29:28 B01BA38C120B8B1F5963E6B47FF12A1E 118736 ----a-w- C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe 2014-03-16 15:28:09 ED190C2AD7A777D17F38C78EEDEBBCA2 126976 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\GTA san andres\Install.exe 2014-03-16 15:28:09 B01BA38C120B8B1F5963E6B47FF12A1E 118736 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\GTA san andres\setup.exe 2014-03-16 15:28:08 C83F75FB7A42D6C0108A997054A23F6F 472576 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\GTA san andres\DirectX\dxsetup.exe 2014-03-16 15:26:39 9385CC7904CADD76F1CDD8B0F25027B5 528384 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\GTA san andres\Bin\demo32.exe 2014-03-16 15:21:29 B01BA38C120B8B1F5963E6B47FF12A1E 118736 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1641444121-2350807400-106936331-1000\$RW0CF2H\setup.exe 2014-03-16 14:52:18 3A3BEA53F039CE2E997A918E26E30B1D 808152 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-03-16 14:52:16 2A0FAE869BC99A460FEFD832F261DCC9 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe === C: other files == 2014-03-16 14:49:21 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys 2014-03-15 22:40:09 BD78B17968C91F6C61E5CE516D8646DE 5868922 ----a-w- C:\Users\Jan\Desktop\San andreas\GTA Sa\Crack No-CD (By Squall89).zip 2014-03-15 22:40:09 BD78B17968C91F6C61E5CE516D8646DE 5868922 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\Crack No-CD (By Squall89).zip 2014-03-15 22:40:09 46F255CAC21CFDB7B153974321FB5A20 4976792 ----a-w- C:\Users\Jan\Desktop\San andreas\GTA Sa\Alcohol 120% 1.9.2 + Crack.zip 2014-03-15 22:40:09 46F255CAC21CFDB7B153974321FB5A20 4976792 ----a-w- C:\Documents and Settings\Jan\Desktop\San andreas\GTA Sa\Alcohol 120% 1.9.2 + Crack.zip 2014-03-15 19:06:08 C10E20FCB710BB1EC6034DDB681262D8 1444127 ----a-w- C:\Users\Jan\AppData\Local\Temp\CProgram FilesOpera\skin\standard_skin.zip 2014-03-15 19:06:08 C10E20FCB710BB1EC6034DDB681262D8 1444127 ----a-w- C:\Documents and Settings\Jan\AppData\Local\Temp\CProgram FilesOpera\skin\standard_skin.zip 2014-03-15 19:06:08 4A72C050936BF35B374C817924DB9F0E 241062 ----a-w- C:\Users\Jan\AppData\Local\Temp\CProgram FilesOpera\locale\en\en.zip 2014-03-15 19:06:08 4A72C050936BF35B374C817924DB9F0E 241062 ----a-w- C:\Documents and Settings\Jan\AppData\Local\Temp\CProgram FilesOpera\locale\en\en.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Easy Driver Pro"="C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe" "Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Dxtory Update Checker 2.0"="C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe" "TeamSpeak 3 Client"="C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" "F.lux"="C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "snpstd3"="C:\Windows\vsnpstd3.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "MVS Splash"="C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Easy Driver Pro"="C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe" "Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Dxtory Update Checker 2.0"="C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe" "TeamSpeak 3 Client"="C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" "F.lux"="C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2011-08-01 13:33:30 1343 ----a-w- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk 2010-07-22 12:50:24 1856 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-03-2014 16:52] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-12-2009 15:13] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-12-2009 15:13] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-JanvR-PC-Jan" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\Raidcall_EN" [C:\Program Files\RaidCall\raidcall.exe] "C:\Windows\system32\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{26A4878C-DE45-4B9B-B8E4-EB377E8208DC}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{22075A11-BD66-452D-BCB5-74DDA150727F}" ["c:\program files\mozilla firefox\firefox.exe"] "C:\Windows\system32\tasks\{7755AD09-2F2B-4386-A1A6-A8763036845A}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\{AA4E2FD6-A79F-4F8B-B0D2-6AE4D7AC457C}" [C:\Program Files\Electronic Arts\The Battle for Middle-earth II\lotrbfme2.exe] "C:\Windows\system32\tasks\{DE1EA742-A292-4F13-A752-3600C7DECBF6}" [C:\Program Files\Electronic Arts\The Battle for Middle-earth II\lotrbfme2.exe] "C:\Windows\system32\tasks\{FEC9013F-F92F-4A7D-AD84-D1B084A896AA}" [C:\Program Files\Electronic Arts\The Battle for Middle-earth II\lotrbfme2.