umivik

Lid

Bekijk profiel Bekijk hun activiteit

Items
46
Registratiedatum
17 mei 2014
Laatst bezocht
4 juli 2016

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door umivik

trage laptop

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

de snelheid is goed nu. als hij opstart vraagt hij eerst:press f11 to run recovery,maar direkt daarna start hij wel op hoor,is dat normaal of is dat zo. als ik google crome of firefox klik ,dat gaat minder rap open maar is te doen,ben echter wel tevreden.
- 25 juli 2014
- 26 antwoorden
trage laptop

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

AdwCleaner[s0] AdwCleaner[S0].txt
- 24 juli 2014
- 26 antwoorden
trage laptop

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

wat is dat allemaal,ik hoop dat je het vind zoek-results.log
- 24 juli 2014
- 26 antwoorden
trage laptop

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

Log in bijlage log.txt
- 23 juli 2014
- 26 antwoorden
trage laptop

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

2014-04-28 14:32:09 ----D---- C:\Windows\Prefetch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760] R3 ACPIService;ATK0100 ACPI SERVICE; C:\Windows\system32\DRIVERS\ATKACPI.SYS [2009-06-09 16456] R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-31 38440] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-04-19 256360] R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-31 28200] R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-31 177704] R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952] R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-04-19 143080] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-04-22 230760] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-10-29 27632] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-11-20 174080] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2010-11-20 38400] R3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32; C:\Windows\system32\DRIVERS\fspad_wlh32.sys [2010-09-09 55808] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-10-19 3218920] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-03-01 31232] S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-31 47144] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552] R2 AtherosSvc;AtherosSvc; C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992] R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 RBClientService;RBClientService; C:\Program Files\Right Backup\RBClientService.exe [2014-04-24 48472] R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-17 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-18 262320] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-17 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
- 23 juli 2014
- 26 antwoorden
trage laptop

umivik plaatste een topic in Archief Bestrijding malware & virussen

ik heb hier een laptop die niet goed werkt. duurt lang eer google of firefox opengaat. zo ook congifurationscherm enz veel staat er niet meer op daar ik hem heb over genomen en bijna alles eraf is kunnen jullie mij helpen windows7
- 23 juli 2014
- 26 antwoorden
pc naam

umivik plaatste een topic in Archief Windows 7

hey heb een laptop overgenomen van iemand maar haar gebruikersnaam staat nog op pc,hoe kan ik die overbrengen naar mijn naam. als ik nu vb.mijn mail opendoen kan zij dat dan ook zien op hare pc. zo heb ik skype gedownload en ingesteld en automatisch zat ik op haar skype,hoe dat veranderen want dat moet niet. windows 7
- 21 juli 2014
- 2 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

is nu toch veel vlugger. reklame is ook beter,heb er eigenlijk nog ni op gelet,dus zal wel goed zijn. heb malwerebytes verwijderd,mag ik dat eraf laten,heb nu alleen nog microsoft secutery essentials is dat voldoende,heb ook ccleaner. wat is nu het beste wat ik kan doen.
- 8 juli 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by HP on di 08-07-2014 at 9:54:11.96. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\HP\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-07-07-064854.log 50472 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\HP\AppData\Locallow\{A4856BF0-C338-D2A5-9EE2-1F76FBE2B4F7} deleted C:\Users\HP\AppData\Locallow\{1EB61A8F-8C37-6C57-50C6-C2A3752666C1} deleted C:\Users\HP\AppData\Local\Chromatic Browser deleted C:\Users\HP\AppData\Local\Torch deleted C:\Users\HomeGroupUser$\AppData\Local\Torch deleted C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted C:\Users\Gast\AppData\Local\Chromatic Browser deleted C:\Users\Administrator\AppData\Local\Chromatic Browser deleted C:\Users\Gast\AppData\Local\Torch deleted C:\Users\Administrator\AppData\Local\Torch deleted C:\Users\HP\Searches deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [18-06-2014 09:51] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default - Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default 738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash B5269A90EB2C747C4802E2FE0527C5D2 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46] Vertalen.nu - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\9anhn392.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=496 folders=231 97984290 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\HP\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\HP\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" deleted ==== EOF on di 08-07-2014 at 10:30:12.25 ======================
- 8 juli 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by HP on ma 07-07-2014 at 7:21:17.99. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\HP\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7-7-2014 7:30:03 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully HKEY_CLASSES_ROOT\CLSID\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.defaulturl", "http://websearch.fastsearchings.info/?pid=377&r=2014/07/04&hid=15782698513346681117&lg=EN&cc=BE&unqvl=56&l=1&q user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.fastsearchings.info/?pid=377&r=2014/07/04&hid=15782698513346681117&lg=EN&cc=BE&unqvl=56&l=1&q="); ---- Lines trovi removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.trovi.com/?gd=&ctid=CT3324756&octid=EB_ORIGINAL_CTID&ISID=M9F30BB9F-591B-442D-A773-F8DC17489141&SearchSour user_pref("browser.search.defaultenginename", "Trovi search"); user_pref("browser.search.selectedEngine", "Trovi search"); ---- Lines a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221398837702%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1398837702); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.expir user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.e user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.v user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.ex user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.va user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "77"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Tue user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.expiration user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.value", "% user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration" user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1399962354604"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1399962353753"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "http://js.clientstaticserv.com/plu user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 53); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 77); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "141cb805be5d2d0f5d16f004b8c7b326"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.FilesValidatorDueTime", "1399962400330"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1398838526); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 30); ---- Lines extensions.Kg1KnH55Cti removed from prefs.js ---- user_pref("extensions.Kg1KnH55Cti.epoch", "1404749322"); user_pref("extensions.Kg1KnH55Cti.url", "http://centergoodfind.info/sync2/?q=hfZ9ofDSBShEAen0rHC6tMqLDe49CNU0nUkMCMlNhd9Fqda6rdnFqTr6rHaMBzqUojw9rdCEq ---- Lines extensions.hXjfFaf removed from prefs.js ---- user_pref("extensions.hXjfFaf.epoch", "1404749323"); user_pref("extensions.hXjfFaf.url", "http://terminalukusaa.us/sync2/?q=hfZ9ofq7B75MCyVUojr6qGhTB6lKDzt4oktxtNtVh7n0rjnEqHa9rjgHrTr6tMFHhd9Fqda6rdgFqTa ---- Lines extensions.i9DLi removed from prefs.js ---- user_pref("extensions.i9DLi.epoch", "1404749321"); user_pref("extensions.i9DLi.url", "http://syncjpi.info/sync2/?q=hfZ9ofV9CShEAen0rHC6tMqLDe49CNU0nUkMCMlNhd9Fqda6rdnFqTrHrdYMBzqUojw9rdCEqTw7rdC8qSh7hf ---- FireFox user.js and prefs.js backups ---- prefs_07-07-2014_0810_.backup ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_07-07-2014_0810_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F89494BF-C177-BEBD-1F2F-2702704E3625}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\save on deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\uaoi.7iiee@uiuaiuiz.org deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\ufadrzow@o-uueslg.net deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\icr-eia@iouyoquki.com deleted C:\Program Files\Optimizer Pro deleted C:\ProgramData\MySearch deleted C:\Program Files\MySearch deleted C:\Program Files\SearchProtect deleted C:\Program Files\SO_Booster deleted C:\ProgramData\save on deleted C:\ProgramData\f4136af2338da4c5 deleted C:\ProgramData\InstallMate deleted C:\Users\HP\AppData\LocalLow\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted C:\Users\HP\AppData\Roaming\temp.ini deleted C:\PROGRA~2\Package Cache deleted C:\Users\HP\AppData\Local\SearchProtect deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\HP\Searches deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\searchplugins\WebSearch.xml deleted C:\Users\HP\Downloads\DE-OpenBlackHole PralineSIM1.0 SSL69-dm800 CrossEPG DynDNS Cron DEBHGUI-YellowAudioButtonFix.exe deleted "C:\Windows\tasks\SO_Booster-S-5194249478.job" deleted "C:\Windows\Installer\25262d.msi" deleted "c:\programdata\teddy app\SO_Booster\SO_Booster.exe" deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons\Res.dll" deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe" deleted "C:\ProgramData\Teddy App\SO_Booster\SO_Booster.exe" deleted "C:\PROGRA~2\Teddy App\SO_Booster\SO_Booster.exe" deleted "c:\programdata\teddy app\SO_Booster" not deleted "C:\ProgramData\Teddy App" not deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons" deleted "C:\PROGRA~2\Teddy App" not deleted "C:\ProgramData\Teddy App\SO_Booster" not deleted "C:\PROGRA~2\Teddy App\SO_Booster" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\HP\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-06-11 16:02:11 DEE7EDA5AAA96C4C68A1F098F5145799 187840 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-11 16:02:11 5579DD18546999F5D0EC39D018726C6B 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-06 17:57:03 -------- d-----w- C:\Program Files\Speccy 2014-07-04 16:33:42 -------- d-----w- C:\Program Files\Adblocker 2014-06-30 16:12:11 -------- d-----w- C:\Program Files\DogSettings ======= C: ===== ====== C:\Users\HP\AppData\Roaming ====== 2014-07-04 16:38:13 -------- d-----w- C:\Users\HP\AppData\Locallow\{A4856BF0-C338-D2A5-9EE2-1F76FBE2B4F7} 2014-07-04 16:33:42 -------- d-----w- C:\Users\HP\AppData\Locallow\{1EB61A8F-8C37-6C57-50C6-C2A3752666C1} 2014-07-04 16:33:15 -------- d-----w- C:\Users\HP\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\HP\AppData\Local\Torch 2014-07-04 16:33:14 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-04 16:33:14 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-04 16:33:13 -------- d-----w- C:\Users\Gast\AppData\Local\Torch 2014-07-04 16:33:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-07-04 16:33:12 -------- d-----w- C:\Users\HP\AppData\Local\Comodo 2014-07-04 16:33:12 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-04 16:33:12 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-07-04 16:33:11 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-07-04 16:33:10 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-04 16:33:10 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-07-04 16:33:10 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-06-20 20:26:58 -------- d-----w- C:\Users\HP\AppData\Local\Adobe ====== C:\Users\HP ====== 2014-07-06 18:18:09 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2014-07-06 17:54:24 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe 2014-07-04 16:34:51 -------- d-----w- C:\ProgramData\Teddy App 2014-07-04 16:33:43 -------- d-----w- C:\ProgramData\Adblocker 2014-07-04 16:33:17 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-07-04 16:33:10 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-07-04 16:33:10 -------- d-----w- C:\Users\Gast\AppData 2014-07-04 16:33:10 -------- d-----w- C:\Users\Administrator\AppData 2014-07-02 16:53:47 3EC89C2DF6E89B0134EAC5FCB9C52101 213 ----a-w- C:\Users\HP\cline verandering.txt 2014-07-02 16:29:31 4162C80671E3D0F59BD93F5B23C49334 282 ----a-w- C:\Users\HP\cline.txt 2014-06-30 17:17:43 B30CD9E79C6081BA6B991F3C84F24B47 895120 ----a-w- C:\Users\HP\Downloads\ChromeSetup.exe 2014-06-30 16:12:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DogSettings 2014-06-30 15:03:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-06-30 14:58:52 F40C0618558059E63037D2DDEE8BB4ED 265752 ----a-w- C:\Users\HP\Downloads\Ninite Picasa Installer.exe ====== C: exe-files == 2014-07-06 18:18:09 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2014-07-06 17:54:24 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe 2014-06-30 17:17:43 B30CD9E79C6081BA6B991F3C84F24B47 895120 ----a-w- C:\Users\HP\Downloads\ChromeSetup.exe 2014-06-30 16:12:12 B22A7E588CAFF1D9057F96057976BE6D 178688 ----a-w- C:\Program Files\DogSettings\AutoUpdate.exe 2014-06-30 16:12:11 B82083BD10AFB1B7756F8B0BF3B93AC0 715038 ----a-w- C:\Program Files\DogSettings\unins000.exe 2014-06-30 16:12:11 043E73C46754DAAAF8D9C5FCAB155D35 2430976 ----a-w- C:\Program Files\DogSettings\DogSettings.exe 2014-06-30 15:04:01 2294324CC84BA6D4CE08355580723189 17312072 ---ha-w- C:\Program Files\Google\Picasa3\setup.exe 2014-06-30 15:03:45 FE5B5370AB6EA4C046331993C771B275 171378 ----a-w- C:\Program Files\Google\Picasa3\Uninstall.exe 2014-06-30 15:02:54 C1B577B2169900F4CF7190C39F085794 136120 ----a-w- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 2014-06-30 14:58:52 F40C0618558059E63037D2DDEE8BB4ED 265752 ----a-w- C:\Users\HP\Downloads\Ninite Picasa Installer.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "se"="C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe /minimized " [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "se"="C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe /minimized " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AS2014"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-06-2014 14:31] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [18-06-2014 09:51] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default - Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default 738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash B5269A90EB2C747C4802E2FE0527C5D2 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46] MySearch - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Vertalen.nu - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj Win by Browsing - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc Google Wallet - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda MySearch - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc ==== Chrome Fix ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.fastsearchings.info_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.fastsearchings.info_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajgdplefgmappfailfncnidngmdcdomd_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajgdplefgmappfailfncnidngmdcdomd_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idfnpgjblkahngbondojabhffkkdekbd_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idfnpgjblkahngbondojabhffkkdekbd_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.gboxapp.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.gboxapp.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1d30935c-1960-4183-86b4-8e7666e9d99d deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\9anhn392.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=495 folders=194 97983263 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\HP\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\HP\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "c:\programdata\teddy app\SO_Booster" not found "C:\ProgramData\Teddy App" not found "C:\PROGRA~2\Teddy App" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not found ==== EOF on ma 07-07-2014 at 8:34:07.02 ====================== ==== After Reboot ====================== ==== EOF on ma 07-07-2014 at 8:48:54.22 ====================== of is het dit. ben maar een leek op pc gebied.