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor Enterprise" [30-08-2012 20:29] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{1266764D-FC4F-4FA7-B63B-884D53B1680F}"="C:\Users\Jan\AppData\Roaming\NetAssistant" [19-01-2011 17:40] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51 69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 1F0D662B7BE2AB2D3A7E2C6A44A02BC1 - C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller 0AF5E73EBB4B49ECA597F4EDAF2C252B - C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll - ijji Auto Install Plugin for Mozilla 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox F9391E9A3B016E1C9D96DAAEE7EF794F - C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll - AhnLab Online Security 0D083ADC189ABC679629A704AEBDC8A1 - C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll - AhnLab MyKeyDefense 2.5 8D08320F818920DBAB90919AC256A0E6 - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll - BitCometAgent 99F97C9FE748C37528C338A423577FCB - C:\Users\Jan\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\Opera\program\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\Opera\program\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\Opera\program\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\Opera\program\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\Opera\program\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 99F97C9FE748C37528C338A423577FCB - c:\program files\mozilla firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\Jan\AppData\Local\funmoods.crx[] cgiaikfpllchefojlnehlmpekeogihnm - C:\Users\Jan\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx[] cjpglkicenollcignonpgiafdgfeehoj - C:\Users\Jan\AppData\Local\funmoods-speeddial.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\Jan\AppData\Local\Temp\YontooLayers.crx[] pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files\1ClickDownload\oneclickdownloader10.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\Jan\AppData\Local\funmoods.crx[] cgiaikfpllchefojlnehlmpekeogihnm - C:\Users\Jan\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx[] cjpglkicenollcignonpgiafdgfeehoj - C:\Users\Jan\AppData\Local\funmoods-speeddial.crx[] Google Drive - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf LoL Stream Browser - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp Avira Browser Safety - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk AdBlock - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Funmoods - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo WiseConvert - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm deleted successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" "Backup.Old.Start Page"="http://nl.ask.com/?l=dis&o=14200" "Default_Page_URL"="http://www.aldi.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" "Backup.Old.Start Page"="http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {4268920C-7320-4A99-A148-3CC41F7DAE20} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1393C215-0520-410E-AB29-3BADAB478EC4} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1393C215-0520-410E-AB29-3BADAB478EC4} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{667077BD-1E84-0C58-23C9-1DD8AE2AC24C} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{667077BD-1E84-0C58-23C9-1DD8AE2AC24C} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1393C215-0520-410E-AB29-3BADAB478EC4} deleted successfully HKEY_CLASSES_ROOT\CLSID\{667077BD-1E84-0C58-23C9-1DD8AE2AC24C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} deleted successfully HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1641444121-2350807400-106936331-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MagniPic deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{16782E9C-E344-47BD-A045-B9BA79870632} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1CD67F8D-7CF5-0122-E351-868771DA03C9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B48D06DA-461F-4559-A7B2-0E3D6F6E242C} deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cgiaikfpllchefojlnehlmpekeogihnm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cgiaikfpllchefojlnehlmpekeogihnm deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Bulldog Anti-phishing Domain Advisor deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{25F259ED-12F6-429F-5783-527C3E2F8586} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C6E49138-C2CF-5337-D358-0734FD33EFB4} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jan\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Jan\AppData\Local\Mozilla\Firefox\Profiles\hx6j7ong.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3283 folders=636 289553157 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Jan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LLXKDTKZ\www.clitgames.com" not found ==== EOF on ma 17-03-2014 at 21:30:38,75 ======================

Bedankt voor je reactie, ik heb gedaan wat je zei! Hier de log van RSIT Logfile of random's system information tool 1.09 (written by random/random) Run by Jan at 2014-03-17 13:52:06 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 383 GB (41%) free of 932 GB Total RAM: 3063 MB (41% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:52:17, on 17-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16521) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Jan\Music\Downloads\RSIT.exe C:\Program Files\trend micro\Jan.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe O4 - HKCU\..\Run: [TeamSpeak 3 Client] "C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" O4 - HKCU\..\Run: [Tiny download manager] "C:\Users\Jan\AppData\Local\DM\TinyDM.exe" /M O4 - HKCU\..\Run: [F.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: McAfee Peer Distribution Service (RumorServer) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: RzKLService - Razer Inc. - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 12487 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://search.filebulldog.com/vmn/6C05CC5D73135A28C0F4A8513234C0D6" prefs.js - "extensions.enabledItems" - "ffxtlbr@babylon.com:1.1.3, battlefieldheroespatcher@ea.com:4.0.53.0, engine@conduit.com:3.3.3.2, {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0, it-IT@dictionaries.addons.mozilla.org:3.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {942cd1d4-9cc1-4d31-876a-ea8f489f7a59}:3.3.2.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}:3.3.3.2, {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.18" prefs.js - "keyword.URL" - "http://search.filebulldog.com/results/1/vmn/___userguid___?q=" "{D19CA586-DD6C-4a0a-96F8-14644F340D60}"=C:\Program Files\Common Files\McAfee\SystemCore "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"=C:\Program Files\McAfee\SiteAdvisor Enterprise\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.77 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1] "Description"= "Path"=C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ahnlab.com/asp/npmkd25aos] "Description"=AhnLab Online Security "Path"=C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher] "Description"=GamersFirst LIVE! Web Launcher "Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5] "Description"=Office Live Update v1.5 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame] "Description"=Nexon Game Controller "Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIBitCometAgent.xpt nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll npBitCometAgent.dll npijjiautoinstallpluginff.dll npmkd25aos.xpt nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ BearShareWebSearch.xml bing.xml bolcom-nl.xml filebulldogtb.xml google.xml marktplaats-nl.xml wikipedia-nl.xml C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\extensions\ staged C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\hx6j7ong.default\searchplugins\ BearShareWebSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696] "CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-04 7703072] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240] "snpstd3"=C:\Windows\vsnpstd3.exe [2005-09-05 339968] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "MVS Splash"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe [2012-05-04 476736] ""= [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-08-16 152392] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2012-11-25 1193176] "Easy Driver Pro"=C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe [] "Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-10-26 3093624] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608] "Dxtory Update Checker 2.0"=C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696] "TeamSpeak 3 Client"=C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe [2013-10-24 9547240] "Tiny download manager"=C:\Users\Jan\AppData\Local\DM\TinyDM.exe /M [] "F.