- 7 juli 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by HP on ma 07-07-2014 at 7:21:17.99. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\HP\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7-7-2014 7:30:03 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully HKEY_CLASSES_ROOT\CLSID\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.defaulturl", "http://websearch.fastsearchings.info/?pid=377&r=2014/07/04&hid=15782698513346681117&lg=EN&cc=BE&unqvl=56&l=1&q user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.fastsearchings.info/?pid=377&r=2014/07/04&hid=15782698513346681117&lg=EN&cc=BE&unqvl=56&l=1&q="); ---- Lines trovi removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.trovi.com/?gd=&ctid=CT3324756&octid=EB_ORIGINAL_CTID&ISID=M9F30BB9F-591B-442D-A773-F8DC17489141&SearchSour user_pref("browser.search.defaultenginename", "Trovi search"); user_pref("browser.search.selectedEngine", "Trovi search"); ---- Lines a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221398837702%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1398837702); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.expir user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.e user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.v user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.ex user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.va user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "77"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Tue user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.expiration user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.value", "% user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration" user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1399962354604"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1399962353753"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "http://js.clientstaticserv.com/plu user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 53); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 77); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "141cb805be5d2d0f5d16f004b8c7b326"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.FilesValidatorDueTime", "1399962400330"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1398838526); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 30); ---- Lines extensions.Kg1KnH55Cti removed from prefs.js ---- user_pref("extensions.Kg1KnH55Cti.epoch", "1404749322"); user_pref("extensions.Kg1KnH55Cti.url", "http://centergoodfind.info/sync2/?q=hfZ9ofDSBShEAen0rHC6tMqLDe49CNU0nUkMCMlNhd9Fqda6rdnFqTr6rHaMBzqUojw9rdCEq ---- Lines extensions.hXjfFaf removed from prefs.js ---- user_pref("extensions.hXjfFaf.epoch", "1404749323"); user_pref("extensions.hXjfFaf.url", "http://terminalukusaa.us/sync2/?q=hfZ9ofq7B75MCyVUojr6qGhTB6lKDzt4oktxtNtVh7n0rjnEqHa9rjgHrTr6tMFHhd9Fqda6rdgFqTa ---- Lines extensions.i9DLi removed from prefs.js ---- user_pref("extensions.i9DLi.epoch", "1404749321"); user_pref("extensions.i9DLi.url", "http://syncjpi.info/sync2/?q=hfZ9ofV9CShEAen0rHC6tMqLDe49CNU0nUkMCMlNhd9Fqda6rdnFqTrHrdYMBzqUojw9rdCEqTw7rdC8qSh7hf ---- FireFox user.js and prefs.js backups ---- prefs_07-07-2014_0810_.backup ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_07-07-2014_0810_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F89494BF-C177-BEBD-1F2F-2702704E3625}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\save on deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\uaoi.7iiee@uiuaiuiz.org deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\ufadrzow@o-uueslg.net deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\icr-eia@iouyoquki.com deleted C:\Program Files\Optimizer Pro deleted C:\ProgramData\MySearch deleted C:\Program Files\MySearch deleted C:\Program Files\SearchProtect deleted C:\Program Files\SO_Booster deleted C:\ProgramData\save on deleted C:\ProgramData\f4136af2338da4c5 deleted C:\ProgramData\InstallMate deleted C:\Users\HP\AppData\LocalLow\{F89494BF-C177-BEBD-1F2F-2702704E3625} deleted C:\Users\HP\AppData\Roaming\temp.ini deleted C:\PROGRA~2\Package Cache deleted C:\Users\HP\AppData\Local\SearchProtect deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\HP\Searches deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\searchplugins\WebSearch.xml deleted C:\Users\HP\Downloads\DE-OpenBlackHole PralineSIM1.0 SSL69-dm800 CrossEPG DynDNS Cron DEBHGUI-YellowAudioButtonFix.exe deleted "C:\Windows\tasks\SO_Booster-S-5194249478.job" deleted "C:\Windows\Installer\25262d.msi" deleted "c:\programdata\teddy app\SO_Booster\SO_Booster.exe" deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons\Res.dll" deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe" deleted "C:\ProgramData\Teddy App\SO_Booster\SO_Booster.exe" deleted "C:\PROGRA~2\Teddy App\SO_Booster\SO_Booster.exe" deleted "c:\programdata\teddy app\SO_Booster" not deleted "C:\ProgramData\Teddy App" not deleted "C:\Users\HP\AppData\Roaming\SkypEmoticons" deleted "C:\PROGRA~2\Teddy App" not deleted "C:\ProgramData\Teddy App\SO_Booster" not deleted "C:\PROGRA~2\Teddy App\SO_Booster" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\HP\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-06-11 16:02:11 DEE7EDA5AAA96C4C68A1F098F5145799 187840 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-11 16:02:11 5579DD18546999F5D0EC39D018726C6B 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-06 17:57:03 -------- d-----w- C:\Program Files\Speccy 2014-07-04 16:33:42 -------- d-----w- C:\Program Files\Adblocker 2014-06-30 16:12:11 -------- d-----w- C:\Program Files\DogSettings ======= C: ===== ====== C:\Users\HP\AppData\Roaming ====== 2014-07-04 16:38:13 -------- d-----w- C:\Users\HP\AppData\Locallow\{A4856BF0-C338-D2A5-9EE2-1F76FBE2B4F7} 2014-07-04 16:33:42 -------- d-----w- C:\Users\HP\AppData\Locallow\{1EB61A8F-8C37-6C57-50C6-C2A3752666C1} 2014-07-04 16:33:15 -------- d-----w- C:\Users\HP\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\HP\AppData\Local\Torch 2014-07-04 16:33:14 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-04 16:33:14 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-04 16:33:14 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-04 16:33:13 -------- d-----w- C:\Users\Gast\AppData\Local\Torch 2014-07-04 16:33:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-07-04 16:33:12 -------- d-----w- C:\Users\HP\AppData\Local\Comodo 2014-07-04 16:33:12 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-04 16:33:12 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-07-04 16:33:11 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-07-04 16:33:10 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-04 16:33:10 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-07-04 16:33:10 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-06-20 20:26:58 -------- d-----w- C:\Users\HP\AppData\Local\Adobe ====== C:\Users\HP ====== 2014-07-06 18:18:09 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2014-07-06 17:54:24 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe 2014-07-04 16:34:51 -------- d-----w- C:\ProgramData\Teddy App 2014-07-04 16:33:43 -------- d-----w- C:\ProgramData\Adblocker 2014-07-04 16:33:17 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-07-04 16:33:10 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-07-04 16:33:10 -------- d-----w- C:\Users\Gast\AppData 2014-07-04 16:33:10 -------- d-----w- C:\Users\Administrator\AppData 2014-07-02 16:53:47 3EC89C2DF6E89B0134EAC5FCB9C52101 213 ----a-w- C:\Users\HP\cline verandering.txt 2014-07-02 16:29:31 4162C80671E3D0F59BD93F5B23C49334 282 ----a-w- C:\Users\HP\cline.txt 2014-06-30 17:17:43 B30CD9E79C6081BA6B991F3C84F24B47 895120 ----a-w- C:\Users\HP\Downloads\ChromeSetup.exe 2014-06-30 16:12:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DogSettings 2014-06-30 15:03:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-06-30 14:58:52 F40C0618558059E63037D2DDEE8BB4ED 265752 ----a-w- C:\Users\HP\Downloads\Ninite Picasa Installer.exe ====== C: exe-files == 2014-07-06 18:18:09 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2014-07-06 17:54:24 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe 2014-06-30 17:17:43 B30CD9E79C6081BA6B991F3C84F24B47 895120 ----a-w- C:\Users\HP\Downloads\ChromeSetup.exe 2014-06-30 16:12:12 B22A7E588CAFF1D9057F96057976BE6D 178688 ----a-w- C:\Program Files\DogSettings\AutoUpdate.exe 2014-06-30 16:12:11 B82083BD10AFB1B7756F8B0BF3B93AC0 715038 ----a-w- C:\Program Files\DogSettings\unins000.exe 2014-06-30 16:12:11 043E73C46754DAAAF8D9C5FCAB155D35 2430976 ----a-w- C:\Program Files\DogSettings\DogSettings.exe 2014-06-30 15:04:01 2294324CC84BA6D4CE08355580723189 17312072 ---ha-w- C:\Program Files\Google\Picasa3\setup.exe 2014-06-30 15:03:45 FE5B5370AB6EA4C046331993C771B275 171378 ----a-w- C:\Program Files\Google\Picasa3\Uninstall.exe 2014-06-30 15:02:54 C1B577B2169900F4CF7190C39F085794 136120 ----a-w- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 2014-06-30 14:58:52 F40C0618558059E63037D2DDEE8BB4ED 265752 ----a-w- C:\Users\HP\Downloads\Ninite Picasa Installer.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "se"="C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe /minimized " [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "se"="C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe /minimized " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AS2014"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-06-2014 14:31] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [18-06-2014 09:51] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default - Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default 738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash B5269A90EB2C747C4802E2FE0527C5D2 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46] MySearch - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Administrator\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - Gast\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - Gast\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - Gast\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Vertalen.nu - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj Win by Browsing - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc Google Wallet - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda MySearch - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc MySearch - HP\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd Win by Browsing - HP\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd save on - HP\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc ==== Chrome Fix ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.fastsearchings.info_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.fastsearchings.info_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\ajgdplefgmappfailfncnidngmdcdomd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajgdplefgmappfailfncnidngmdcdomd_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajgdplefgmappfailfncnidngmdcdomd_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idfnpgjblkahngbondojabhffkkdekbd_0.localstorage deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idfnpgjblkahngbondojabhffkkdekbd_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully C:\Users\HP\AppData\Local\Torch\User Data\Default\Extensions\ldefbknceohohkaphanmboancelakfpc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.gboxapp.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.gboxapp.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1d30935c-1960-4183-86b4-8e7666e9d99d deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\9anhn392.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=495 folders=194 97983263 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\HP\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\HP\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "c:\programdata\teddy app\SO_Booster" not found "C:\ProgramData\Teddy App" not found "C:\PROGRA~2\Teddy App" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not found ==== EOF on ma 07-07-2014 at 8:34:07.02 ====================== is dit het bestand dat je moet hebben.heb malwarebytes verwijderd,is die virusscanner van microsoft essentials genoeg.
- 7 juli 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