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-16 1016712] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.XFR1"=xfcodec.dll "VIDC.FPS1"=frapsvid.dll "MSVideo8"=VfWWDM32.dll "VIDC.IV41"=IR41_32.AX "vidc.x264"=C:\PROGRA~1\x264vfw\x264vfw.dll "vidc.xtor"=DxtoryCodec.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-03-17 13:52:06 ----D---- C:\rsit 2014-03-17 13:52:06 ----D---- C:\Program Files\trend micro 2014-03-16 15:52:33 ----A---- C:\Windows\system32\iernonce.dll 2014-03-16 15:52:33 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-03-16 15:52:33 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-03-16 15:52:32 ----A---- C:\Windows\system32\jsproxy.dll 2014-03-16 15:52:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-16 15:52:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-03-16 15:52:29 ----A---- C:\Windows\system32\jscript9diag.dll 2014-03-16 15:52:29 ----A---- C:\Windows\system32\ieapfltr.dll 2014-03-16 15:52:28 ----A---- C:\Windows\system32\wininet.dll 2014-03-16 15:52:27 ----A---- C:\Windows\system32\ieui.dll 2014-03-16 15:52:26 ----A---- C:\Windows\system32\ieUnatt.exe 2014-03-16 15:52:25 ----A---- C:\Windows\system32\jscript9.dll 2014-03-16 15:52:25 ----A---- C:\Windows\system32\iertutil.dll 2014-03-16 15:52:24 ----A---- C:\Windows\system32\mshtml.dll 2014-03-16 15:52:23 ----A---- C:\Windows\system32\urlmon.dll 2014-03-16 15:52:22 ----A---- C:\Windows\system32\msfeeds.dll 2014-03-16 15:52:19 ----A---- C:\Windows\system32\msrating.dll 2014-03-16 15:52:19 ----A---- C:\Windows\system32\ie4uinit.exe 2014-03-16 15:52:18 ----A---- C:\Windows\system32\iesetup.dll 2014-03-16 15:52:18 ----A---- C:\Windows\system32\ieframe.dll 2014-03-16 15:51:29 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-03-16 15:51:25 ----A---- C:\Windows\system32\wer.dll 2014-03-16 15:49:25 ----A---- C:\Windows\system32\qedit.dll 2014-03-16 15:49:23 ----A---- C:\Windows\system32\wwansvc.dll 2014-03-16 15:49:21 ----A---- C:\Windows\system32\win32k.sys 2014-03-15 23:49:27 ----D---- C:\Program Files\Rockstar Games 2014-03-14 15:51:57 ----D---- C:\ProgramData\Avira 2014-03-14 13:46:22 ----D---- C:\Program Files\HitmanPro 2014-03-14 13:45:56 ----D---- C:\ProgramData\HitmanPro 2014-03-14 13:37:08 ----D---- C:\AdwCleaner 2014-03-12 18:53:10 ----D---- C:\Users\Jan\AppData\Roaming\Malwarebytes 2014-03-12 18:52:48 ----D---- C:\ProgramData\Malwarebytes 2014-03-12 18:52:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-03-07 15:19:06 ----D---- C:\ProgramData\CoUUPExxtensiona 2014-02-27 14:00:22 ----D---- C:\Program Files\LogMeIn Hamachi 2014-02-21 17:29:51 ----D---- C:\DirectX9.0c 2014-02-21 17:29:49 ----D---- C:\Program Files\Shining Rock Software LLC 2014-02-19 14:02:59 ----D---- C:\ProgramData\Tunngle 2014-02-13 23:34:44 ----A---- C:\Windows\system32\vbscript.dll 2014-02-13 23:24:14 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 23:24:14 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 23:23:50 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 23:23:50 ----A---- C:\Windows\system32\d2d1.dll 2014-02-13 23:23:40 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 23:23:40 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 23:23:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 23:23:36 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 23:23:36 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 23:23:34 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 23:23:33 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 23:23:30 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 23:23:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-06 17:27:48 ----D---- C:\Users\Jan\AppData\Roaming\Nidhogg 2014-02-06 17:27:32 ----D---- C:\Program Files\Nidhogg 2014-01-31 13:14:04 ----D---- C:\ProgramData\UTubeNoAds 2014-01-31 13:14:03 ----D---- C:\ProgramData\ekgkagjbglcemcollhkmhodfmdneojpa 2014-01-29 20:04:27 ----A---- C:\Windows\system32\javaws.exe 2014-01-29 20:04:23 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2014-01-29 20:04:23 ----A---- C:\Windows\system32\javaw.exe 2014-01-29 20:04:22 ----A---- C:\Windows\system32\java.exe 2014-01-15 21:35:55 ----D---- C:\Users\Jan\AppData\Roaming\Music Editor Free 2014-01-15 21:35:45 ----A---- C:\Windows\system32\NCTWMAFile2.dll 2014-01-15 21:35:45 ----A---- C:\Windows\system32\NCTTextToAudio2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioVisualization2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioTransform2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioRecord2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioPlayer2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioInformation2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioFile2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioEditor2.dll 2014-01-15 21:35:44 ----A---- C:\Windows\system32\NCTAudioCDGrabber2.dll 2014-01-15 21:35:43 ----D---- C:\Program Files\Music Editor Free 2014-01-15 21:35:43 ----A---- C:\Windows\system32\msvcr70.dll 2014-01-15 21:31:05 ----D---- C:\ConvertedMedia 2014-01-15 21:29:22 ----A---- C:\Windows\system32\tak_deco_lib.dll 2014-01-15 21:29:22 ----A---- C:\Windows\system32\dsfTAKSource.dll 2014-01-15 21:29:22 ----A---- C:\Windows\system32\bass_tta.dll 2014-01-15 21:29:22 ----A---- C:\Windows\system32\bass_ofr.dll 2014-01-15 21:29:22 ----A---- C:\Windows\system32\bass_mpc.dll 2014-01-15 21:29:22 ----A---- C:\Windows\system32\bass_ape.dll 2014-01-15 21:29:21 ----A---- C:\Windows\system32\Registration.ini 2014-01-15 21:29:21 ----A---- C:\Windows\system32\bass_wv.dll 2014-01-15 21:29:21 ----A---- C:\Windows\system32\bass_flac.dll 2014-01-15 21:29:20 ----A---- C:\Windows\system32\OptimFROG.dll 2014-01-15 21:29:20 ----A---- C:\Windows\system32\bass_alac.dll 2014-01-15 21:29:20 ----A---- C:\Windows\system32\bass.dll 2014-01-15 21:29:19 ----A---- C:\Windows\system32\bass_aac.dll 2014-01-15 21:29:15 ----A---- C:\Windows\system32\t3odm.dll 2014-01-15 21:29:14 ----D---- C:\Program Files\MP3 Converter 2014-01-15 21:22:07 ----D---- C:\Users\Jan\AppData\Roaming\Free WAV to MP3 Converter 2014-01-15 21:08:47 ----D---- C:\Program Files\Free WAV to MP3 Converter 2014-01-15 18:39:16 ----D---- C:\Users\Jan\AppData\Roaming\Audacity 2014-01-15 18:38:51 ----D---- C:\Program Files\Audacity 2014-01-15 13:26:21 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-15 13:26:18 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 13:26:17 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 13:26:17 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 13:26:17 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 13:26:16 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 13:26:15 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 13:26:15 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-12-31 12:38:40 ----D---- C:\ProgramData\DDeealExpressS 2013-12-31 12:38:31 ----D---- C:\ProgramData\e1b3be76b17c7983 2013-12-28 01:26:05 ----D---- C:\Program Files\Common Files\Microsoft Games 2013-12-27 23:08:42 ----D---- C:\Program Files\Age of Empires II HD The Forgotten 2013-12-27 22:44:07 ----D---- C:\ProgramData\Winclean performap ======List of files/folders modified in the last 3 months====== 2014-03-17 13:52:07 ----D---- C:\Windows\Temp 2014-03-17 13:52:06 ----RD---- C:\Program Files 2014-03-17 13:46:55 ----D---- C:\Users\Jan\AppData\Roaming\Skype 2014-03-17 13:46:39 ----D---- C:\Users\Jan\AppData\Roaming\TS3Client 2014-03-17 13:44:01 ----D---- C:\Windows\winsxs 2014-03-17 13:43:03 ----D---- C:\Windows\system32\config 2014-03-17 13:41:42 ----D---- C:\Windows\System32 2014-03-17 13:41:40 ----D---- C:\Program Files\Internet Explorer 2014-03-17 13:41:34 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-16 22:29:13 ----SHD---- C:\System Volume Information 2014-03-16 20:56:25 ----D---- C:\Windows\system32\Tasks 2014-03-16 16:52:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-03-16 15:51:45 ----D---- C:\Windows\system32\catroot 2014-03-16 15:51:44 ----D---- C:\Windows\system32\catroot2 2014-03-16 15:47:18 ----SHD---- C:\Windows\Installer 2014-03-16 15:40:54 ----D---- C:\Windows\Tasks 2014-03-16 15:40:54 ----D---- C:\Windows\system32\wfp 2014-03-16 15:40:54 ----D---- C:\Program Files\ConduitEngine 2014-03-16 15:40:50 ----D---- C:\Windows\system32\wbem 2014-03-16 15:40:50 ----D---- C:\Windows 2014-03-16 15:39:34 ----D---- C:\Windows\system32\DriverStore 2014-03-16 15:39:34 ----D---- C:\Windows\system32\drivers 2014-03-16 15:39:33 ----D---- C:\Windows\system32\CodeIntegrity 2014-03-16 15:39:33 ----D---- C:\Windows\Microsoft.NET 2014-03-16 15:39:22 ----D---- C:\Windows\inf 2014-03-16 15:39:19 ----D---- C:\Windows\AppCompat 2014-03-16 15:39:19 ----D---- C:\Users\Jan\AppData\Roaming\Tunngle 2014-03-16 15:39:18 ----D---- C:\Users\Jan\AppData\Roaming\DealPly 2014-03-16 15:39:15 ----HD---- C:\ProgramData 2014-03-16 15:39:15 ----D---- C:\ProgramData\Tarma Installer 2014-03-16 15:39:14 ----D---- C:\ProgramData\MagniPic 2014-03-16 15:39:14 ----D---- C:\ProgramData\InstallMate 2014-03-16 15:39:14 ----D---- C:\ProgramData\DAEMON Tools Lite 2014-03-16 15:39:14 ----D---- C:\Program Files\Yontoo 2014-03-16 15:39:14 ----D---- C:\Program Files\Windows iLivid Toolbar 2014-03-16 15:39:14 ----D---- C:\Program Files\ToggleDU 2014-03-16 15:39:14 ----D---- C:\Program Files\Steam 2014-03-16 15:39:12 ----D---- C:\Program Files\InnoGames_International 2014-03-16 15:39:12 ----D---- C:\Program Files\iLivid 2014-03-16 15:39:12 ----D---- C:\Program Files\FrostWire 5 2014-03-16 15:39:12 ----D---- C:\Program Files\Free Offers from Freeze.com 2014-03-16 15:39:12 ----D---- C:\Program Files\FoxTabVideoConverter 2014-03-16 15:39:12 ----D---- C:\Program Files\DealPly 2014-03-16 15:39:12 ----D---- C:\Program Files\Conduit 2014-03-16 15:39:12 ----D---- C:\Program Files\Common Files\Steam 2014-03-16 15:39:12 ----D---- C:\Program Files\Common Files\Plasmoo 2014-03-16 15:39:12 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2014-03-16 15:39:12 ----D---- C:\Program Files\Common Files 2014-03-16 15:39:11 ----D---- C:\Program Files\BearShare Applications 2014-03-16 15:39:11 ----D---- C:\Program Files\AVS4YOU 2014-03-16 15:39:11 ----D---- C:\Program Files\Ask.com 2014-03-16 15:38:40 ----D---- C:\Windows\registration 2014-03-16 15:38:27 ----D---- C:\Windows\system32\wdi 2014-03-16 15:34:46 ----SD---- C:\ProgramData\Microsoft 2014-03-14 13:44:42 ----D---- C:\Windows\Prefetch 2014-03-13 15:48:28 ----D---- C:\Windows\tracing 2014-02-21 17:29:52 ----SD---- C:\Users\Jan\AppData\Roaming\Microsoft 2014-02-20 12:55:26 ----D---- C:\Program Files\osu! 2014-02-19 15:17:37 ----D---- C:\Windows\rescache 2014-02-19 14:03:03 ----D---- C:\Program Files\Tunngle 2014-02-14 16:56:10 ----RSD---- C:\Windows\assembly 2014-02-13 23:38:51 ----D---- C:\Windows\system32\MRT 2014-02-13 23:35:37 ----A---- C:\Windows\system32\MRT.exe 2014-02-13 23:34:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-13 23:33:00 ----D---- C:\Windows\system32\nl-NL 2014-02-06 17:27:43 ----D---- C:\ProgramData\Steam 2014-01-31 13:14:03 ----HD---- C:\Windows\system32\GroupPolicy 2014-01-29 20:04:37 ----D---- C:\ProgramData\Oracle 2014-01-29 20:04:22 ----D---- C:\Program Files\Java 2014-01-20 16:02:54 ----D---- C:\Program Files\Origin 2014-01-15 22:49:54 ----D---- C:\ProgramData\Microsoft Help 2014-01-15 21:29:26 ----RSD---- C:\Windows\Fonts 2013-12-28 02:13:05 ----D---- C:\Program Files\Microsoft Games 2013-12-28 01:26:08 ----HD---- C:\Program Files\InstallShield Installation Information ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 432664] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2012-02-22 464304] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2012-02-22 169608] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-08 242240] R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 64912] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-04 2744800] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2012-02-22 180848] R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2012-02-22 59456] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2012-02-22 340920] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-02-18 149352] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688] S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272] S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [] S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [] S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2012-02-22 121544] S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys [] S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2012-02-22 87656] S3 Mkd2kfNt;Mkd2kfNt; C:\Windows\system32\drivers\Mkd2kfNt.sys [2009-10-13 133632] S3 Mkd2Nadr;Mkd2Nadr; C:\Windows\system32\drivers\Mkd2Nadr.sys [2009-07-13 79360] S3 netr28u;Sweex Wireless USB Adapter Driver; C:\Windows\system32\DRIVERS\netr28u.sys [2009-07-03 746496] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2005-10-13 8701824] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [] S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056] R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service; C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2011-05-12 324928] R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-02-13 166288] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-02-13 161632] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2012-02-22 151880] R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2012-05-04 291328] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-11 75064] R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704] R2 RumorServer;McAfee Peer Distribution Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2012-05-04 291328] R2 RzKLService;RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [2013-09-18 106472] R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-14 1956136] R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912] S2 def8540c;Winclean performap; c:\progra~2\wincle~1\WincleanperformapSvc.dll [2013-12-27 177488] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-08 135664] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-08-01 72704] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16 257928] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-08 46528] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-08 135664] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 108032] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-03-31 3534776] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-02-20 569024] S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2013-11-06 758224] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-21 1343400] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------

Beste mensen, Sinds ongeveer een week is het mij opgevallen dat er woorden onderstreept zijn in mijn webbrowser, en er soms random advertenties oppoppen. Bij Chrome Extensies staat dan ook "UTubeNoAds1.8" en "Geinstalleerd door bedrijfsbeleid" en kan het dus ook niet disablen of verwijderen. Als reactie hierop heb ik; - Verwijderen en installeren van Chrome - MalwareBytes Anti-Malware - HitmanPro - Adwcleaner - Opschonen van cookies en verwijderen van dingen die ik niet nodig heb - Avira Antivirus - SuperAntiSpyware - Daarna nog een systeemherstel naar 27 februari Allemaal heeft het niet geholpen, en heeft het zelfs een nieuw probleem gegeven: Bij het opstarten van veel dingen geeft het aan een "Ongeldige installatiekopie" te zijn. Sommige dingen starten dan wel op, maar sommige ook niet. Alvast bedankt, logje van HijackThis hieronder: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 20:56:39, on 16-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) FIREFOX: 9.0.1 (nl) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe C:\ProgramData\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee\Managed VirusScan\Agent\UpdDlg.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Users\Jan\Music\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll R3 - URLSearchHook: File Bulldog Toolbar - {1393c215-0520-410e-ab29-3badab478ec4} - C:\Program Files\filebulldogtb\filebulldogDx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: DDeealExpressS - {86D0B9F7-0E6D-33B5-873A-9A03D5D7EEB9} - C:\ProgramData\DDeealExpressS\q7.dll O2 - BHO: UTubeNoAds - {B3C29BB5-EAE3-8A4B-4277-99BFE4EC54EB} - C:\ProgramData\UTubeNoAds\ae.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [File Bulldog Anti-phishing Domain Advisor] "C:\ProgramData\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe O4 - HKCU\..\Run: [TeamSpeak 3 Client] "C:\Users\Jan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" O4 - HKCU\..\Run: [Tiny download manager] "C:\Users\Jan\AppData\Local\DM\TinyDM.exe" /M O4 - HKCU\..\Run: [F.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\wincle~1\wincle~1.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: McAfee Peer Distribution Service (RumorServer) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: RzKLService - Razer Inc. - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 14301 bytes