Logfile of random's system information tool 1.10 (written by random/random) Run by HP at 2014-07-06 20:19:27 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 112 GB (74%) free of 153 GB Total RAM: 1015 MB (31% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:19:53, on 6-7-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Garmin\Express Tray\ExpressTray.exe C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Users\HP\Downloads\RSIT.exe C:\Program Files\trend micro\HP.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: save on - {F89494BF-C177-BEBD-1F2F-2702704E3625} - C:\Program Files\save on\tTsssnT.dll O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [se] "C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe" /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~1\so_boo~1\assist~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 6706 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\SO_Booster-S-5194249478.job - c:\programdata\teddy app\so_booster\SO_Booster.exe /schedule /profile "c:\programdata\teddy app\so_booster\5194249478.ini" =========Mozilla firefox========= ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default prefs.js - "browser.search.useDBForOrder" - "false" prefs.js - "browser.startup.homepage" - "www.google.be" prefs.js - "keyword.URL" - "http://websearch.fastsearchings.info/?pid=377&r=2014/07/04&hid=15782698513346681117&lg=EN&cc=BE&unqvl=56&l=1&q=" "belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.125 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\ donottrackplus@abine.com icr-eia@iouyoquki.com uaoi.7iiee@uiuaiuiz.org ufadrzow@o-uueslg.net C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\searchplugins\ WebSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-25 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-25 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F89494BF-C177-BEBD-1F2F-2702704E3625}] save on - C:\Program Files\save on\tTsssnT.dll [2014-07-04 423936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-06-09 122200] "se"=C:\Users\HP\AppData\Roaming\SkypEmoticons\SE.exe [2014-07-04 5679008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-06-09 122200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~1\so_boo~1\assist~1.dll" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "EnableVirtualization"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.I420"=lvcodec2.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "MSVideo"=vfwwdm32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-06 20:19:27 ----D---- C:\rsit 2014-07-06 19:57:03 ----D---- C:\Program Files\Speccy 2014-07-04 18:41:16 ----A---- C:\Users\HP\AppData\Roaming\LiveSupport.exe_log.txt 2014-07-04 18:41:15 ----A---- C:\Users\HP\AppData\Roaming\regsvr32.exe_log.txt 2014-07-04 18:39:19 ----D---- C:\Users\HP\AppData\Roaming\SkypEmoticons 2014-07-04 18:39:00 ----D---- C:\Program Files\Optimizer Pro 2014-07-04 18:38:14 ----D---- C:\ProgramData\MySearch 2014-07-04 18:38:12 ----D---- C:\Program Files\MySearch 2014-07-04 18:36:28 ----D---- C:\Program Files\SearchProtect 2014-07-04 18:34:51 ----D---- C:\ProgramData\Teddy App 2014-07-04 18:34:37 ----D---- C:\Program Files\SO_Booster 2014-07-04 18:33:43 ----D---- C:\ProgramData\Adblocker 2014-07-04 18:33:42 ----D---- C:\Program Files\Adblocker 2014-07-04 18:33:28 ----D---- C:\ProgramData\save on 2014-07-04 18:33:26 ----D---- C:\Program Files\save on 2014-07-04 18:33:16 ----D---- C:\ProgramData\f4136af2338da4c5 2014-07-04 18:32:09 ----D---- C:\ProgramData\InstallMate 2014-06-30 18:12:11 ----D---- C:\Program Files\DogSettings 2014-06-19 06:19:43 ----A---- C:\Users\HP\AppData\Roaming\temp.ini 2014-06-18 09:51:23 ----D---- C:\Program Files\Mozilla Firefox 2014-06-12 06:25:35 ----D---- C:\ProgramData\Package Cache 2014-06-11 18:03:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 18:03:12 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-06-11 18:03:12 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-06-11 18:03:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 18:03:09 ----A---- C:\Windows\system32\urlmon.dll 2014-06-11 18:03:08 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-11 18:03:08 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-11 18:03:08 ----A---- C:\Windows\system32\iernonce.dll 2014-06-11 18:03:07 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-11 18:03:07 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-11 18:03:05 ----A---- C:\Windows\system32\msrating.dll 2014-06-11 18:03:04 ----A---- C:\Windows\system32\iesetup.dll 2014-06-11 18:03:04 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-11 18:03:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 18:03:02 ----A---- C:\Windows\system32\wininet.dll 2014-06-11 18:03:02 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-11 18:03:00 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-11 18:02:59 ----A---- C:\Windows\system32\ieui.dll 2014-06-11 18:02:58 ----A---- C:\Windows\system32\ieframe.dll 2014-06-11 18:02:55 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-06-11 18:02:55 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-11 18:02:54 ----A---- C:\Windows\system32\iertutil.dll 2014-06-11 18:02:52 ----A---- C:\Windows\system32\jscript9diag.dll 2014-06-11 18:02:50 ----A---- C:\Windows\system32\mshtml.dll 2014-06-11 18:02:49 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 18:02:48 ----A---- C:\Windows\system32\jscript9.dll 2014-06-11 18:02:28 ----A---- C:\Windows\system32\msxml6.dll 2014-06-11 18:02:27 ----A---- C:\Windows\system32\msxml6r.dll 2014-06-11 18:02:27 ----A---- C:\Windows\system32\msxml3r.dll 2014-06-11 18:02:27 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 18:02:11 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-11 18:02:11 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-11 18:02:08 ----A---- C:\Windows\system32\aepdu.dll 2014-06-11 18:02:07 ----A---- C:\Windows\system32\aeinv.dll 2014-06-11 18:01:22 ----A---- C:\Windows\system32\usp10.dll 2014-06-11 14:36:54 ----D---- C:\Program Files\McAfee Security Scan 2014-06-11 14:34:13 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-06-11 14:34:13 ----A---- C:\Windows\system32\rdpcorets.dll 2014-06-11 14:32:04 ----D---- C:\ProgramData\McAfee Security Scan 2014-06-07 11:50:13 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-06-07 11:50:13 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-06-07 11:50:13 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-06-07 11:50:10 ----D---- C:\Program Files\Malwarebytes Anti-Malware ======List of files/folders modified in the last 1 month====== 2014-07-06 20:19:39 ----D---- C:\Program Files\trend micro 2014-07-06 20:19:22 ----D---- C:\Windows\Prefetch 2014-07-06 20:01:54 ----D---- C:\Windows\Temp 2014-07-06 19:57:03 ----RD---- C:\Program Files 2014-07-06 15:18:32 ----D---- C:\Windows\system32\config 2014-07-06 12:47:54 ----D---- C:\Windows\inf 2014-07-06 12:46:23 ----D---- C:\Windows 2014-07-05 20:21:33 ----SHD---- C:\System Volume Information 2014-07-04 18:38:14 ----HD---- C:\ProgramData 2014-07-04 18:34:53 ----D---- C:\Windows\Tasks 2014-07-04 18:34:53 ----D---- C:\Windows\system32\Tasks 2014-07-04 18:33:15 ----D---- C:\Program Files\Google 2014-07-04 18:33:10 ----RD---- C:\Users 2014-07-02 19:00:49 ----D---- C:\Users\HP\AppData\Roaming\Skype 2014-06-30 19:27:56 ----D---- C:\Windows\debug 2014-06-30 18:49:20 ----D---- C:\Windows\System32 2014-06-30 18:49:20 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-28 21:24:49 ----D---- C:\Windows\system32\catroot2 2014-06-26 08:03:08 ----SHD---- C:\Windows\Installer 2014-06-26 08:03:08 ----SHD---- C:\Config.Msi 2014-06-18 15:00:16 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-06-12 06:27:18 ----D---- C:\ProgramData\Garmin 2014-06-12 06:26:54 ----D---- C:\Program Files\Garmin 2014-06-11 20:51:00 ----D---- C:\Windows\rescache 2014-06-11 20:14:16 ----D---- C:\Windows\winsxs 2014-06-11 20:10:51 ----D---- C:\Windows\system32\en-US 2014-06-11 20:10:49 ----D---- C:\Program Files\Internet Explorer 2014-06-11 20:10:47 ----SD---- C:\Windows\system32\CompatTel 2014-06-11 20:10:47 ----D---- C:\Windows\system32\drivers 2014-06-11 20:10:43 ----D---- C:\Windows\system32\DriverStore 2014-06-11 16:09:29 ----D---- C:\ProgramData\Microsoft Help 2014-06-11 16:06:40 ----D---- C:\Windows\system32\MRT 2014-06-11 16:03:36 ----A---- C:\Windows\system32\MRT.exe 2014-06-11 14:35:00 ----D---- C:\Windows\system32\catroot 2014-06-11 14:31:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-06-07 12:22:41 ----D---- C:\Windows\Resources ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-11-25 149272] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-25 120600] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2013-09-26 47928] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-25 210712] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-01-19 22808] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-11-01 176952] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 MpKsl83f7cef1;MpKsl83f7cef1; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F0EA0654-1DD5-4E9E-A5C4-CEB8763DBB2F}\MpKsl83f7cef1.sys [2014-07-06 39464] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 E100B;Intel® PRO-adapterstuurprogramma; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-14 159232] R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28u.sys [2012-04-17 1317952] R3 smwdm;smwdm; C:\Windows\system32\drivers\smwdm.sys [2005-03-28 220992] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 cxbu0wdm;OMNIKEY 1021; C:\Windows\system32\DRIVERS\cxbu0wdm.sys [2013-03-22 126592] S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2005-01-31 22016] S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\Windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 3f17c95f;SO_Sustainer; c:\progra~1\so_boo~1\AssistantSvc.dll [2014-07-04 174928] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992] R2 CltMngSvc;Search Protect Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-06-26 2832704] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-06-09 435032] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-02-06 2151744] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11 262320] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 108032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-16 1343400] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
- 6 juli 2014
- 11 antwoorden
trage pc

umivik plaatste een topic in Archief Windows Algemeen

hey mijn pc is traag. ook met pijltjes toetsen voor bv vorige,moet ik soms enkele malen klikken ,eer ik blz. terug ga.
- 6 juli 2014
- 1 antwoord
trage pc

umivik plaatste een topic in Archief Bestrijding malware & virussen

mijn pc start ook traag op ,maar ook als ik met pijltjes naar vorige wil gaan,moet ik dikwijls meerdere malen klikken. ook krijg ik vervelende reclame wanneer ik surf.heb enkele chinese sites bezocht,kan daar aan liggen. kunnen jullie mij helpen
- 6 juli 2014
- 11 antwoorden
skype

umivik plaatste een topic in Archief Andere software

hallo wanneer ik telefoneer met skype kan ik wel die gebeld word horen maar mijn eigen stem word niet gehoord,dus ik doe een test gesprek,ik hoor de vrouw in kwestie,maar wanneer ik bericht moet inspreken word niet gehoord. kunnen jullie mij helpen
- 19 mei 2014
- 2 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

op het eerste gezicht lijkt alles beter te gaan. heb vandaag geen tijd om pc te testen,in ieder geval hartelijk bedankt .IK heb nu ccleaner om op te kuisen maar is het beter de adw cleaner te gebruiken. heb nog wel een vraagje en is:wanneer ik bij skype ,de test service bel, hoor ik wel de stem van skype maar mijn eigen stem hoor ik niet en ook niet die,gebeld word,hoort mijn stem niet. mvg
- 18 mei 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

na scannen,verwijderen,en terug opstarten kreeg ik volgend vensterAdwCleaner[S0].txt
- 17 mei 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

is dit het,ik weet het niet meer zoek-results.log
- 17 mei 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

hoop dat ik het goed heb gedaan o zoek-results.log
- 17 mei 2014
- 11 antwoorden
trage pc

umivik reageerde op umivik's topic in Archief Bestrijding malware & virussen

ik weet niet juist wat u bedoeld maar ik hoop dat je er wat aan hebt. log.txt
- 17 mei 2014
- 11 antwoorden
trage pc

umivik plaatste een topic in Archief Bestrijding malware & virussen

hallo ik heb tegenwoordig trage pc,zowel bij opstarten en ééns hij opgestart is. ccleaner laten scannen. malware bytes laten scannen ,slechts 1 beestje gescand. ook nog microsoft essentials laten scannen,geen fout. dan via internet advanced system optimyzer laten scannen en komt uit bij honderden fouten,maar als het zover is moet je betalen. wie kan mij helpen,en wat moet ik geloven van die laatste scan met adv syst optim ben geen crack in pc he dank u
- 17 mei 2014
- 11 antwoorden

Inloggen

umivik

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door umivik

trage laptop

trage laptop

trage laptop

trage laptop

trage laptop

trage laptop

pc naam

trage pc

trage pc

trage pc

trage pc

trage pc

trage pc

trage pc

skype

trage pc

trage pc

trage pc

trage pc

trage pc

trage pc

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie